My first paper (out of 2) on Data Loss Prevention (DLP) just went up – enjoy “Enterprise Content-Aware DLP Architecture and Operational Practices.” The paper focuses on DLP architecture and operational practices essential for ongoing DLP success.
Quick summary: “Data loss prevention (DLP) has completed its evolution from a niche tool to an important component of broader information-centric security architecture. However, customers are still hard-pressed to realize value from this technology. This guidance document shows a structured approach to deploying and using DLP technology effectively.”
A few highlights from a 50 page document:
- “The design of a DLP solution must take into account its use cases and related audiences who interact with a DLP. Deployment of a DLP tool should go from one tactical success to another (a "quick-wins" approach) to avoid outright failure due to complexity and organizational politics.”
- “Unlike network security technology, DLP spans network, endpoint (now including mobile) and enterprise storage (now including cloud storage) technologies and must have the support of business unit personnel for most use cases.”
- “Looking to do too many things at once with DLP technology will often lead to getting nothing done, while looking to do less will lead to them being done well.”
- “It is critical to balance information protection goals with organizational ability to execute on them. Consequently, an enterprise’s initial DLP policy should not necessarily be the one that it needs the most but the one that it needs the most based on those that it can actually implement.”
- “Ongoing DLP operation is centered on a core set of essential processes that must be in place for DLP deployment to succeed in its mission of protecting data. The essential processes include alert triage, security incident response (IR), policy creation, policy tuning and ongoing reporting.” (more details in this blog post)
Somewhat related content:
View Free, Relevant Gartner Research
Gartner's research helps you cut through the complexity and deliver the knowledge you need to make the right decisions quickly, and with confidence.Read Free Gartner Research
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.