Data loss prevention (DLP) reduces the risk that employees, third parties, or others will share sensitive information outside of an organization’s network. It helps to prevent the loss, misuse, or unauthorized access of confidential data that could compromise an organization, its employees, or its customers.
Terms related to Data Loss Prevention: Encryption, data security, identity management, identity theft, data breach, data leak prevention, information loss prevention.
Data loss prevention can refer to both a policy/process for preventing users from sharing information outside the network, or to software tools designed to prevent unauthorized data sharing. Typically, a DLP tool will analyze various aspects of an organization’s information to determine how important and sensitive it is. It will then use those and other factors, combined with business rules to determine if the information can be shared, and the most appropriate ways of doing so.
A DLP tool can alert relevant stakeholders when information is extracted and shared, encrypt information as needed, and provide audit trails of data, linked to specific users.
DLP can monitor public websites, endpoints, internal company data, requests for access, data integrations between systems, and cloud data to identify and prevent problematic activities. PCI DSS, HIPAA, and other regulations will also require that sensitive information is protected and encrypted wherever possible.
The main benefits of DLP include protecting personal information, securing against identity theft, protecting important intellectual property, and providing visibility into how data is accessed and used.