Data Loss Prevention (DLP) is one of the farthest reaching tools in the security arsenal. A single DLP platform touches endpoints, network, email servers, web gateways, storage, directory servers, and more. There are more potential integration points than just about any other security tool – with the possible exception of SIEM. And then we need to build policies, define workflow, and implement blocking… all based on nebulous concepts like “customer data” and “intellectual property”. It is no wonder many organizations are intimidated by the prospect of implementing a large DLP deployment. But on our 2010 survey indicates that over 40% of organizations use some form of DLP.
Fortunately, implementing and managing DLP isn’t nearly as difficult as many security professionals expect. Over the nearly 10 years we have covered the technology – speaking with hundreds of DLP users – we have collected countless tips, tricks, and techniques for streamlined and effective deployments… which we have compiled into straightforward processes designed to ease the common pain points.