Speaking at this year’s FSI Executive Summit
in Las Vegas, Steve Roop, Senior Director of Data Loss Prevention at Symantec, got his audience’s attention right off the bat when he asked, “Did you know that 96% of data leaks are accidental?”
Roop went on to say that whereas securing the network from hackers was the #1 data security priority as recently as a few years ago, today the real threat stems from faulty business processes and employee oversight.
“That’s why an estimated 215 million records have been breached just since 2005, and no one is immune,” he said.
Citing Symantec estimates, Roop said that one out of every 50 network files is wrongly exposed, one out of every 400 emails contains confidential information, and that four out of five companies have lost data on laptops.
Today, with organizations everywhere relying on high-speed networks and mobile devices to increase the productivity of their workforce, information can be easily shared and accessed by employees, partners, consultants, and outsourcers.
At the same time, breaches of personal data have reached epidemic proportions. The Identity Theft Resource Center recently reported that the number of breaches in 2008, as of August, had already surpassed the total breaches reported in 2007.
Given the nature of the current threat landscape, what should companies be doing to prevent the loss of their confidential data? Read on to learn how Data Loss Prevention enables organizations to discover, monitor, and protect their confidential data wherever it is stored or used.
It’s becoming clearer every day: the loss of confidential data can be devastating to a company. Symantec estimates the costs of a data breach can reach up to more than $6 million per incident
. But the costs don’t stop there. How do you put a price tag on a damaged reputation? Symantec estimates that companies incurring a data breach experience a significant increase in customer turnover—as much as 11%. And what about the loss of intellectual property? All of these considerations have contributed to the growing interest in Data Loss Prevention, or DLP.
Rich Mogull, founder of Securosis and a former security analyst at Gartner Inc., has defined DLP as “a class of products that, based on central policies, identify, monitor and protect data at rest, in motion and in use, through deep content analysis.” Fundamentally, DLP provides answers to three key questions:
- Where is your confidential data?
- How is it being used?
- How do you prevent data loss?
These kinds of questions can’t be answered by traditional security solutions. That’s because those solutions are focused on keeping the bad guys out of the network, not on the problem of data loss. In contrast, DLP concentrates on protecting the data itself from wrongful exposure wherever it’s stored or used – across endpoint, network, and storage systems.
Specifically, DLP requires companies to do the following:
- Discover: Find confidential data wherever it is stored, create an inventory of sensitive data, and automatically manage data cleanup.
- Monitor: Understand how confidential data is being used, whether the user is on or off the corporate network, and gain enterprise visibility.
- Protect: Automatically enforce security policies to proactively secure data and prevent confidential data from leaving an organization.
Symantec Data Loss Prevention provides comprehensive coverage across endpoint, network, and storage systems through a single interface. This unified approach enables organizations to write a policy once and automatically enforce it throughout the enterprise. Key areas of improvement in version 9.0 of the software include broader coverage of endpoints, simplified management, and advances in data discovery.
Endpoint coverage Symantec Data Loss Prevention 9.0 discovers confidential information on all endpoints. It also prevents data from exiting an endpoint through network activity, such as emails, HTTP/S postings, or instant messages. In addition, the latest version monitors and prevents sensitive information from being copied and pasted to a local drive and stops such information from being electronically printed or faxed.
Simplified management Symantec Data Loss Prevention 9.0 helps companies simplify endpoint DLP management by embedding Symantec’s agent management technology, allowing companies to continuously discover new endpoint assets, automatically deploy agents, and troubleshoot endpoint agents.
Advanced data discovery Symantec Data Loss Prevention 9.0 enables companies to quickly identify data repositories that contain confidential data, assess the risk posed by confidential data stored in PST files, and automatically identify owners of confidential data (which is key when it comes to managing the cleanup of scattered, sensitive files).
Breaches of confidential data have reached epidemic proportions. The loss of such data represents a significant risk for every company, in every industry, everywhere around the globe.
However, as the number of data breaches continues to rise, so too does the awareness of the value of data loss prevention. Traditional security measures do not address the fundamental questions about where confidential data is stored, how it is used, and how best to prevent its loss. DLP is finally a solution that focuses on protecting the data itself.
Symantec helps organizations prevent the loss of confidential data wherever it is stored or being used and enables businesses to find and protect exposed confidential data across the entire enterprise. Ultimately, Symantec Data Loss Prevention allows organizations to be confident that their most important asset – their confidential data – stays safely within their control.