What is it⁉️

It is designed to help Organisations from potentially losing, leaking sensitive or extremely important data. As well as avoiding any Security/Data breaches.

Acknowledging Data🛡️
Before lighting up DLP, you must know what data you have and what is important to the point where you cannot afford to lose this. It’s a case of identifying what type of data organisations have whether it be:

Servers
DB
Endpoints
SANs

DLP then scans and identify by creating an inventory of the data.

Types of Data🪟
Not all data is equivalent to the same importance, an example could be a user’s local storage (downloads) which isn’t backed up, but financial or company inside information with extreme importance. Based on the type of data, DLP will assign tags/labels to determine the level of importance .

Inspection 👽
DLP can implement different types of inspection such as data in transit, or currently being in use. DLP can utilise keyword analysis or patterns to identify if the data is sensitive or not.

Policies 🚔
Using predefined policies set by the Organisation, this allows how sensitive data will be treated, and example could be data A from being deleted, downloaded or forwarded. The Network Administrator would then receive an alert to notify whether sensitive data is against any rules or policies.

Encryption 🤖
DLP can also implement encryption, should sensitive data get leaked, it will be encrypted so even in the wrong hands of someone it cannot be read.

Monitoring 🚨
DLP continuously monitors the types of data and how it is being utilised, or even where it is traversing to. Should there be an attempt of policy violation, alerts will be sent out to the Network Admin/Engineer.

Hope this helps! 😁