I’ve been hearing and reading about a lot of interesting comments made by various info sec professionals regarding whether or not DLP or anti-virus has outlived its usefulness. Believe it or not, both of these important technologies are still viable protection mechanisms that must continue to be evolved. Both are relevant especially in today’s fast-paced information and malware flows and attacks.
With Data Loss Prevention, you get a thorough understanding where your sensitive data (including Intellectual Property) is throughout your environment, being able to put it back where it belongs, and preventing it from moving to where you don’t want it. But, the real value is in the intelligence you’ve gained from that effort.
As security professionals we often complain about how the business doesn’t get involved in security, they don’t understand why they need security or they’re just see it as a roadblock to their success. Most of the time it’s because we don’t talk their language or put things in business terms that help them to see they have more skin in the game than they realize.
Being armed with the knowledge of where their sensitive data is, where it’s flowing to, and who has access to it and engaging in a conversation about what the risks are to their business because of this knowledge is a very different conversation than, “You need to provide authentication and access control to your data because bad guys can get their hands on it!”
Business folks actually appreciate a dialog about the risks to their data especially if you’re able to put it into the context of how it will impact the success or potential failure of their business. I’ll grant you it’s not an “overnight” phenomena where business folks all of a sudden “get it”, but it gives you an avenue of approach that has you (the security professional) act and converse as a business person, eventually becoming someone to trust rather than ignore or run from.
In Part 2, I’ll continue this discussion regarding anti-virus technologies…