Saturday, August 15, 2009

DLP is not only the tool...

Lot of IT managers i meet think DLP is just a software that you deploy on the network this results in ineffective controls. SANS critical control 15 has a neat definition of DLP

"The phrase “Data Loss Prevention” (DLP) refers to a comprehensive approach covering people, processes, and systems that identify, monitor, and protect data in use (e.g., endpoint actions), data in motion (e.g., network actions), and data at rest (e.g., data storage) through deep content inspection and with a centralized management framework."

Source: SANS Critical Control 15: Data Loss Prevention