What is Data loss prevention (DLP)
Data loss prevention (DLP) — sometimes referred to as data leak prevention, information loss prevention, and extrusion prevention — is a strategy for preventing individuals from accessing sensitive information who do not need it. It also ensures that employees do not send sensitive or critical information outside the corporate network.
Standard measures
Standard security measures, such as firewalls, intrusion detection systems (IDSs), and antivirus software, are commonly available products that guard computers against outsider and insider attacks. The use of a firewall, for example, prevents the access of outsiders to the internal network and an intrusion detection system detects intrusion attempts by outsiders. Inside attacks can be averted through antivirus scans that detect Trojan horses that send confidential information, and by the use of thin clients that operate in a client-server architecture with no personal or sensitive data stored on a client device.
Advanced measures
Advanced security measures employ machine learning and temporal reasoning algorithms to detect abnormal access to data (e.g., databases or information retrieval systems) or abnormal email exchange, honeypots for detecting authorized personnel with malicious intentions, and activity-based verification (e.g., recognition of keystroke dynamics) and user activity monitoring for detecting abnormal data access.
Designated DLP
Designated systems detect and prevent unauthorized attempts to copy or send sensitive data, intentionally or unintentionally, mainly by personnel who are authorized to access the sensitive information. To classify certain information as sensitive, these use mechanisms, such as exact data matching, structured data fingerprinting, statistical methods, rule, and regular expression matching, published lexicons, conceptual definitions, keywords, and contextual information such as the source of the data.
How Libraesva can help
With Libraesva ESG you can define complex rules to analyze the content of messages and verify their compliance with corporate policies.
Each rule has its score so the message will have, as is the case for anti-spam checks, a total score calculated by adding single rules scores that have been activated by MCP analysis, defined as MCP score.