Keeping Sensitive Data In
Whether it’s PII, PHI, or intellectual property, US organizations can’t afford to have sensitive data leak out. **Data Loss Prevention (DLP)** involves tools and processes to prevent data exfiltration.
DLP Controls
- Endpoint DLP: Monitors and controls data on user laptops (e.g., blocking copy to USB drives).
- Network DLP: Inspects network traffic (email, web) for sensitive data in transit.
- Cloud DLP: Scans cloud storage and apps for sensitive data and enforces sharing policies.
Beyond Tools
DLP is not just software. It requires data classification (knowing what’s sensitive), user training, and clear policies about data handling.
