Data Loss Prevention (DLP)

DLP is a method of inspecting and keeping sensitive data from leaving the allowed perimeter. DLP systems are only concerned with the data passing over some kind of perimeter gateway device, such as through emails, instant messages and Web 2.0 applications.

DLP has the following key features:

• It is configurable with automated remediation. From a financial perspective, this can significantly reduce the expense associated with remediation. Automatic remediation may differ depending on the kind of activity involved. For instance, the user may opt to encrypt, quarantine, block and/or notify the sender in the event of an email. The majority of the functions mentioned earlier could be completed using a protected email product.
• It is able transfer data to a safe location if the data is found to be located in an unprotected area.
• It removes the need for manual user lookups through the use of LDAP server/active directory. This feature is common among all DLP manufacturers.