DLP-Systems and Human Factor
27.09.2021
The main reason for confidential information leaks is the human factor. 95% of cases occurred due to carelessness, sluggishness or malicious intent of the company's employees. A person is the weakest element in a data protection system by information security experts. Therefore, to prevent human errors and violations special software solutions are needed.
Currently on the market you can find systems that allow you to control almost all communication channels of information exchange, as well as serve the process of investigating computer crimes. The development of DLP systems and changing requirements for them also determine changes in the company's information security system.
The principle of work of a work space and control over the performance of work duties by corporate employees should be provided by employees outside the usual framework. To remain competitive, a DLP system needs to be able to handle large amounts of data and effectively protect it. In this article, we are talking about the main aspects of using DLP and the human factor.
Is DLP about prevention or detection?
Just a few years ago, by the presence / absence of mechanisms for blocking data transmission channels it was possible to distinguish software solutions of foreign systems, which gave priority to preventing leaks, and domestic ones, which focus on the functionality of the system and monitoring of information security processes.
Currently, the DLP market has advanced a lot, modern systems do not have a focus shift towards prevention or detection, all processes work in an integrated and automatic manner. A key aspect of the successful functioning of DLP systems is a set of measures for inventorying and classifying data. Inventory - to organize the locations of information assets, classification - to identify and protect the most valuable of them.
Modern DLP systems have learned how to prevent leaks even at the planning stage, detecting non-standard user behavior, then sending a signal about the incident to the security service. The company's information security service is an integral part of reliable data protection. It is through the security service that all suspicious data and incidents go through, so we can say that this is the organization's rapid response team.
To minimize the likelihood of error due to the human factor, information security companies should be dealt with exclusively qualified specialists who are well versed both in the mechanisms of the DLP system and in information security trends in general.
DLP system mobility
Of course, the DLP system is not the main mean of monitoring the work of mobile employees, although the development of the functionality of such systems is interesting to the market. DLP can already control employees' mobile devices, but only connected to work computers, and a number of DLP systems offer special modules for controlling gadgets, in addition to a work PC.
The main task in protecting data from leaks through mobile devices is to intelligently distinguish between corporate and personal information on devices. The issue of control of mobile employees should be provided in various aspects: where mobile access to corporate data is used, where it is stored, at what time an employee has access to information.
For example, with full remote access to corporate data in real time, it makes no practical sense to allow data transfer to personal mobile devices; it is best to provide access to data through a terminal session, when data is stored and processed strictly in a corporate environment. With this approach, it is necessary to take into account the ability of the DLP system to control the transfer of data not only to remote devices, but also to peripheral devices.
For example, Falcongaze's SecureTower provides complete control of all connected devices and all other communication channels:
- network and local printers;
- USB devices;
- FTP;
- IP telephony;
- clipboard;
- messengers;
- network storages;
- Email;
- visited sites;
- social networks.
Thus, the DLP system can ensure that the user's transmission of restricted data is strictly within the corporate environment, and potentially confidential data does not get to the personal part of the personal computer.