Everything You Need To Know About Data Leakage Protection

1
Data Leakage Protection

• Everything You Need To Know About

2
INTRODUCTION

• In recent times, a data breach has become a
  constant headliner in the newspapers and on T.V.
  
• We can witness this rising trend affecting all
  corporations whether big or small.
• The key to catching stopping this malicious
  threat is to nip it in the bud.
• All the events that could lead to a data breach,
  need to be identified and remedied.

3
(No Transcript)
4

• It is important to develop a systematic and
  effective data leakage protection solution to
  protect the organization's digital assets from
  cybercriminals.
• Cybercriminals mainly target PII, also known as
  Personally Identifiable Information.
• This includes information like names, financial
  details, and contact information.

5
(No Transcript)
6

• Data leaks can be classified into 4 major
  categories -
• Company information
• Analytics
• Customer information
• Trade secrets
• There are certain steps of data leakage
  protection that can be adopted by organizations
  to prevent sensitive information from reaching
  the wrong hands.

7
(No Transcript)
8
Identifying all forms
of sensitive data

• The first step that needs to be taken with regard
  to protecting data is identifying the sensitive
  data that needs to be protected.

9

• After identifying the data, it should be
  classified into categories like Protective Health
  Information.
• Based on this, an organization can adopt and
  implement the most suited information leakage
  protection program.

10
Evaluating risk from third parties

• All major organizations have a tie-up with a huge
  list of vendors.
• It is vital that a regular vendor-risk assessment
  is done to ensure that they are complying with
  regulatory standards like PCI-DSS or HIPAA.
• Usually, cyber research analysts take over this
  task, especially in cases where there is a vast
  third-party network involved.

11
Encrypting data

• All forms of critical data should be encrypted.
• This prevents cybercriminals from exploiting the
  data.
• For example with the use of Encrypting File
  System (EFS), unauthorized users may be able to
  gain access to a device but will not be able to
  view a files content.

12
Monitoring network accesses

• It would be a wise security measure to monitor
  corporate network traffic on a regular basis.
• Usually, cybercriminals do reconnaissance before
  attacking a network.
• This is done to help them identify the data
  defenses they need to tackle while attacking the
  network.
• These security vulnerabilities can be detected
  easily through proper monitoring practices.

13
Evaluating permissions

• Often an organization allows easy access of
  confidential data to unauthorized users.
• The first step here is to evaluate permissions
  granted to users.
• Once this is done, all the important data can be
  classified into different levels of sensitivity.
• Only specific authorized users should be granted
  access to certain pools of data.

14
CONCLUSION

• Cybercriminals are using all the tactics
  available to infiltrate and misuse sensitive
  information.
• In the ever-evolving cyber security landscape,
  there is no room for complacency.
• Based on the above, the need for implementing a
  strong data protection program cannot be stressed
  any further.
• An organization that lacks an effective data
  leakage detection solution can incur not just
  financial losses but may also end up tarnishing
  its image as a trusted provider of products and
  services.