A microchip engineer was recently accused of stealing trade secrets using a clever technique. He allegedly sent data to his personal computer by hiding schematics in image files named for Pokémon characters.
A former Tesla employee is accused of taking a less technical approach, downloading trade secrets to his personal computer and submitting a different laptop for inspection to hide his activity.
These are just two examples of what corporate espionage looks like in 2022. Cybercriminals, unscrupulous competitors and disgruntled employees may not be able to get past perimeter defenses, but malicious insiders can steal valuable information to sell or use for themselves.
Of course, some data leakage is simply the result of user error or negligence. But whether intentional or unintentional, data leakage can create serious privacy and regulatory compliance issues. In the hands of hackers, data can be modified, used for blackmail or sold to the highest bidder on the dark web. Any outcome is likely to cause headaches and embarrassment for your organization.
With more people working from home, the problem has gotten worse, and preventing data leaks has become more difficult.
What Is Data Leak Prevention?
First, let’s clarify the difference between a data breach and a data leak. A data breach involves an individual or group getting past security defenses to access sensitive systems and data. A data leak refers to incidents of data exposure to unauthorized users, typically caused by a software misconfiguration, human error or a malicious insider.
Data leak prevention (DLP) refers to the practice, software and strategy involved with preventing sensitive data from being accessed and transmitted outside a network by people who don’t need it or aren’t authorized to access it. Also called data loss prevention, DLP works by monitoring sensitive data at rest and in transit and blocking it from being copied or leaving the appropriate system or IT environment. Detection of data leaks tends to focus on email attachments and links, although collaboration tools are increasingly involved.
DLP Best Practices
DLP can only be successful if you know what kinds of data you have, where data is located, how various types of data should be handled, and who should be allowed to access that data.
Before implementing DLP, take inventory of all data assets and classify data into specific categories, such as personally identifiable information, financial data, intellectual property and data subject to regulatory requirements. You can then create policies that govern how data in each category is to be handled. DLP tools use these policies to automatically trigger a response to a data leak or attempted data leak.
Once you’ve completed the planning phase, you should implement one integrated DLP solution instead of several disparate systems. Centralized DLP will reduce complexity and ensure consistent protection across your organization. Because data leaks are often the result of human error and accidents, make sure you educate your team about security policies and procedures.
What Approach to DLP Makes Sense for You?
Microsoft 365 has DLP built in as part of Microsoft Purview, the company’s suite of compliance, governance and risk management solutions. Some firewalls and intrusion prevention systems have DLP features and functionality, and third-party security software providers offer comprehensive DLP solutions.
Verteks can help you determine what DLP features you already have, what may be available through existing software vendors, what functionality might be missing, and how to develop a simpler, centralized DLP strategy. Contact us to discuss how to protect your sensitive data with DLP.
