It may come as no surprise that customers want to tap into the deep expertise that Symantec, a division of Broadcom, has about protecting data. However, what often surprises them is that we often have questions that they may not have even anticipated. You see, while Symantec provides world-class DLP technology, technology is just one piece of the broader Data Loss Protection picture. A parallel can be drawn with the world of aviation. An airline operator needs excellent aircraft (technology), and they also need many different other skills such as aircrew, ground handling staff, maintenance, flight operations (people), and inter-connected systems to tie passenger demand to aircraft availability (processes).
So, perhaps, on reflection, it really isn’t a surprise that we need to ask questions. If you don’t know what data you need to find or protect, and why, it is almost impossible to tell you how to deploy a system to detect, monitor and protect the right sensitive data. Without clarity of purpose there is a high risk that mistakes will be made - simply put, the wrong data will be blocked or sensitive data will fly under the radar.
Requirements and Planning
Our long history in the information security industry has taught us that those customers that commit to upfront planning and ongoing review achieve the best outcomes. They think hard about their requirements, consider a range of solutions and take a step wise approach to implementation. Just think about that for a second. Imagine that you deploy an untested policy with aggressive block controls, and then find that almost every email and cloud upload is now being stopped. This is a major consequence that has just grounded your entire operation. On Air DLP we want level headed, methodical pilots. Hot headed, mavericks need not apply!
Plan, Do and Review
So now we’ve established that DLP needs to be a program, we accept that there are three phases we need to care about - Plan, Do and Review. What might be surprising is where the balance of effort is spent. Aircraft operators use the “rule of thumb of thirds”: that is they spend a third of their time planning, a third doing and the final third reviewing. Aircraft are expensive to operate, represent a complex system (that involves people, technology, processes and information) and the stakes are high. You do not want things to go wrong!
Protecting Sensitive Data
Protecting sensitive data is similarly complex. If you are operating a DLP program, just where are you spending your time? Are you:
- Planning on how you identify sensitive data to reflect future working patterns and compliance requirements?
- Doing, that is operating the system, creating policies and responding to incidents?
- Reviewing the effectiveness of the current controls, identifying how to fine tune and optimise the system?
In Symantec’s experience, time spent on reviewing and planning pays great dividends. We advocate that customers engage in a regular, scheduled review process that enables them to improve both their tactical and strategic performance. You wouldn’t operate aircraft without a process for daily, weekly and longer term scheduled maintenance. The habit of inspection is well ingrained in the world of aviation. For example, before every flight the ground mechanic reviews that the aircraft is fit to fly. And guess what, once the mechanic has approved the aircraft for flight, the pilot then inspects and verifies to his/her satisfaction that the aircraft is fit for flight. How often do you double check and seek a second opinion before deploying changes to your DLP system?
We work with many of our customers to review their DLP program and to review:
- Program and Strategy Governance
- Infrastructure and DLP Channel Coverage
- Metrics / Integration
Time to review you DLP program
Through this process we collaborate with customers to understand their systems, resources and current levels of effectiveness, all with a view to assessing the maturity of their program. We always find that no matter how mature a customer believes their DLP program is, there are always short term and longer term improvements that are identified. If you haven’t reviewed your DLP program recently, why not use this as a starting point? Simply ask your Broadcom sales representative about how we can support you with an Information Protection Program Review or contact us here. It may just take your DLP program to new heights!
We encourage you to share your thoughts on your favorite social platform.