“DLP” is an acronym for “data loss prevention” or “data leak prevention,” a strategy and suite of technologies to help protect sensitive enterprise data from loss or theft. Though the terms are used somewhat interchangeably, a data leak can occur without loss of data, and a leak can cause serious financial, reputational, or regulatory damage to an organization.
DLP is part of a holistic information protection approach, along with firewalls, encryption, antivirus, IDS/IPS, and other security technologies. In combination, these tools allow enterprise security teams to monitor and manage data as it travels through or is stored within the network. DLP focuses on the location and classification of information, which can be enforced through a set of enterprise-defined policies. Most DLP products ship to the customer with pre-defined and fairly universal policies or rules that can be tuned to the enterprise’s needs. The rules help identify specific types of data, like social security or credit card numbers or HIPAA-complaint health data. DLP software can monitor and enforce policies, disallowing the specified data to leave the network. DLP technologies can be set to block emails or attachments that contain certain classifications of data or data accessed from particular files, folders, or other protected network locations, and alert on potential leaks or loss of data.
Get the DeMISTIfying InfoSec newsletter every Tuesday!