DLP Best Practices Grab a Bigger Spotlight
10 things you can do to improve DLP in the time of Covid
If the Covid-19 pandemic of 2020 has taught people anything, it is that the health, safety and security of one’s family is a paramount issue that can’t – and shouldn’t – be ignored.
That new emphasis on safety goes beyond employing methods such as frequent hand washing, practicing social distancing and wearing a face covering in many social situations. With more people working from home than usual, the remote use of corporate networks has put the spotlight upon data loss threats and ways to cut down or eliminate the loss of data from within and outside an organization.
Regulations, including those such as GDPR, CCPA and HIPAA, require companies to build up their defenses against network threats and the possibility of data loss. But a few easy practices can go a long way toward safeguarding an enterprise’s critical information and help prevent the loss of crucial data. Taking such steps now can reduce the costs associated with data breaches and loss later. In our opinion, there is no excuse for letting one’s guard down when it comes to data loss.
With more people working from home than usual, the remote use of corporate networks has put the spotlight upon data loss threats and ways to cut down or eliminate the loss of data from within and outside an organization.
Let’s take a look at 10 best practices that we believe are easy to employ, and beneficial to an enterprise that’s looking for ways to prevent data loss across its organization.
10 Best Practices:
1. Run the latest DLP software version. Too many companies are behind the eight ball when it comes to their data loss prevention software. Even DLP offerings from just two years ago can be obsolete when it comes to fighting the latest network threats. Simply employing the latest version of DLP software will provide you with the ability to use all of the newest capabilities and derive maximum data protection benefits, both in your network and at it's endpoints.
2. Use Endpoint DLP to get the most out of your investment. If you’re going to put your money into endpoint protection, you might as well get the best coverage you can get. For example, with employees using their company laptops at home more than ever, the use of cloud storage apps is only increasing. Symantec DLP Endpoint gives customers multiple ways to configure the endpoints, monitor different machines, and target policies and configurations to specific users. And end users can also get messages that will improve their knowledge of safe data handling practices.
3. Use all Endpoint DLP channels to get the widest possible coverage. You can use Endpoint DLP to monitor data transfer to and from peripheral devices, printers, Outlook email, and cloud storage locations. Additionally, the technology gives you a way to do threat-aware DLP and keep unwanted applications from accessing sensitive information.
4. Use all your DLP entitlements. There can be times when an enterprise isn’t getting the full value of its DLP offerings because it isn’t using all the features of its DLP entitlements. A company might only be using the two entitlements it originally set out to purchase. We encourage customers to use the full capabilities of products like our DLP Core and DLP Cloud to ensure they aren’t missing out on something they really need.
Symantec DLP Endpoint gives customers multiple ways to configure the endpoints, monitor different machines, and target policies and configurations to specific users.
5. Place some of your Endpoint Servers in the DMZ. Pushing policy changes to remote workforces is becoming more of a necessity these days. Policies and incidents can be exchanged in a timely manner when endpoint servers are placed in the DMZ. New policies can be pushed whenever necessary, and violations can be found immediately. However, exposing the endpoint server to the internet requires careful operational security considerations.
6. Expand into DLP for SaaS applications. As more employees are working remotely, the use of cloud applications such as Box, Google Drive and Dropbox has skyrocketed. Enterprises’ need to have coverage for such apps has skyrocketed. If a company has already invested in one of Symantec’s DLP programs, it’s really a no-brainer to extend that program to include DLP for Cloud and enable the same policies already in use to cover SaaS applications.
7. Review policy exceptions. It makes sense to check on policy exceptions and make sure everything in use is still required. There’s no better time than now to make sure the right policies are in place.
8. Check for policy gaps. Have some of your policies been disabled? While this might have happened on purpose, any time a policy is disabled, there is gap that might now need to be filled. And with the ongoing COVID situation changing how people work, this is the time to find out if new policies are necessary to protect business data.
If a company has already invested in one of Symantec’s DLP programs, it’s really a no-brainer to extend that program to include DLP for Cloud and enable the same policies already in use to cover SaaS applications
9. Use all the Advanced Detection Capabilities. We have seen companies, even large organizations, do the equivalent of cherry picking when it comes to employing advanced detection capabilities. They might use a DCM (Described Content Matching) rule for looking at Social Security or credit card numbers. We think this is a mistake. There is a lot more detection power available and using technologies like Exact Match Data Identifier (EMDI) can go a long way toward finding more specific data and image files.
10. Focus on identifying risky users. Most customers have a violations-centric view of the world. And customers need to start looking at who are the riskiest users. Symantec ICA is a user and entity behavior analytics platform that, when used in conjunction with solutions such as Symantec DLP, Symantec Endpoint Security and Symantec CASB, provides rapid identification of insider threats and cyber breaches. And during this time of COVID, this additional perspective can help give a bigger picture of where the riskiest users reside.
We encourage you to share your thoughts on your favorite social platform.