Data loss prevention (DLP) is one of the cybersecurity industryâs oldest categories, but itâs still a bit of an enigma as many IT professionals have a hard time describing exactly what DLP does.
DLP sub-divides into two parallel streams: DLP technology, and DLP strategy. DLP technology is what most people think of when it comes to DLP solutions and while technology is an important part of preventative security, you canât truly achieve it without strategy. Enterprises are more apt to have an established DLP strategy simply because large enterprises tend to have a stronger security maturity, and the process, controls and in-house expertise that go along with it. Â
Small to midsize enterprises tend to focus on DLP technology first, as they generally face a lower security maturity ranking, restricted resources and less budget. As a result, they turn to on-premises software or cloud service providers that offer more âall-in-oneâ services, including DLP controls. However, resource-constrained IT teams in midsize enterprise usually donât have the time or expertise to manage software or service provider controls or worse â they assume the out-of-the-box configuration is the ideal configuration or that the service provider is managing it on their behalf. Â
I recently sat down with Anand Mohabir, Founder and CEO of cybersecurity solutions consulting firm Elteni, to talk about DLP trends in midsized enterprises.
â
James Mignacca (JM): Where does DLP market confusion stem from?
Anand Mohabir (AM): DLP is a blanket term thatâs broadly used to describe a variety of services and platforms â itâs kind of a catch-all. The traditional definition of a DLP solution is one that protects and prevents data from getting lost or stolen, but it doesnât always stop someone from taking data. DLP itself isnât a product or service; itâs an approach to prevent data loss. DLP strategy includes a number of things like policies and procedures, actions and technical components like tools and technology. A lot of companies believe theyâre âdoingâ DLP because they have a DLP tool or SaaS in place, but you canât have true DLP without having a defined strategy.
â
Related read: How to Avoid Data Loss From a Natural Disaster
â
JM: Is DLP accessible to SMB?
AM: Sure â lots of DLP tools are available to small and midsized enterprises, but unfortunately DLP strategy is harder to achieve. Enterprises tend to have greater security maturity and theyâve got more dollars and in-house expertise to throw at strategy. Small and midsized businesses struggle to find dedicated expertise and outsource the function of DLP to service providers or their cloud services assuming DLP will be covered. While teams get the licencing to implement DLP controls they donât end up using them because they donât have the expertise, appetite or knowledge of how the controls will function in their environments; itâs just too challenging.
â
JM: What operational or security gaps does that create?
AM: Itâs a big deal; for most companies, their primary goal is to protect intellectual property and personally identifiable information (PII). But by not using their tools to the fullest theyâre failing that objective. Thereâs a misconception when it comes to large cloud service providers too â teams assume that the provider is protecting their data, but they just offer the capability. The business has ownership of actually executing the controls.
â
JM: Where should small and midsized businesses start? Is DLP strategy achievable?
AM: DLP strategy is achievable on a sliding scale, but businesses need to start by thinking holistically and recognizing whatâs available to them in terms of capabilities, expertise and budget. Once they identify the problem theyâre solving for and what kinds of data theyâre trying to protect they can get a clearer picture of the data they have and create an inventory. It all comes down to getting a handle on your data. Understanding what data you have goes a long way to protecting it. Smaller businesses struggle with the inventory piece and being able to capture all data across the network and its endpoints; thatâs where a solution like Cavelo can help.
â
JM: Why should businesses invest in DLP strategy and technologies?
AM: At its core, DLP addresses many general areas of concern. It gives businesses of all sizes the visibility they need to support compliance requirements. From an auditing perspective, businesses need to show that theyâre complying with the policies theyâve written and that theyâre performing the actions required to keep data safe. A platform like Cavelo works within DLP strategy â it gives insight to where data lives on the network, its classification, the systems itâs used in, and who has access to it. Really, it helps answer a lot of questions and works in complement with other tools and technology at a defense level, and thatâs the prevention piece in DLP.
Learn more about the risks of DLP strategy and technology gaps.
