Brought to you by WatchGuard
You’ve heard countless stories of sensitive data being pilfered by creative hackers who manage to get past a company’s IT defences. But such “data loss” incidents are not only caused by external threat actors, they can be unknowingly leaked by employees within an organisation.
For example, if a HR executive sends his or her organisation’s payroll information to a payroll processing company in an unsecure manner, the information could be picked up by third-parties as it traverses across the web.
Sensitive data could also be compromised if staff were engaged in shadow IT practices. For example, if employees were using unsanctioned third-party file sharing services like Dropbox, cyber criminals could track these activities and steal information in the wild.
Data loss also occurs as we rely more on e-mail for business communications. This dramatically increases the chances of leaking sensitive or confidential data. All it takes is for a recipient’s e-mail address to be misspelled, or an incorrect key to be pressed and a message could end up in the wrong hands.
Advances in technology make it even easier for this inadvertent data loss to occur. For example, while the autocomplete feature in e-mail programs and services is convenient, it may lead you to unintentionally send your e-mail to another person with the same name.
Much of this data loss is related to data set into motion – accessed in an unconventional way, forwarded to a co-worker or sent to a printer. Such “data-in-motion” already accounts for more than 83% of all data loss violations, according to IDC. A more recent industry survey also showed that 66 per cent of Singapore firms had experienced data loss or downtime.
Against this backdrop, organisations need to be on constant guard against data being lost or stolen. They owe it to themselves and their customers to keep corporate information from falling into the wrong hands – by implementing a strong data loss prevention (DLP) policy management programme.
A DLP policy management programme starts with classifying data and information based on the risks it poses to an organisation. A product roadmap, for example, could be deemed confidential and may have stricter encryption, storage and transmission requirements. With an information classification system in place, organisations can then begin to source for an effective DLP solution that identifies, monitors, and protects sensitive data.
Many DLP solutions today have evolved from standalone products to being part of existing solutions that accelerate business, protect the organisation and ensure privacy. An effective solution would be one that integrates with a secure content and threat management platform, scans data across e-mail and the web based on consolidated policies, management and administration, along with a low total cost of ownership.
The WatchGuard DLP solution is one such example. Available through WatchGuard’s Unified Threat Management (UTM) and Next-Generation Firewall (NGFW) appliances, the subscription-based service uses a seamlessly integrated process for securing content from data loss, while controlling confidential information as it moves across network boundaries.
This is done in a unique way, through deep content inspection and contextual analysis of over 30 file types – including Excel, Word, Visio, PowerPoint and PDFs – to determine the sensitivity or confidentiality of a message and its content, before assessing the security actions that need to be taken.
Furthermore, WatchGuard DLP comes with a predefined library of over 200 rules covering personally identifiable information, financial data, and healthcare information, so you can quickly create and update corporate DLP policies. The rule sets are updated monthly, in line with changes in data definitions and compliance mandates around the world.
For an additional layer of security, organisations can also consider implementing e-mail encryption as part of a DLP strategy. This helps to protect e-mail messages against unauthorised viewing, as well as ensure compliance with regulations such as Sarbanes-Oxley (SOX) and the Payment Card Industry Data Security Standard (PCI).
All in all, with WatchGuard DLP, you can get a single administrative access point for creating, managing and enforcing policies for protecting your organisation from data loss.
This comprehensive data loss protection solution is now a necessity rather than an option.
For more information regarding WatchGuard’s Data Loss Prevention solution, please visit: http://www.watchguard.com/wgrd-products/security-modules/dlp
