"Investing in the right teamand supporting organization structure with business stakeholders to manage incidents will help align the DLP solution with the overall information security strategy"
Building an effective DLP programme
Data Leakage prevention is similar to the ‘state of utopia’ or Moksha for a couple of reasons
1) Very few, if at all will get there in spirit
2) Getting there is a journey, and the path is definitely not easy
3) Small and continuous improvements will show the path
4) You need to have a connect with ‘good’ people along the way
Needless to say, DLP is not a point solution, it’s a sum of parts and the trick lies in our ability to ensure that we stack these parts in the correct order. The implementation of parts such as end point security, web security, email security, training and awareness, perimeter security etc. will depend upon the business priority as well as the organizational maturity.
Colloquially, DLP solution or the DLP tool refers to the ability for organizations to monitor their data while on the move or at rest. Today, one does not need to ‘sell’ this solution to the business, they are already sold on it, because every other day they hear of various data breach incidents and are truly looking for any help that they can get to cover the risks. However, it’s the responsibility of the CISO to see if the organization is ready to reap the complete benefits of the solution. Clarity of pre-requisites like data classification schemes, organization structure to manage incidents, trainings to end users and policies for disciplinary actions in mind are pivotal to the success of the solution.
Organizations while deploying usually see a lot of low lying fruits (non-compliance) which get highlighted immediately and help generate the right buzz in the organization. This leads to risk reduction on other areas such as secure data transmission to third parties. On the other hand, it helps business identify and remediate any exceptions to the processes of data transfers.
The ability for businesses to continual value in the process will define the success of the solution. Today all business stakeholders do realize the value and want to be a part of the process. Involvement with dashboards reflecting the trends of various business units and defined policy reviews help businesses maintain ownership of the DLP journey.
False positives in any of the solutions usually have a negative connotation; however, in the DLP solution, it has a positive side to the false positives as it ensures that the message is spreading to end users.
Lastly, the solution is as good as the people running it. Investing in the right team and supporting organization structure with business stakeholders to manage incidents will help align the DLP solution with the overall information security strategy.