Network DLP capabilities can usually be undermined by a sophisticated threat actor through the use of data masking techniques such as encryption or compression. A next-generation firewall (NGFW) or intrusion detection system (IDS) are common examples of technology that can be leveraged to perform DLP capabilities on the network. Multiple security control points may report activity to be analyzed by a central management server. It analyzes network traffic to detect sensitive data that is being sent in violation of information security policies. Network (data in motion) technology is typically installed at network egress points near the perimeter. In order to classify certain information as sensitive, these use mechanisms, such as exact data matching, structured data fingerprinting, statistical methods, rule and regular expression matching, published lexicons, conceptual definitions, keywords and contextual information such as the source of the data. Inside attacks can be averted through antivirus scans that detect Trojan horses that send confidential information, and by the use of thin clients that operate in a client-server architecture with no personal or sensitive data stored on a client device.Īdvanced security measures employ machine learning and temporal reasoning algorithms to detect abnormal access to data (e.g., databases or information retrieval systems) or abnormal email exchange, honeypots for detecting authorized personnel with malicious intentions and activity-based verification (e.g., recognition of keystroke dynamics) and user activity monitoring for detecting abnormal data access.ĭesignated systems detect and prevent unauthorized attempts to copy or send sensitive data, intentionally or unintentionally, mainly by personnel who are authorized to access the sensitive information. The use of a firewall, for example, prevents the access of outsiders to the internal network and an intrusion detection system detects intrusion attempts by outsiders. Standard security measures, such as firewalls, intrusion detection systems (IDSs) and antivirus software, are commonly available products that guard computers against outsider and insider attacks. After that, some areas could have extra safeguards installed. Most DLP systems rely on predefined rules to identify and categorize sensitive information, which in turn helps system administrators zero in on vulnerable spots. Common DLP methods for spotting malicious or otherwise unwanted activity and responding to it mechanically are automatic detection and response. The technological means employed for dealing with data leakage incidents can be divided into categories: standard security measures, advanced/intelligent security measures, access control and encryption and designated DLP systems, although only the latter category are currently thought of as DLP today. Other terms associated with data leakage prevention are information leak detection and prevention (ILDP), information leak prevention (ILP), content monitoring and filtering (CMF), information protection and control (IPC) and extrusion prevention system (EPS), as opposed to intrusion prevention system. However, a data leak is possible without losing the data on the originating side. Data loss incidents turn into data leak incidents in cases where media containing sensitive information is lost and subsequently acquired by an unauthorized party. The terms " data loss" and " data leak" are related and are often used interchangeably. JSTOR ( July 2016) ( Learn how and when to remove this template message)ĭata loss prevention (DLP) software detects potential data breaches/data ex-filtration transmissions and prevents them by monitoring, detecting and blocking sensitive data while in use (endpoint actions), in motion ( network traffic), and at rest ( data storage).Unsourced material may be challenged and removed.įind sources: "Data loss prevention software" – news Please help improve this article by adding citations to reliable sources. This article needs additional citations for verification.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |