Problem solve

With DLP, encryption and integration strengthen security policies

Encryption and DLP integration can be used to enhance and strengthen security policies for sensitive data, and for blocking and enforcement actions.

Dave Shackleford

Voodoo Security

Follow:

More on data loss prevention products

Best data loss prevention tools

Step 2 of 2:

You forgot to provide an Email Address.

This email address doesn’t appear to be valid.

This email address is already registered. Please login.

You have exceeded the maximum character limit.

Please provide a Corporate E-mail Address.
- I agree to TechTarget’s Terms of Use, Privacy Policy, and the transfer of my information to the United States for processing to provide me with relevant information as described in our Privacy Policy.
Please check the box if you want to proceed.
- I agree to my information being processed by TechTarget and its Partners to contact me via phone, email, or other means regarding information relevant to my professional interests. I may unsubscribe at any time.
Please check the box if you want to proceed.

Deploying DLP technology needs hands-on approach

Using DLP software to comply with HIPAA policies

Encryption capabilities and DLP integration are occurring more than ever. Some DLP products can respond to a rule violation by encrypting data at rest or in transit, which means administrators must have decryption capabilities and key management practices in place. A common example might be terminating SSL traffic for inline sensors, performing DLP inspection and then re-establishing the encrypted tunnel. Host-based DLP products may need to integrate with existing full-disk and file/folder encryption software running on laptops and other systems, as well.

A DLP encryption integration effort can be effectively used to enhance and strengthen security policies for sensitive data types in addition to traditional blocking and enforcement actions. For example, a user who accidentally sends a spreadsheet attached to an email unencrypted could have the data or traffic automatically encrypted by the DLP encryption engine. Key elements of encryption to look for include key strength and algorithms available, integration capabilities with existing encryption software or hardware, and ease of implementation and management. Key management and recovery for large organizations can be complicated, and this doesn't change for DLP-based encryption.

Read more about selecting from DLP products in our guide.

About the author
Dave Shackleford is founder and principal consultant with Voodoo Security; a SANS analyst, instructor and course author; and a GIAC technical director. He has consulted with hundreds of organizations in the areas of security, regulatory compliance, and network architecture and engineering. He is a VMware vExpert, has extensive experience designing and configuring secure virtualized infrastructures, and is the lead author of a SANS Virtualization Security Fundamentals course. He has previously worked as chief security officer for Configuresoft; chief technology officer for the Center for Internet Security; and security architect, analyst and manager for several Fortune 500 companies. Additionally, Dave is the co-author of Hands-On Information Security from Course Technology.

This was last published in April 2013

Dig Deeper on Data loss prevention technology

All
News
Get Started
Evaluate
Manage
Problem Solve

More on data loss prevention products

Read more about selecting from DLP products in our guide.

Related Resources

Dig Deeper on Data loss prevention technology

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.