Data loss prevention definition
Data loss prevention (DLP) is a strategy for protecting sensitive data from being lost, stolen, or exposed to unauthorized users. DLP solutions are designed to identify, monitor, and protect data while it is used, stored, or transferred. DLP helps prevent data breaches, both accidental and intentional, by implementing a combination of policies, procedures, and technologies.
See also: data administration, data availability, data backup, data breach
Data loss prevention types
Organizations may choose to use one or more of these DLP types to create a comprehensive data protection strategy that meets their specific needs and regulatory requirements:
- Network DLP. This type of DLP solution monitors data in motion across a network, like emails, instant messaging, and file transfers. It can be set up to identify and block data that violates pre-defined policies, stopping the employees from accidentally disclosing confidential business information.
- Endpoint DLP. This DLP tactic allows monitoring data in use on individual devices. It can prevent unauthorized copying, sharing, or printing of sensitive data.
- Storage DLP. This type of DLP monitors data stored in databases, file servers, or cloud storage. It can identify and classify sensitive data and enforce policies to prevent unauthorized access or deletion.
- Cloud DLP. This DLP solution is specifically designed to protect data stored in cloud environments, like SaaS applications, IaaS, or PaaS platforms. It can identify and block sensitive data from being uploaded or shared and can also enforce policies to protect data in transit or storage.