SmallBizResource Blog -- Networking & Communications
Best Practices For Data Protection
Managing data is one of those daily tasks that’s never going to go away, or get any easier. Just one data theft or loss can hit a small business hard—-from damaging a company's reputation to losing customers.
But there are some good best practices you can put in place to reduce risk.
Whether it's email, instant messaging, Web mail, a form on a website, or file transfer, most electronic communications exiting a company are uncontrolled and unmonitored –- not a good situation.
A new report, “Data Loss Prevention Best Practices, Managing Sensitive Data in the Enterprise,” from IronPort Systems outlines tips that organizations can employ to help prevent leaks, enforce compliance, and protect its brand value and reputation.
“When it comes to DLP, the heart of the matter is uncontrolled communications,” explains Tom Gillis, SVP of Marketing at IronPort Systems. “Electronic communications and data in motion is the most significant data loss vector in the enterprise today. Current firewall and other network security solutions do not include data loss prevention capabilities to secure data in motion. Important controls, such as content scanning, blocking of communications containing sensitive data and encryption, are missing.”
Here's what to do:
1: Take Time to Define DLP Needs
The critical first step toward addressing the data loss problem is to develop a comprehensive understanding and inventory of the types of sensitive data that exist within the organization and what policies are needed to control and enforce how that data can be shared. To do this, organizations need to review the extent to which their company or agency is affected by regulatory compliance, intellectual property protection and appropriate use enforcement.
2: Prioritize the DLP Focus
Focusing first on the most significant DLP areas - those that represent the greatest potential loss vectors - makes it easier to justify solutions and get started on plugging the leaks.
3: Ensure Effective, Comprehensive Coverage
Overall, a DLP solution must comprehensively detect attempted policy violations. This includes:
• Multi-protocol monitoring and prevention
• Content-level analysis of all major file and attachment types
• Selective blocking and/or quarantining of messages
• Automatic enforcement of corporate encryption policies
4: Make the Solution Unobtrusive
The best DLP solution is non-intrusive. Overcoming the challenges of maintaining effective communications (while ensuring management and control of customer and sensitive information) requires: well thought out policies; and processes for monitoring communications content. Organizations should select a DLP solution for email and Web applications that can manage ever-increasing message volumes and handle future bandwidth requirements.
5: Look for Work Flow, Administration and Reporting
A DLP solution cannot be effective without detailed reports of all suspected violations. Administrators and policy officers should have the ability to receive reports outlining detected violations and providing in-depth information to enable them to take action. These details include: the message sender, contents, attachments, intended recipients and information about the violating content.
6: Combine Best-of-Breed Solutions
Companies should avoid selecting a DLP solution that inhibits them from integration in the future. As the industry evolves, it will be crucial to have the flexibility and support to take full advantage of future third-party solutions through connectivity and data sharing.
This is a public forum. CMP Media and its affiliates are not responsible for and do not control what is posted herein. CMP Media makes no warranties or guarantees concerning any advice dispensed by its staff members or readers.
Community standards in this comment area do not permit hate language, excessive profanity, or other patently offensive language. Please be aware that all information posted to this comment area becomes the property of CMP Media LLC and may be edited and republished in print or electronic format as outlined in CMP Media's Terms of Service.
Important Note: This comment area is NOT intended for commercial messages or solicitations of business.
| Latest InformationWeek SMB Features for Small Biz |
| Exclusive Research for Small Biz |
Explore the Small Business Resource Blog
Topics
- AMD Sponsored Blog Post
- Business Know-How
- Customer Service
- Economy
- Freelancing
- Government
- Green
- Hardware
- Imaging How-To
- Internet
- Marketing
- Mobility
- Networking & Communications
- Productivity
- Research
- Retail
- Security
- Server How-To
- SmallBizResource
- Software
- Startups
- Storage
- Women in Business
Blog Roll
- All Things Digital
- BizWomen
- bMighty.com
- Business Know-How
- Cool Business Ideas
- Digital Download
- Duct Tape Marketing
- Entrepreneur.com Daily Dose
- The Entrepreneurial Mind
- Escape from Cubicle Nation
- Freelance Switch
- Guy Kawasaki
- InformationWeek
- New York Enterprise Report Blog
- Practically Speaking, The New York Times
- Seth Godin
- Shifting Careers, The New York Times
- Smallbiztechnology.com
- Small Biz Trends
- Tech Crunch
- USA Today Technology Live
Blog Archives
- February 2010
- August 2009
- July 2009
- June 2009
- May 2009
- April 2009
- March 2009
- February 2009
- January 2009
- December 2008
- November 2008
- October 2008
- September 2008
- August 2008
- July 2008
- June 2008
- May 2008
- April 2008
- March 2008
- February 2008
- January 2008
- December 2007
- November 2007
- October 2007
- September 2007
- August 2007
| A QUICK UPDATE FOR OUR VISITORS | |
|
