Thursday, December 16th, 2021
The Importance of Data Discovery and Classification for Data Loss Prevention
A Data Loss Prevention (DLP) solution consists of tools and processes to help secure an organisation’s sensitive information from data loss and data leakage. A DLP software can help prevent data breaches by protecting critical information from unauthorised access or illicit transfer of data outside the organisation. For example, financial data, intellectual property or personally identifiable information. As such, a DLP can help organisations comply with regulations such as the EU GDPR or HIPAA.
There are two key steps that should be carried out to implement effective data loss prevention: Data Discovery and Data Classification.
Before classifying your data, it is important to carry out a data discovery phase. This involves identifying what data is held and processed within the organisation, where that data resides and who would need access to the different types of data. This is a crucial step to help the organisation gain full visibility and awareness of their data estate. After all, how can you protect something that you do not know exists?
It is then important to classify the organisation’s data to help create effective rules for the data loss prevention software.
This can be done through the following:
- Regulatory Requirements (e.g., GDPR, HIPAA, PCI);
- Level of Data Sensitivity (e.g., Public, Confidential and Internal Use Only).
Identifying and labelling sensitive information can ensure that they are stored in secure locations and that the appropriate level of access for each user account is given. It also helps to enforce the principle of least privilege. For example, by ensuring that user accounts in the marketing department do not have access to sensitive financial data.
We recommend defining, implementing and communicating a Data Classification Policy to provide employees with a clear guideline of how to classify the data that’s handled within the organisation. This policy should define the classification levels used, and outline the rules for how to handle each classification level. For instance, to ensure that files labelled as “Internal Use Only” are not sent to anyone outside of the organisation.
It is also crucial that the data is classified correctly and accurately to help minimise the rate of false-positive and false-negative results in the DLP.
Without classification, a data loss prevention tool alone does not understand the nuances of certain information or the full context of a document.
A classification tool such as Getvisibility’s Synergy Pro can help provide strong classification accuracy by using AI and ML to classify files in real-time. The use of AI and ML proprietary technology helps make sure that the data is classified correctly and mitigates against decision fatigue.
It is important to ensure that your DLP works correctly in order to prevent a data breach.
The recent IBM Data Breach Report 2021 highlights the increased threat of data breaches. IBM found that remote working has increased the average cost of a data breach by $1.07 million. The average total cost of a breach has also increased by 10% this year compared to 2020, which is the largest single-year cost increase within the past seven years.
Author: Mae Patlong, Information Security Consultant, Smarttech247