With all the buzz around the exposure of significant amounts of confidential data on the WikiLeaks web site the past few months, attention has been rising on the role of Data Loss Prevention (DLP) to help protect information.
Especially for small and medium businesses, the focus is on giving employees the access to everything they need to get work done. Access security is baked into operating systems and networks with things like accounts, groups, and firewalls, but the facts for small and mediums businesses are 1) employees have to be generalists so most employees have access to most everything, 2) access management and monitoring get little, if any, attention, and 3) emphasis is on getting the job done, but most employees have no idea of the exposures they are causing by using common tools (e.g., email) to transfer confidential information.
With all these limitations working against good protection of information, it's even more important for small to medium businesses to implement Data Loss Prevention systems. DLP can help train employees to use better practices for protecting information by responding to well-intentioned but dangerous activities with "sorry, this was blocked" responses, and DLP can help prevent malicious exposures too. All this can help avoid a "WikiLeaks" moment that can really harm a business.
No comments:
Post a Comment