Protect - Respond - Analyze
One of the core areas to protect within a business is the data. Whether data belongs to the customer or the company, all information is classified under what is called a “data classification policy.” This policy allows management to determine the various data types present in an organization and what types of security controls are necessary to protect to prevent the risk of breach, theft, or fraud. Data can be classified as public, internal use only, confidential and secret, or proprietary. Any data falling under confidential or higher should be segmented or placed into areas which will make it extremely difficult for a hacker or a perpetrator to access it without proper credentials.
Data Loss Prevention (DLP)
Also referred to as Data Leakage Protection, is the strategy, software, tools, and processes that are developed to ensure that sensitive information is not lost, misused, shared, or circulated outside of a secure corporate network without proper detection and disclosure. Companies with robust DLP programs spend many years designing processes to protect data including encryption, quarantining through rulesets, and confirming access management controls are in place. It’s especially important to ensure that leadership has designed an effective Security Incident Event Monitoring (SIEM) process that identifies key security events are monitored, tracked, and investigated based on incidents detected during the course of the business day or after hours.
Data Protection Tools
As insider threats rise and state privacy laws become increasingly rigorous, more companies are investing in data loss prevention tools. These software products automate the classification and protection of confidential information to prevent unauthorized users from sharing data – either accidentally, intentionally, or maliciously – which could greatly harm an organization from a reputational standpoint. For example, consider the restrictions or lack of restrictions on public cloud storage services like Box, Dropbox, or Microsoft One Drive for employees attempting to share documents inside and outside of the organization. The risk of allowing personnel to move files is that there is no audit trail on the types of data sent externally or information around the external threats that can be introduced into the environment when a non-supported device touches internal production. Another example of a popular data loss prevention tool is software that monitors for potential threats appearing in emails containing potentially harmful links attached to viruses, malware, spyware, trojan horses, and ransomware.