+375 (17) 311-10-14
+375 (17) 311-10-14
Try for free
Try for free
+375 (17) 311-10-14
    25.11.2019

    How to choose a DLP system?

    How much profit do you lose on the fact that your employees divulge confidential information about your company? How many of them store sensitive documents in cloud storage or on insecure USB sticks? No one is safe from errors, but DLP systems exist to prevent them.

    In a broad sense, the DLP system controls everything, creating a secure digital «circuit» of your organization’s internal network. Now, the protection of trade secrets is only one of the tasks set for DLP. Today, data leak prevention systems offer complete protection for your business from internal threats. It is understood that the software will not only help to accurately identify the source of the information drain and block it in time, but also to understand the causes of the incident by putting together a chain of previous events.

    However, DLP is not an evidence collector, as it may seem, but rather a «mirror» that reflects all the processes and conditions of your organization. Control occurs by filtering and analyzing data intercepted from the corporate network. For this, agents are used, duplication of packets from one port of a network switch to another and integration with a corporate mail and proxy server. There is an opinion that agent interception is the most effective method of controlling information flows. Let's take a closer look.

    How does agent interception work?

    Pre-installed agents on each individual computer intercept all incoming and outgoing traffic, creating a single informational stream, carefully analyzed by the system in accordance with a given security policy. Agents can work both openly and in stealth, and the whole process can be compared with a conveyor belt, where the operator in real time rejects products, snatching them from the general flow of data. The system will respond to attempts by employees to bring information beyond the corporate network.

    Which DLP system should I prefer?

    When you choose a DLP system, pay attention to 6 principles:

    • how many communication channels а product can control;
    • reliability and speed of the system,
    • analytical capabilities of software,
    • qualification and efficiency of technical support,
    • vendor reliability
    • and cost of system ownership.

    Principle 1 - control of information flows

    The more communication channels the DLP system can control, the more valuable it is, so you need to understand exactly which of your employees use them for personal and corporate purposes. Integrated solutions in the field of information security control the reception and transmission of traffic of almost all email clients, such as «MS Outlook», «Thunderbird», «The Bat!», Including accounts in external mail services (gmail.com or mail.ru). They intercept text and voice messages of all modern instant messengers (Telegram, Viber, Skype or SIP), correspondence in social networks. In addition, files transferred to USB-drives, documents sent to print, web page traffic and so on.

    Principle 2 - reliability and speed of the system

    DLP should work in any networks without overloading them. A drop in the «speed» of the computer will cause suspicions among employees. The system should run smoothly in geographically remote networks on any number of computers. Pay attention to the support of mobile workstations, such as laptops and netbooks. The agent in offline mode must remove the same data as in stationary computers, and, after connecting the device to the corporate network, send the collected archive to the server.

    Principle 3 - Product Analytical Capabilities

    A DLP system must be able to:

    • content (searches for specific words or phrases provided by the thematic dictionary),
    • statistical (the number of sites visited, copied via USB files, etc.),
    • event (launch of the application, transfer of the encrypted archive)
    • and attributive (allows you to take into account the unique attributes of files, documents and devices) analysis.

    In addition to them, the function of monitoring the employee’s network activity at the workplace is «embedded» in modern systems. In other words, you will be able to evaluate the effectiveness of employees using their working time and adjust the load. DLP becomes your HR consultant. It will provide you with a convenient systematic report on violations of labor discipline in general and for each individual employee in particular, even awarding the employee a risk factor. Often, DLP has an incident investigation function. You will be able to create a dossier for violators and collect the maximum information about incidents before responding appropriately. As a package of evidence, the system will provide a chronology of the employee’s actions at the workplace, his letters, correspondence in instant messengers, screenshots and webcam recording.

    Principle 4 - qualification and efficiency of technical support

    When purchasing a product, you should not be alone with the program. The task of technical support is to help in the implementation of the DLP system in the network of your company and quickly eliminate the difficulties that arise, improving the functionality upon request of the customer. Good tech support is required to understand the nuances of information security better than you do. Pay attention to how deeply experts understand the architecture of operating systems, the principles of protection and networking.

    Principle 5 - vendor reliability

    The difficulty is, when you first acquainted with the company, you can evaluate the vendor's reliability only by indirect signs: the number of offices, the technical staff, and the number of licenses. In addition, the manufacturer must have licenses for the technical protection of confidential information, the development and production of CIPS (confidential information protection systems).

    Principle 6 - Cost of system ownership

    It includes both the cost of the system itself and technical support. Correct DLPs are assembled on a modular basis, that is, as a kit, and the price may vary depending on the number of modules purchased, communication channels that you intend to control (or not control). After the system is configured, monitoring and analytical functions will fall on it, which will significantly save your money. This means that your business will require fewer security officers to oversee staff.

    How to choose the best DLP system?

