WHY DLPs ARE COMMONLY KNOWN AS “DISASTROUSLY LONG PROJECTS”?
Download this resource

The effectiveness of DLP is based on classification of the information it monitors. Unfortunately, this is an extremely tedious task because DLP systems are essentially offshoots of anti-virus solutions. They are designed for use by IT staff and follow the anti-virus approach of centralised rule definition and incident monitoring.

PROBLEMS:

1

Gathering real sensitive information requires too much effort

DLP systems apply security centrally; this requires IT security professionals to gather all the important sensitive information in order to secure it. This is an almost impossible task to achieve as information is produced within each department on a daily basis and end-users are too busy to manually categorise this information and pass it to the IT administrators. As such, information that is being monitored is mostly outdated and, in the worst case scenario, never monitored leaving DLP systems largely ineffective.What is required is:


  • a mechanism where information owners can define restrictions on who can access the said information without involving IT staff. Further, the monitoring of this information is also limited to the information owners and not the IT department.
  • an automated way for end-users to classify information and define what is important as it is being produced.
2

Lack of sharing of highly sensitive information with the IT staff

Real sensitive information such as financial records or board papers are never shared with IT staff as they are considered highly confidential and can change the nature of the entire business. As they can’t be shared with IT staff they never get protected leaving the most important information always unprotected. What is required is:


  • a mechanism where information owners can define restrictions on who can access the said information without involving IT staff. Further, the monitoring of this information is also limited to the information owners and not the IT department.
3

Over-blocking vs ease of use – Changing sensitivity of information.

Information that is classified as sensitive can change in sensitivity level once the information has been made public or if more people are required to have access to this information. Again, this becomes a major challenge for IT staff as they will have to constantly update the restriction imposed on the information. For example, tender specs are considered sensitive as long as they are not published, and are blocked from being sent out. However, once the tender is opened, the procurement department can send it out to interested vendors. Any delay in allowing the procurement department from sending this information becomes an issue for IT security, who will be blamed for stopping people from doing their business.


  • What is required is a mechanism where end-users can take up the responsibility of defining who can access the information and who cannot, and an override mechanism where they can override a defined restriction by giving a valid reason.

THE SOLUTION : E-SAFE COMPLIANCE MANAGING SECURITY THE SMART WAY

e-Safe Compliance is an enterprise system for ensuring responsible, productive and secure use of IT resources. In addition to its productivity and auditing functionalities, e-Safe Compliance prevents data leaks but does so in a smart way and so avoids the problems listed above. The fundamental difference between e-Safe Compliance and DLP systems is that it treats data leakage as a business problem that needs to be tackled at an operational level, rather than an IT problem.

1

Secures Information at Its Source as It Gets Created, Ensuring Information Is Protected All the Time

e-Safe Compliance secures the information at its source by encrypting sensitive documents using universal encryption. Documents encrypted using universal encryption can only be opened on devices having e-Safe agent installed, along with the relevant user credentials, and are tracked throughout their lifecycle from creation to deletion using e-Safe. As such, if the users decide to send the documents to a third party, or decide to copy them, they need the e-Safe agent to open them.

2

Protecting Highly Sensitive Information Using Document Rights Management

e-Safe Compliance solves the problem of classifying highly-sensitive information by providing a built-in document rights management module, which allows top management to define document sensitivity using mouse right-click options. The following options are available:

  • Define the classification of sensitive documents as being
    • Secret
    • Confidential
    • Office document
  • Define who can have access to the said information.
  • Define the usage restriction on the information such as cut/copy/paste/print etc.
3

Monitoring Real Sensitive Information Using Decentralised DLP Rule Creation

e-Safe Compliance offers both centralised rule creation as well as decentralised rule creation. Information owners using the information tagging utility can categorise a large amount of information themselves without involving the central administrators, and can create DLP rules. Furthermore, the information owners also receive reports for the information they have defined. This ensures that owners who have defined information can monitor the usage of that information and detect any misuse by their staff.

4

Solution to Overblocking via Trust but Verify Philosophy


Normal DLP systems have two modes of operation:

  • Block sensitive document usage/transfer etc
  • Allow document usage but monitor.

Restricting document usage prevents users from doing their job, while just monitoring document usage results in the reviewing of a large number of incidents. e-Safe Compliance introduces a third way – “allow users to remove restrictions but require them to provide a reason for doing so.” By allowing authorised users to override restrictions by giving a reason, the users are no longer prevented from doing their job. Furthermore, the fact that they have to give a reason ensures that users are aware of the importance of the information and that they will be held responsible for any misuse. This automatically ensures security of information.


TRY A FREE AUDIT NOW

It is easy and fast to test e-Safe Compliance in your organisation. It only takes a few hours to install and you will immediately get endpoint visibility without any noticeable impact. Furthermore we recommend going for a full free audit done remotely by our experts.

Try Now!!