risk management For our customers worldwide, a DLP system is one of the tools for managing corporate security risks. Bas on this concept, the task of a DLP solution is to ruce business risks associat with leaks of restrict data. On the other hand, many organizations directly indicate the ne to limit the total cost of ownership (TCO) of the DLP solutions us.
Organizations define several key criteria that are then us to develop key functional criteria for DLP solutions.
Using risk management as a paradigm for selecting risk management
A technical solution involves the formation of several key business-level criteria, which are then us to develop the basic functional requirements for DLP systems.
For Smart Line client organizations, the key business criteria for selecting DLP are bas on the following provisions:
· In order to minimize possible data telegram data leaks, a DLP solution must first and foremost ensure the neutralization of the most dangerous vectors of information leakage threats .
· The negative impact of threats must
Be mitigat in addition to neutralizing key threats by monitoring and controlling all major information leakage channels in all scenarios afb directory associat with this threat vector.
· For each protect channel, preventive control should be as complete, effective and reliable as possible . Completeness of control directly depends on whether all possible variants of data leakage mechanisms for this channel are under control , or only some of them. The effectiveness of DLP solutions is determin by their performance. Finally, reliability in the context of DLP means protection from user interference in the solution’s operation — i.e. protection from intentional or accidental user actions aim at stopping the normal operation of the DLP system or changing the control policies set by the information security service.
Since it is impossible to completely
Avoid data leakage incidents in principle, the incidents detect should be analyz to identify the perpetrators, and the circumstances and factors of occurrence should be taken into account to develop appropriate what is most important for dlp countermeasures in the future. Equally important is the analysis of prevent attempts to commit illegal actions with corporate data. The ability to facilitate and automate these processes is another key factor for a DLP solution.