    Choosing a Data Leak Prevention System is not a fast process. However, it should be understood that the time spent on finding the best DLP system that is right for your business would fully pay off in the future. When familiarizing yourself with vendors, compare the functionality of the products they offer.

    • Make a clear technical task with a list of all communication channels that you want to control. Remember that modern DLPs, as a rule, have a modular structure, that is, they are assembled as a constructor from the required control options. DLP should never overload the system. Compare the offers of suppliers; determine how they will be useful to your business.
    • Test software features as much as you need at the maximum number of workstations. Do not focus on a specific list of functions. Your task during this period is to understand how organically DLP has been introduced into the network of your organization and how effectively it controls information flows.
    • Pay attention to the security and stress resistance of the system. Obviously, application security must be organized in such a way that an employee cannot remove it from the workstation. Burden DLP as soon as possible. Email newsletters from unknown sources, «merge» confidential documents, use «forbidden» words in the dictionary in controlled correspondence (such as: «salary», «customer base», «expenses», etc.). One unrecognized violation is enough to render the whole system useless.
    • Do not refuse technical support services (especially since its participation in the life of your business was initially laid down in the bill). Check its efficiency, how deeply versed in safety issues, the qualifications of personnel. In the end, if something goes wrong, you will have to communicate with the support staff.

    Get DLP, keep up with the times and do not worry about the information security of your business.

    Important publications

    Falcongaze SecureTower 6.5 - better control, stronger protection
    Falcongaze SecureTower 6.5 - better control, stronger protection
    Falcongaze, a developer of data breach protection and personnel control software, has released the first of two planned updates to its SecureTower system this year.
    Falcongaze SecureTower version 6.4
    Falcongaze SecureTower version 6.4
    Falcongaze has released a new version of its DLP-system SecureTower which is aimed to protect companies from data leaks and insider activity.
    What is UBA?
    What is UBA?
    Information security incidents carry great financial and reputational risk for companies. Foreseeing the future is not easy, it’s quite more efficient to build a forecast based on analytics. Falcongaze experts explain how UBA technology works and how it will help to solve this problem.
    What is DLP systems?
    What is DLP systems?
    Data Leak Prevention is a specialized software, which protects organization against data loss. This technology grants both blocking of confidential information transfer through various data channels and monitoring employee activity. Therefore it allows to find vulnerabilities beforehand
    Security review: top 5 best & popular email services for 2019
    Security review: top 5 best & popular email services for 2019
    Falcongaze Analytical Center has already made some researches concerning cybersecurity predictions for 2019 and now is ready to present a top for emails. Not just about their technical details but life cycle including scandals and protective qualities.
    DLP implementation: mispractice vs. wise adjustment
    DLP implementation: mispractice vs. wise adjustment
    DLP systems out of the whole number of information security tools get most highlight. They are expected to become a solution to all threats. However, mispractice lower the image of such systems so some may think that DLP is useless.
    Fighting Corruption in the Company
    Fighting Corruption in the Company
    Corruption is a malicious activity affecting many companies. As a rule, it is about abuse of trust. The cause is that the employees have access to assets along with the ability to make a crime without punishment.
    GDPR: New European regulation in the field of personal data protection
    GDPR: New European regulation in the field of personal data protection
    In accordance with the European Commission's data protection regulation (GDPR), which will come into force on May 25, 2018, any organization – regardless of its own location – which contains personal data of the European Union citizens will be responsible for its safety.
    Falcongaze developers created a technology for WhatsApp interception
    Falcongaze developers created a technology for WhatsApp interception
    Falcongaze Company, which has already rolled out the technology for interception of communication and file sharing via Telegram Messenger earlier this year, now announces the replenishment of the messengers under control line. The new version of comprehensive information security platform SecureTower will be complemented by a technology allowing to intercept communication in the WhatsApp messenger, which hit second place in the ranking of Falcongaze Analytics Center
    Falcongaze developed functional to control Telegram
    Falcongaze developed functional to control Telegram
    Falcongaze, vendor of information security, workflow monitoring and optimization products, announces Telegram Messenger under control in the latest version of SecureTower. SecureTower is a comprehensive information security and risk management platform.
    Convenience & security: rating of the most secure popular messengers
    Convenience & security: rating of the most secure popular messengers
    Today messengers rightfully occupy a worthy place among the most used office software and tools for business communication. Every company determines what software should be used by staff to keep in touch with colleagues, partners and customers, and sometimes allows employees to make these choices on their own. In addition to user-friendliness, today, when video cameras, wireless mice, fitness trackers, smart cars and even toilets can be easily hacked, the security of communication tools comes to the fore.
    Show more

    The SecureTower DLP system

    • Protection against data leaks caused by employees
    • Control of employees' work on computers
    • Identification of potentially dangerous employees (risk analysis)