5 Best Practices to Enhance Your DLP Strategy
On average, employees in the financial services industry have access to 11 million files as early as their first day on the job, according to this Varonis Report. Securing these files can often prove to be challenging, something that the transition to remote work exemplified. Now, organizations need to consider securing files so that they can be safely accessed no matter where an employee may be working from.
By the end of 2020, data breaches had compromised 37 billion records. This was an increase of 141% from 2019 (the highest amount recorded to date), resulting from insider threats, hackers, or unintentional data exposure, and highlights the importance of implementing data loss prevention (DLP) tools, as up to 70% of data breaches require public disclosure or result in a negative financial impact.
The Need for DLP
For organizations that collect and store personally identifiable information (PII) and other data such as protected health information (PHI), adhering to regulations such as GDPR and HIPAA can be achieved in part by implementing DLP tools that monitor, classify, and encrypt sensitive data. Similarly, high-value assets, like intellectual property, are often a prime target for hackers. While losing PII to hackers may result in legal and reputational repercussions, intellectual property theft can be even more catastrophic. Deloitte estimates that 80% of a single company’s value today is in its intellectual property, its loss having significant long-term ramifications. It is often difficult to quantify the damage a breach of intellectual property has caused, in comparison to when reputations and revenue are on the line following breaches of customers' PII and responses are led by disclosure requirements.
Further compounding the data protection challenge is the recent and accelerated migration to the cloud. For these reasons, employing a comprehensive DLP strategy allows organizations to appropriately manage their data (wherever it resides) and prevent unauthorized access and mitigate the most acute risks.
Best Practices to Prevent Data Loss
The goal of any DLP strategy is to know exactly what data a company has, who has access to it, and when or how it is being used. Most importantly, its purpose centers on the prevention of unauthorized transfer of data beyond the organization. DLP requires a multifaceted approach to proactively defend against the many attack vectors that exist today. The cornerstone of any successful strategy begins with the following best practices.
1. Data Discovery and Encryption
Data discovery and classification is a process used by organizations to efficiently manage and index sensitive data. While each organization has unique classification requirements, data is typically labeled according to levels of sensitivity like confidential or regulated information. Once that data has been tagged, it requires an appropriate remediation mechanism like multifactor encryption. Since traditional encryption solutions rely on identity and access management controls (e.g., login credentials) that create a single point of failure, it is imperative that organizations use an appropriate encryption solution that is disconnected from other controls that are easily and regularly compromised.
2. Control permissions and access
A vital step in preventing a data leak is to ensure that permissions and access are carefully administered and controlled. Access controls may be regularly monitored and reviewed to ensure that only relevant individuals in your organization can access sensitive information and/or regulated data. Following the principle of least privilege, employees should only be authorized to access the minimum amount of data necessary for their duties in order to reduce significant security risks.
3. Secure data in motion
Employees frequently need to interact with third parties or clients and send data beyond the protection of your organization’s perimeter. To combat the risk of data being intercepted or falling into the hands of an unintended recipient, protocols to secure data in motion must be implemented. Solutions like network security controls and encrypted file transfer help to protect against internal and external threats, ensuring data can only be accessed by authorized users.
4. Audit logging
implementing an audit logging procedure ensures that a record of all actions and interactions with sensitive data is maintained. Close monitoring of your data can help to identify irregular access or suspicious user behavior, serving as an early warning system of an intruder or rogue internal actor.
5. Evaluation
DLP strategies require regular assessments and evaluation as both organizations and the data they possess evolve. Because DLP is not one size fits all and requires the integration of disparate systems, periodic evaluation of your program is recommended to ensure it continues to remain effective.
Enhancing DLP With Atakama
Working seamlessly within existing security stacks, Atakama strengthens any DLP strategy. Specifically, Atakama enhances solutions such as data discovery and classification tools by encrypting files after they have been scanned and labeled according to existing policies. The resulting files have multifactor file-level encryption, each with a unique AES 256-bit key. Keys are broken up, with the key shards distributed across the user’s physical devices (e.g., smartphone and desktop). When the user goes to access an encrypted file they need to approve the decryption on their smartphone, a process that to the user looks and feels like 2FA or SSO, but on the backend cryptographically and exponentially more secure. The process is fully automated, eliminating subjectivity and user errors so that sensitive data is protected as soon as it is discovered. The automated process also makes it possible to remediate sensitive data, so that it is always properly encrypted and protected.
Since each file with Atakama is individually encrypted, detailed audit log records for each user are generated real time and fed into any log aggregator. This detailed user history allows companies to maintain compliance and enhance data security.
Contact us to learn how Atakama can enhance your organization’s DLP strategy.