The Data Loss Prevention that works

Our Client who is operating within the financial services market had challenges controlling the use and sharing of personal related data outside the company perimeter. What was needed most was visibility along with automated controls.
When it is hard to hire skilled security professionals many companies dealing with personal data, opt to implement mediocre controls for data usage.

At the end it always comes to the point where “You cannot control what you cannot see”.

While reviewing the requirements of the group HQ we managed to identify that the control policies the group entity was requesting were lacking particular vision about personal data storage, identification and automation of controls.

First we managed to convince our customer that personal data controls should not be focused on personal data in general but on personal data that is stored and managed by the company in particular.

We identified those data sources within the company that were most common and contained the personal data in scope. We created a strategy on how to utilize these within DLP’s data indexing and exact matching policies.

We adapted thresholds for data breach detection and configured response rules that precisely recorded or blocked events matching our threshold criteria.

We focused on the implementation of indexing and exact data matching policies rather than regex validation, which by the way we still used for very particular and limited scope use cases.

We implemented automated controls on all channels: email, web, endpoint removable media, printing.

Even direct admin login to email servers was identified as a potential data breach vector and control measures were implemented at full scope.

Automated visibility and control was achieved for thousands of customer’s endpoints.