That's Classified: Why a Deep Understanding of Military Data Protection Delivers DLP for Enterprises Today
By Guest Contributor: Martin Sugden, CEO, Boldon James
When the captain of a Navy ship receives a “Flash command,” he or she has three minutes to deliver a response: “Received, Understood, Actioned.” The commander has to be sure that the correct captain has received the message, and the captain has to be sure that the message is genuine. Lives, conflicts and potentially a nation’s safety rests on the surety of these messages, now delivered electronically.
At Boldon James, we’ve been managing data classification and secure transmission since the mid 1980s, ensuring that governments, police and intelligence services could trust the content of, and access to, critical information transfer. We worked through early information exchange standards like X400 Transport Stacks, SMTP, and the development of standards with Microsoft and others. We have come out the other side into a world of vast unstructured data pools, privacy concerns and regulation.
Electronic data transmission is of course now the norm. Inside and outside of the military and government organizations, critical data is the lifeblood of any organization. Making sure that the right people access information and transfer it securely to where it needs to be is a fundamental tenet of a successful business.
Classifier: Entering the Enterprise
Our experience over the last thirty years in data protection has enabled us to develop the knowledge and best practices of data classification and management, and refine it for the enterprise space. Different challenges, structures, and ecosystems require a different approach and so we integrate our expertise with key partners. Our partnership with Forcepoint and our integration with their Data Loss Prevention (DLP) product is no accident: Forcepoint is a firm which understands the need to put the human front and center in these programs.
Other data classification, data control or DLP programs have a black-and-white approach: block and stop. The end user is unaware of what is happening and only experiences being prevented from doing something: usually resulting in a work-around which exposes the company to greater threat.
Our combined experience of critical data management plus Forcepoint DLP’s automated content scanning system makes identifying information more reliable and accurate, helps to identify the context as well as the content of data, improves user acceptance and offers greater risk reduction.
Working with Human Habits
In practice, this means helping employees to take ownership of data management. User-driven data classification can enhance overall awareness for handling sensitive data particularly when classification tools are readily accessible to the user. But users are vulnerable to mistakes and potential mislabelling of documents, often accidental. Complementing user-driven classification with automation can streamline accurate detection, validation and application of labels.
Proper data protection requires the ability to detect and control how sensitive data moves in and out of an organization without disrupting a user’s ability to do their job. DLP solutions, such as Forcepoint DLP, empower organizations with enhanced visibility and control of their data across all channels where people work and collaborate.
With single console policy management, organizations can go beyond audit-only mode to define action plans and deploy policies across their enterprise with ease to detect and respond when incidents of mislabelled documents arise.
With a DLP solution in place, employee coaching (via pop-up windows) provides additional guidance to users, educating them on what action was done in error and providing guidance on how to remediate the risk in real-time. Educating users in this fashion builds ongoing security awareness and competency to safeguard organizations from accidental leakage of sensitive data.
By assigning visual and metadata labels to the data and documents people create across the organization, data classification allows for informed decision-making about how it’s all managed, protected and shared.
Data has been lost or mismanaged (through crime or accident) as long as enterprises existed. In today’s digital world of multi-cloud infrastructures, BYOD, complex supply chains and the threat of cybercrime, data is more at risk than ever. But facing new risks doesn’t mean starting from scratch. By relying on partners with a depth of data management experience you can deliver a data protection solution which reduces risk, delivers control and oversight of data and embeds a culture of security across the organization, keeping you secure, compliant, and in control.