The concept of Data Loss Prevention is that end users of a network do not send sensitive or confidential information. It is applied through software that supports network management, which monitors what type of data users are transferring. At first glance, this concept can be perceived as quite obvious. However, the threats that occur internally in the organization are those that are most likely to become dangerous attacks and vulnerabilities.
Today, implementing DLP practices and solutions is quite necessary. Because the organization’s data is monitored in detail every time traffic events occur. Both through the network, as attempts to make them pass outside the home network. The latter, if detected, is classified as a suspicious activity and denies that activity through strict policies.
Now, what kind of data should we take special care with?
- Intellectual Property: all original production of data from the organization. Here, sensitive data of the same are also considered as price lists, stock control, billing and documentation in general.
- Corporate Data: those that constitute the skeleton of the organization. As the documents of strategic organizational planning, financial data and data of the collaborators (personal data, payroll).
- Customer Data: credit card numbers (including security code), financial data, social security numbers, medical records and much more.
Practical suggestions for implementing Data Loss Prevention
The Nordic Backup portal recommends a comprehensive but essential list so that the implementation of Data Loss Prevention is successful and, above all, effective for the purpose it has. We highlight some of them:
- Perform regular backups of essential information related to the organization’s business and personal data. The recommended periodicity is weekly. However, any backup that is generated should be stored on servers that are located in a geographic location outside the organization. There are organizations that offer this type of services, with their different costs according to the need. Ideally, make a backup following scheme 3-2-1.
- Use an antivirus solution that suits the organization’s computers and their corresponding operating systems. In addition, you should consider what type of tasks are performed daily and what type of data is handled on each computer and / or in each section of the company. Update the antivirus software and its database as soon as updates are available. If you have doubts about the best solution, you can consult with other people with more experience in this aspect.
- Make sure all computers have a robust enough firewall to effectively prevent the entry of external traffic to the network that is not secure. The operating systems of the different computers must have the latest updates available, as they become available, in order to always be up to date with regard to important security patches, to mitigate attacks and vulnerabilities as well as possible. .
- Implement a strong password system that allows only extensions of at least eight characters, including numbers and letters in both uppercase and lowercase letters. Also, it is advisable to change the keys periodically, it is recommended that they be changed every 3-6 months approximately, as an additional security measure. On the other hand, it is important to make users aware that they do not carry out insecure password creation practices, such as indicating their names or any personal information. It does not matter if the password does not have a specific meaning, and they are random alphanumeric characters. We recommend you visit our guide to create strong passwords .
- What matters most. Educate employees in general, in addition to educating ourselves. It is known that no matter what level you are in your organization or environment, knowing the consequences of sharing internal data outside is a great personal and corporate risk.
We hope that with these tips you can prevent the loss of important data, be it personal or company data.
