Answer

Can predefined DLP rules help prevent HIPAA and PCI DSS violations?

Our DLP product includes predefined rule sets to avoid data leaks that might be a violation of HIPAA or PCI DSS. Is it really worth the time and effort to employ these rule sets?

    Requires Free Membership to View

Ask the Expert!

Got a vexing problem for Mike Chapple or any of our other experts? Ask your enterprise-specific questions today! (All questions are anonymous.)

Absolutely. Data loss prevention (DLP) products can play an important role in ensuring that sensitive data doesn't leave your organization without authorization. However, as with any security product, they require a certain amount of care and feeding if they are to be used effectively.

In the case of PCI DSS, DLP rules are especially effective because the PCI DSS standard focuses on the protection of payment card information; the primary protected data element -- the card number -- not only follows a standard format, but also contains a check digit that verifies whether a card number is mathematically valid. DLP systems can leverage this formula for the construction of credit card numbers to eliminate a large portion of false positives and send alerts about the unencrypted transmission of credit card information with a high degree of accuracy.

Using DLP products to detect the transfer of other sensitive information, such as health records protected by HIPAA, can be a bit trickier, as the information may come in many forms, including unstructured data. Such challenges require a much more thoughtful approach to DLP. Security professionals attempting to protect against the unauthorized exfiltration of HIPAA information should consider a variety of DLP tactics, including keyword matching, analysis of sender and recipient information, and the tagging of specific files that may contain sensitive information. However, it is likely that DLP systems used in this capacity will experience a higher number of false positives than the simpler credit-card use case. One potential way to reduce the false positive rate is by using a DLP system with the capability of "tagging" sensitive documents, but this depends upon having all sensitive information clearly identified in advance and having those tags preserved across versions and derivative documents.

This was first published in September 2013

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: