DLP is Essential; the Issue is “How”
Before we begin, I recommended reading Getting Ready For Data Loss Prevention (DLP). Go ahead, I’ll wait for you…
Back? OK, now let’s talk what comes after; the “How” to implement DLP part.
As a next step, and at the risk of blowing my own horn, consider watching the recording of a webcast I did on April 5 here. You’ll get recommendations on how to deal with issues that are often overlooked in DLP deployments as well as some critical “how to” advice. This I position as an antidote to the all-too-common and none-too-helpful “just do it” approach to DLP advice. Because, on the path to DLP success, there are two deadly pitfalls to watch out for:
The first is in understanding where to start your data protection strategy using DLP (and why). Where to start influences your program’s effectiveness compared to how much risk you are hoping to eliminate from the business.
The second pitfall is in understanding how to execute. The "how" may be the most important part as it ultimately determines how soon you will benefit from DLP and determines the amount of resources that are required.
Surviving one of the pitfalls is hard enough, but trying to get through both on your own is nearly impossible.
Unfortunately, much of the historical “how” started with massive data-discovery projects, which usually meant at least six-months of project consulting before any data is protected.
Not every DLP vendor has the same vision for how to make DLP work, so make sure that you understand your vendor’s approach and agree with it.
Have a listen and let me know what you think.