information assets According to Violetta Krasova, Head of the DLP Department at the Information Security Center of Infosystems Jet, the key aspect of the effective operation of DLP systems and fine-tuning of their use policies is a set of measures for inventory and classification of data. Inventory allows you to determine, and classification – to identify the most valuable information that the company has, and focus primarily on protecting it.
After selecting samples of confidential information assets
Documents and setting up the operating rules, the system can be switch to monitoring mode to understand the topology of information flow fax lists within and outside the company and identify the channels us to transmit this or that type of information. And only after making sure that the system works correctly without blocking, you can begin setting up the blocking function.
Of course, the original purpose of DLP systems is precisely to prevent data leaks, insists Denis Deryugin, an information security specialist at the IPO department of OCS Distribution, despite the fact that many continue to use them only to detect leaks, subsequently investigate the causes and identify the culprits.
If until recently it was possible to block only
A small part of the channels, notes Ms. Krasova, now the implementation of the ability to prevent leaks on all controll channels can be consider one of the trends in the development of DLP.
Drawing attention to the afb directory necessity of the ability to block data transmission by a DLP system, Alexander Klevtsov, DLP development manager at InfoWatch, claims that modern DLP systems have “learn” to prevent incidents not at the moment when information leaves the controll perimeter, but at the stage of planning a leak by In our thematic review an intruder, when he shows signs of non-standard behavior: “DLP systems can cover information flows generat by personnel, and from a multitude of events, select only those that contain a potential threat.”