September 28, 2021

Deploying True Data Loss Prevention

Kevin Oliveira

Every company has proprietary information that is crucial to protect, but many IT security teams we talk to tend to have horror stories from implementing their data loss prevention (DLP) program. Some of the more common ones include It’s time consuming, onerous and complex compliance requirements, and lack of resources or planning. Those complaints often leave practitioners and their leaders with poor experiences and a gaggle of implementation problems.

The best way to both address the security risks and to succeed at DLP is by implementing a holistic program for data security. But it doesn’t have to be a daunting task. A risk-adaptive approach to DLP safeguards data without slowing productivity by tailoring security to an individual, based on the context of behavior every step of the way. When data leaks or breaches occur, it is often due to the actions of people working with the data, apps or systems.

Using our “The Practical Executive's Guide to Data Loss Prevention,” as a blueprint, you can implement a data security program in five straightforward phases, laid out below.

  • Phase 1: Build an Information Risk Profile
  • Phase 2: Map an Impact Severity and Response Chart
  • Phase 3: Pilot the Monitoring Program
  • Phase 4: Move to Proactive Protection
  • Phase 5: Track the Results of Risk Reduction

You can also easily extend the foundational program with risk-adaptive techniques that strengthen corporate security with automated enforcement and incident response based on the risky behavior of users.

In order to develop an individualized, risk-adaptive approach, it is important to first build a “risk profile” by identifying potential threats and grouping them by the corresponding data that would be impacted. By pinpointing groups of risk, it is easier to implement the appropriate internal response where it will be most effective in preventing crucial data loss.

Placing risks on a scale of severity allows for a tailored, but simple approach for each potential data breach. For example, a lower priority risk should trigger an automated response, freeing up well-trained personnel to focus on higher risk items.

After identifying risks and scaling them to the level of importance, developing a monitoring program can identify patterns of activity in normal user behavior. The benefits of this program are twofold: first, it will make it easier to get buy-in from executives by showing a detailed report for the importance and impact of the new plan. Second, it will help build confidence among team members who are tasked with monitoring and responding to risk by providing a well-thought-out and tailored training program. When assigning roles to team members, it is important to try to give new responsibilities to people based on what is comparable to their current roles and empower them with the tailored training program.

After identifying each potential risk and corresponding action, it is time to implement the plan and track the results. You can move to a more proactive protection posture by using emerging techniques to monitor for risky behavior and implementing automated incident response based on that risk. Each step is part of the formula for developing a risk-adaptive, zero trust approach to data loss prevention. To learn more, our whitepaper “The Practical Executive's Guide to Data Loss Prevention” lays out the best practices for an effective and efficient approach to data loss prevention.

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.

Kevin Oliveira

Kevin serves as Senior Product Marketing Manager for Forcepoint’s Data Security products and solutions.  He has over 20 years experience helping enterprises with their data and security initiatives with leadership positions at Dell EMC and IBM. 

Read more articles by Kevin Oliveira