
	Home > Security Tips > Network Security Tactics > How to avoid DLP implementation pitfalls

Security Tips:

EMAIL THIS

TIPS & NEWSLETTERS TOPICS

NETWORK SECURITY TACTICS

How to avoid DLP implementation pitfalls

Rich Mogull, Contributor
08.21.2008
Rating: -3.43- (out of 5)

Network Security Tactics

Digg This! StumbleUpon Del.icio.us

This tip is part of the SearchSecurity.com Data Protection Security School lesson, Data Loss Prevention. Visit the school and lesson pages for additional learning resources.

Data leak prevention (DLP) tools are extremely effective at reducing the risk of sensitive data ending up where it shouldn't, but like any tool, if not used properly, the results won't be positive. By avoiding a few common pitfalls, an organization can save time and money while better protecting itself.

Here are some key points to consider when implementing and using DLP tools:

DLP tools are a powerful way to protect sensitive content. While effective and efficient, failure to avoid the pitfalls mentioned above

can alienate the business and lead to poor DLP results.

About the author:
Rich Mogull has more than 17 years experience in information security, physical security, and risk management. Prior to founding independent information security consulting firm Securosis, Rich spent seven years at well-known research firm Gartner Inc., most recently as a vice president, where he advised thousands of clients, authored dozens of reports and was consistently rated as one of Gartner's top international speakers. He is one of the world's premier authorities on data security technologies and has covered issues ranging from vulnerabilities and threats, to risk management frameworks, to major application security.

Rate this Tip
To rate tips, you must be a member of SearchSecurity.com. Register now to start rating these tips. Log in if you are already a member.

BROWSE BY TAG

Network Security Tactics, Enterprise Data Protection, Enterprise Data Governance, Information Security Policies, Procedures and Guidelines, Data Protection Security School, Data loss prevention, Information Security Management, Data Loss Prevention, VIEW ALL TAGS

Digg This!

StumbleUpon

Del.icio.us

RELATED CONTENT

	Network Security Tactics
	Screencast: Samurai offers pen-testing nirvana
	Firewall rule management best practices
	Chained Exploits: How to prevent phishing attacks from corporate spies
	Rootkit Hunter demo: Detect and remove Linux rootkits
	Enterprise UTM security: The best threat management solution?
	Making the case for network security configuration management
	An inside look at security log management forensics investigations
	How to find sensitive information on the endpoint
	How to perform Microsoft Baseline Security Analyzer (MBSA) scans
	How to spot attacks through Apache Web server log analysis

Enterprise Data Governance

Risk management must include physical-logical security convergence

Simple information security mistakes can cause data loss, says expert

Organizations struggle with data leakage prevention, rights management

Encryption in data management should never be ignored, expert says

Attackers cash in on fundamental data handling mistakes, Verizon finds

Data loss prevention benefits in the real world

Mass., Nev. data protection laws wrong, ineffective

Cybersecurity hearing highlights inadequacy of PCI DSS

Enforcing a vendor risk assessment to avoid outsourcing security risks

How to Secure Cloud Computing

Information Security Policies, Procedures and Guidelines

Twitter risks, Facebook threats trouble security pros

Cybersecurity czar candidate questions clout of new position

Incident response planning

The basics of enterprise GRC project management

RSA council addresses growing security risks in the cloud

How to write a risk methodology that blends business, security needs

Risk management must include physical-logical security convergence

DHS fills National Cybersecurity Center post

New partnerships, creative thinking help security bust recession

Experts optimistic of Obama cybersecurity plan

RELATED GLOSSARY TERMS

Terms from Whatis.com − the technology online dictionary

cut-and-paste attack (SearchSecurity.com)

data splitting (SearchSecurity.com)

deperimeterization (SearchSecurity.com)

Google hacking (SearchSecurity.com)

masquerade (SearchSecurity.com)

snooping (SearchSecurity.com)

RELATED RESOURCES

2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems

Search Bitpipe.com for the latest white papers and business webcasts

Whatis.com, the online computer dictionary

DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.

Research Solutions for Network Security, Access Control and Security Threats
More Security Resources for Resellers, VARs and OEMs

View this month\\'s issue and subscribe today.

Apply online for free conference admission.

SEARCH :

Site Index

TechTarget provides technology professionals with the information they need to perform their jobs - from developing strategy, to making cost-effective purchase decisions and managing their organizations' technology projects - with its network of technology-specific websites, events and online magazines.


TechTarget Corporate Web Site \| Media Kits \| Site Map All Rights Reserved, Copyright 2003 - 2009, TechTarget \| Read our Privacy Policy