What’s the point of deploying DLP if you don’t implement the ‘P’? That’s where Robert Mechler, our Principal Security Strategist and I start the discussion. Among many topics, we also discuss the role of dynamic data protection and the nine essentials for data protection success.
Time to rethink data protection
Faced with a deluge of data, enterprises are being forced to rethink data protection. Here are the facts: Almost 90% of all data was created in the last two years; people generate 2.5 quintillion bytes of data each day; and unstructured data is a problem for 95% of businesses.
Moreover, this data is expanding across emerging channels, particularly in the cloud. And with many people still working from home during the pandemic, security professionals are also having to rethink the way data is protected on personal laptops and home networks.
The traditional enterprise response is a static ‘one size fits all’ threat-centric security strategy: allow users to perform everyday tasks, like printing a doc, engaging by email or using a USB stick – but prohibit them from riskier tasks, like using cloud applications or uploading content to a portal.
That static strategy worked well when everyone operated within the confines of an enterprise perimeter. However, now that people work from just about anywhere, a static approach just doesn't go far enough.
A real-world example: a user tries to save a presentation to a flash drive. A static, threat-centric solution isn’t sure if this is good or bad, and defaults to block the action. With no insight into broader context, friction increases. A high volume of flagged activities like these overwhelms security teams, while legitimate threats remain hidden and can more easily infiltrate the network.
User-centric frictionless security
In response, enterprises are replacing this broad, sweeping approach to security with individualized, adaptive data policies that don’t slow employees down. Dynamic data protection applies monitoring and enforcement controls that adapt to changes in human behavior.
A behavior-centric analytics engine correlates data to compile a risk score for each user, with risk levels driven up and down automatically according to behavior. Changes in risk levels drive different customized outcomes, whether it is allowing, auditing or blocking the action. The result? You triage fewer alarms, reduce investigation time and deter data loss events.
Nine steps to data protection success
Robert and I also walk through the nine steps enterprises should take to balance productivity against security. In the discussion, we drill into each one in depth. Those of you who are interested can also explore each step in our Infographic or by reading the ‘Practical Executive’s Guide to Data Loss Prevention’ White Paper.
One of the preliminary steps is to create a risk profile. First, state the risks you want to mitigate and list out the types of data they pertain to. Then, define the networks, endpoints, and cloud channels where that data could be lost along with the controls you currently use to secure them.
Another vital step we discussed is to map each data type to its impact. This way you can prioritize your responses and keep security resources focused where they’re most effective.
Beyond that, we also discuss how to identify a data incident response by channel, establishing an incident workflow and defining team responsibilities.
Once your network data protection is in place, a monitoring period will let you identify activity patterns and set a baseline to determine normal user behavior. What you’ve learned in monitoring mode will give you the level of confidence you need to transition into blocking mode for high-risk events, or in accordance with your incident response plan.
Whether you take a traditional approach or augment your security with risk-adaptive data protection, the webinar’s nine steps will guide you to success.
Listen to the webinar here on Forcepoint,com or click on the green Watch the Webcast button to the right.