News By Tag
News By Location
Information Security Forum Examines the Security Challenges Associated with Data Leakage Prevention
By: Information Security Forum
The increasing adoption of collaboration platforms, cloud services and social media, which are often accessed using personal devices, has introduced a host of new ways for sensitive data to leak. Well-intentioned and rogue employees alike can now share data with greater ease. This only serves to magnify the risk of disclosing data to unauthorized entities. Preventing the leakage of data is a concern that every organization will continue to cope with, and in today's era of mobile working and cloud computing, data is more vulnerable to leaking. The consequences of disclosing data to unauthorized entities are more striking than ever before – in part due to more stringent regulatory requirements. By implementing a DLP program, organizations can significantly reduce the risk of data leakage.
"DLP has gained in popularity as organizations recognize the importance of adopting a data-centric approach to security," said Steve Durbin, Managing Director of the Information Security Forum. "To fully realize the benefits that DLP can deliver, organizations need to take a structured and systematic approach to implementation that extends beyond simply installing DLP tools and technology. Our latest digest will help organizations to prepare, implement and maintain a DLP program, which achieves objectives and demonstrates risk reduction."
As data breaches continue to make headlines with costly consequences, organizations are realizing the importance of taking a systematic, structured approach to detect and prevent the leakage of sensitive data. ISF members have reported that they are now achieving success with DLP technology when it is deployed as part of a dedicated DLP program. However, DLP tools alone cannot prevent the leakage of all types of sensitive data across every possible channel.
According to the ISF, the most effective way of implementing DLP is to adopt a formal program supported by the right blend of people, process and technology. ISF members have identified ten key attributes of a successful DLP program, and these attributes can be grouped into three phases of deploying a DLP program: governance, preparation and implementation.
· Obtain executive support
· Define DLP program objectives
· Assign roles and responsibilities
· Involve business stakeholders
· Prioritize what data to protect
· Select DLP tools
· Integrate DLP tools into existing environment
· Improve security awareness of data leakage
· Determine how to respond to policy violations
· Deploy DLP incrementally
"A prerequisite of a successful DLP program is support from executive management and ongoing collaboration with business representatives,"
Data Leakage Prevention is available now to ISF Member companies via the ISF website (http://www.securityforum.org/
About the Information Security Forum
Founded in 1989, the Information Security Forum (ISF) is an independent, not-for-profit association of leading organizations from around the world. The organization is dedicated to investigating, clarifying and resolving key issues in cyber, information security and risk management and developing best practice methodologies, processes and solutions that meet the business needs of its Members.
ISF Members benefit from harnessing and sharing in-depth knowledge and practical experience drawn from within their organizations and developed through an extensive research and work program. The ISF provides a confidential forum and framework, which ensures that Members adopt leading-edge information security strategies and solutions.By working together, ISF Members avoid the major expenditure required to reach the same goals on their own. Consultancy services are available and provide ISF Members and Non-Members with the opportunity to purchase short-term, professional support activities to supplement the implementation of ISF products.
For more information on ISF membership, please visit https://www.securityforum.org/