ISSA-UK a professional association for IT security professionals, advises organisations to start a Data Leakage Prevention [DLP] project with a pilot in a small, self-contained, business area or function and to begin by detecting leaks only, rather than attempting to block them.
“Don't block anything until you know what you are dealing with and tune your policies based on that learning. Look for false negatives as well as false positives by creating lots of test scenarios, otherwise leakage of real sensitive data could occur,” said Adrian Wright, vice president of research for the group.
According to Nigel Stanley, CEO at security consultancy Incoming Thought, DLP has been sold as the answer to all a corporate’s problems when it came to data loss. But very quickly clients he worked with found it unwieldy and ineffective.
“Back in 2009 I suggested that DLP should be coupled with data encryption (DE) so that any gaps in a DLP solution should only see encrypted data going missing.
“Nowadays I see DE being the primary mechanism to prevent data loss instead of a DLP. But DE is problematic as while encrypting data is trivial, the key management can become a burden very quickly. In clients I work with, I see DE in 95% and DLP in around 5%,” he said.
Download our complete security survey results here.