Conventional DLP – Why This is No Longer Enough
Whether for policy compliance or simply to protect customer data, legal documents and intellectual property, organizations today are challenged with effectively addressing data loss without impeding employee productivity or overloading IT staff. DLP technology has evolved and improved over time, but it is ultimately ineffective in understanding user intentions. With conventional DLP applications, there was no way to tell the difference between a well-intentioned marketing department staffer uploading a PDF to Dropbox or Google Drive from a disgruntled finance department employee emailing sensitive cash flow data to a competitor organization. What’s even more difficult has been trying to protect sensitive data without the long deployments, painful administration and high costs often associated with traditional DLP products.
Data In Motion, Data at Rest – Defining the Nature of the DLP Challenge
The success of any business venture depends largely on the ability to share information across teams and between critical stakeholders. It’s an imperative that can often come into direct conflict with privacy regulations and policy prescriptions, or having sensitive business data fall into the wrong hands. As such, protecting sensitive business content is a problem of speed and volume. Any effective data loss prevention solution needs to be built for scalability, performance and high availability, with core capabilities including the following:
- Distributed, parallel content discovery that locates content at rest across thousands of workstations in hours, not days.
- Activity monitoring that tracks and controls any type or format of sensitive information in motion, such as e-mail, web browsing and file sharing services.
- Processing approaches that require only light compute loads and minimize network traffic.
- Network monitoring that’s tuned for gigabit capture and analysis speeds across multiple protocols.
- Automatic failover that ensures the system is running and your organization’s content is protected 24/7/365.
A Smarter Approach to DLP
Today’s most effective data loss prevention solutions combine technology and processes. Blunt force detection algorithms integrated with blocking capabilities are no longer effective. What’s needed now are DLP approaches that a) help businesses to pre-emptively protect sensitive information from unintentional loss, b) educate users on proper data handling policies, and c) empowers them to remediate incidents in real-time. This is exactly how the Check Point Data Loss Prevention Software Blade functions. The innovative MultiSpect™ data classification solution combines user, content and process information to make accurate decisions, while UserCheck™ technology empowers users to remediate incidents in real time. Check Point’s self-educating network-based DLP solution frees IT/security personnel from incident handling, while educating users on proper data handling policies. The result is that sensitive corporate information is fully protected from both intentional and unintentional loss.
Check Point UserCheck
Check Point UserCheck empowers users to remediate incidents in real time. When a suspected breach occurs, the user is alerted immediately, allowing for instant remediation or quick authorization of legitimate communications. UserCheck empowers users to self-administer incident handling, with options to send, discard or review the issue, improving security by raising awareness of data use policies. Real-time notification based either on a pop-up from a thin agent or via a dedicated email sent to end user (no need to install an agent). Organizations benefit from full prevention, enabling a practical move from detection to prevention. Moreover, as a self-educating system, the Check Point solution doesn’t require IT / security personnel to become involved in incident handling while educating the users on proper data sharing policies.
Feedback