Our DLP product includes predefined rule sets to avoid data leaks that might be a violation of HIPAA or PCI DSS....
Is it really worth the time and effort to employ these rule sets?
Ask the Expert!
Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)
Absolutely. Data loss prevention (DLP) products can play an important role in ensuring that sensitive data doesn't leave your organization without authorization. However, as with any security product, they require a certain amount of care and feeding if they are to be used effectively.
In the case of PCI DSS, DLP rules are especially effective because the PCI DSS standard focuses on the protection of payment card information; the primary protected data element -- the card number -- not only follows a standard format, but also contains a check digit that verifies whether a card number is mathematically valid. DLP systems can leverage this formula for the construction of credit card numbers to eliminate a large portion of false positives and send alerts about the unencrypted transmission of credit card information with a high degree of accuracy.
Using DLP products to detect the transfer of other sensitive information, such as health records protected by HIPAA, can be a bit trickier, as the information may come in many forms, including unstructured data. Such challenges require a much more thoughtful approach to DLP. Security professionals attempting to protect against the unauthorized exfiltration of HIPAA information should consider a variety of DLP tactics, including keyword matching, analysis of sender and recipient information, and the tagging of specific files that may contain sensitive information. However, it is likely that DLP systems used in this capacity will experience a higher number of false positives than the simpler credit-card use case. One potential way to reduce the false positive rate is by using a DLP system with the capability of "tagging" sensitive documents, but this depends upon having all sensitive information clearly identified in advance and having those tags preserved across versions and derivative documents.
Dig Deeper on Data Loss Prevention
Related Q&A from Mike Chapple
Cloud compliance issues are no reason for enterprises not to move to the cloud. Expert Mike Chapple explains why, as well as what to keep in mind ...continue reading
The GAO reported on SEC cybersecurity weaknesses, even though the SEC regulates cybersecurity. Expert Mike Chapple discusses the effects of this ...continue reading
Enterprise compliance can be a burden to manage, which is where a PCI ISA can be helpful. Expert Mike Chapple explains how a PCI Internal Security ...continue reading
Have a question for an expert?
Please add a title for your question
Get answers from a TechTarget expert on whatever's puzzling you.