Symantec DLP 16: Helping Achieve Your Cybersecurity Goals

As cyberattacks and cyber risk become more relentless and more complex, cybersecurity must become more robust and easier to use.

Symantec Data Loss Prevention (DLP) 16 embraces that philosophy, and the soon to be released new version will have capabilities that provide a clear pathway to enable organizations to implement a Zero Trust security architecture so they can reduce risk, improve productivity, and increase agility.

Symantec DLP 16 is expected to become generally available to customers in the coming weeks, after a successfully received customer beta program. The release addresses key requests from customers, who have been heavily involved in beta testing. In line with their feedback, Symantec DLP 16 provides a host of new capabilities that will make networks safer and the lives of DLP administrators easier, including enhanced incident response, improved compliance, high-speed discovery, and enhanced and new support for non-Windows platforms.

Digital transformation and work-from-home have dramatically improved the productivity of business users, but these trends have also challenged organizations’ ability to maintain visibility on data movement and user activities.

Zero Trust as a Priority

For such reasons, 80 percent of C-level executives have Zero Trust as a priority for their organizations, according to a survey by the Cloud Security Alliance.  Also, according to IBM’s “2022 Cost of a Data Breach” report - just 41% of organizations in the study said they deploy a Zero Trust security architecture. The other 59% of organizations that don’t deploy Zero Trust incur an average of $1 million USD in greater breach costs compared to those that do deploy. While the need for Zero Trust is apparent, actually accomplishing Zero Trust raises many questions:

• How can organizations extend protection to remote, unmanaged devices?
• How can they minimize the risk from non-Windows platforms like Linux?
• How can they incorporate user behavior and risk profile in protecting their sensitive data?
• How can they ensure that Incident Response reacts quickly while also remaining compliant?

Symantec DLP 16 supports Zero Trust by combining device location (network status), user risk, data discovery, and consistent, unified policies that allow dynamic data access decisions to be taken.

Policy Targeting

Creating precise policies that allow accurate detection of sensitive data has long been a challenge for many organizations. Symantec DLP 16 addresses this important issue in several ways. The new release provides more ways to find sensitive information without complex policy tuning, with a new feature to automatically identify structured Personal Identifiable Information (PII) in documents and emails. Additionally, DLP 16 now enables customers to incorporate user risk behavior in their DLP policies as well as response actions so that they can achieve fine-grained control of potential data loss based on an employee’s user risk score.

Furthermore, the new release provides more granular policy targeting capabilities, and extends its Microsoft MIP classification integration to Windows Outlook Email Speed is a critical element in responding to incidents effectively. The best response and accurate triage depends on quick access to the most relevant information. At the same time, certain sensitive data should not be shared with Incident Response teams.

Symantec DLP 16 handles this delicate balancing act in several ways. The technology provides more context about network incidents and masks sensitive data in those incidents. Report views can be customized and data exported to Excel to allow intuitive data analysis. Incident remediation can also be plugged into external tools via APIs.

Given the growing complexity of the cyber landscape, DLP administrators need simplified solutions for their countless daily tasks.

For example, keeping the DLP deployment up-to-date is more difficult when endpoints need to be coordinated with other teams. DLP reduces the friction of deploying the latest endpoint updates with its new Live Update feature. This gives DLP administrators a centralized place, DLP News, to receive Symantec product notifications and information specific to their deployment.

Fast File Scanning

In addition, Symantec DLP 16 provides administrators with enhanced support for Linux, macOS, remote devices, and Edge browser. The coverage for these threat vectors is further increased with fast file scanning. With high-speed scans that can achieve one terabyte of data scanned per hour, Symantec DLP 16 can address compliance requirements to scan large files on a regular basis.

In this new release, there are also more capabilities and flexibilities in providing lists of incidents, so security personnel know which issues to focus on. Security teams can quickly filter through thousands of incidents that users generate in a day and understand which ones deserve close scrutiny.

Companies will want to incorporate DLP into their entire security strategy to deliver on automation and complete integration with Security information and Event Management (SIEM) orchestration and User Entity Behavior Analytics (UEBA) systems. Toward this goal, DLP 16 provides 6 new APIs covering policy management, response rule automation, and administrator and role management, so the technology can be easily customized into the wide security system.

Symantec DLP 16

The capabilities in this release are critical elements for developing a Zero Trust security framework to protect organizations as the business and cyber landscapes undergo constant and rapid change. The stakes are enormous. Companies without a high degree of Zero Trust maturity, whose users are coming from remote networks, are seeing higher breach costs. If an organization takes the appropriate steps, not only does it have security outcomes – in the case of a breach, the impact to the organization is also lower.

In this complex and challenging cyber landscape, Symantec’s products will stand beside you to provide the data and information to fortify your defenses and respond to your needs.  Please watch for future blogs as we explore these new enhancements to Symantec DLP 16 in more detail. 

To learn more about Symantec DLP 16, please join us on September 22, for a webinar featuring guest speaker Heidi Shey (Forrester Principal Analyst, DLP).  We will explore “What’s Next for DLP?” by discussing problems that are causing customers concern, how the market is adopting Zero Trust, recent innovations in DLP, and the outlook for the future.