Data Loss Prevention

Preventing your data from loss or falling into the wrong hands should be a key part of your IT strategy … and day-to-day housekeeping. The consequences of such events can include breaches of confidentiality, non-compliance penalties, espionage, financial losses (to your business, employees and customers) and compromised reputation.

The risks

• Theft, inadvertent loss or unauthorised replication of data on portable devices (such as laptops, tablets, smartphones and USB-connected devices).
• Data being inappropriately emailed.
• Data being inappropriately uploaded to a website, ftp site or cloud-based storage.
• Data being inappropriately printed.
• Data being removed from the company on a CD or DVD.
• Illicit removal and potential use, passing on or sale of data by departing or corrupt employees or those bearing a grudge.

Protect your data

There are a number of methods that you can use to protect your data:

• Conduct a risk analysis by reviewing the information stored on the company network, in the cloud and on individual devices, who has access to it and the consequences of its loss.
• Establish document classification in order to identify categories of confidentiality.
• Control who has access to what data by setting access levels.
• Establish and enforce clear policies about what employees can do with confidential or business-critical data. Educate the workforce.
• Educate staff on diligence about data access authorisation and email recipient and cc lists.
• Ban or restrict the use of portable devices.
• Disable USB ports by either electronic or physical means.
• Establish a clear BYoD (Bring Your Own Device) policy.
• Encrypt corporate data.
• Consider purchasing a commercial Data Loss Prevention solution.