var _gaq = _gaq || []; _gaq.push(['_setAccount', 'UA-35754314-2']); _gaq.push(['_setDomainName', 'securityeverafter.com']); _gaq.push(['_trackPageview']); (function() { var ga = document.createElement('script'); ga.type = 'text/javascript'; ga.async = true; ga.src = ('https:' == document.location.protocol ? 'https://ssl' : 'http://www') + '.google-analytics.com/ga.js'; var s = document.getElementsByTagName('script')[0]; s.parentNode.insertBefore(ga, s); })();

Monday, September 12, 2011

Control 15: Data Loss Prevention

Data Loss Prevention (DLP) is a new trend in Information Security, but really should not be. DLP may have been a missed opportunity when Network Intrusion Detection (NIDS) was first introduced. Is it all of a sudden that data exfiltration has become important? How was this missed as a priority for so long?

Define what is critical data and write regular expression filters on the NIDS that look for this data passed in unencrypted format. Educate users in security awareness training about importance of remaining diligent when handling sensitive information. Critical data should be defined in formal policy and discussed in new employee security awareness training classes. Snort signatures such as Credit Card Data, Sensitive data credit card numbers 138:2 can be used to specifically look form information that should always be sent securely.

Consider what a data loss prevention incident would look like on your network and design your defenses and alerting to these scenarios. SourceFire Compliance Rules can be configured to alert when the files that are large in size, flows that are long in duration and flows that are new and previously undefined. Once these basic alerts are in place, develop additional data loss scenarios based on recent high profile data loss events and design appropriate controls to detect them. This is a low cost way to get wisdom as cheaply as you can.

3 comments:

  1. thanks i have been go althrogh this..thanku so much for nice info...and hope very soon u ll provide some more info...Data Leak Prevention

    ReplyDelete
  2. Hi all,

    Data loss prevention is a data leakage protection solution that helps organizations assess risk and prevent data loss over the highest points of risk. It safeguards proprietary information against security threats due to enhanced employee mobility. DLP is deeply integrated with many enterprise platforms to maximize utilization of your current infrastructure for DLP projects. Thank you...

    Add PDF Watermark

    ReplyDelete
  3. Data Loss Prevention :- Thanks For The Information...Data loss prevention of intellectual property and private information can minimize liabilities and litigation. Protect valuable organization and customer data.

    ReplyDelete