Data Loss Prevention (DLP) Strategies for ISMS

By

Image :Somansa


A data loss is considered a major disaster against cyber security risk management, where organisations require implementing controls to  detect and prevent data breaches, exfiltration, or destruction of sensitive data.

A data loss can occur at your server, network, cloud, end points, mobiles as well as manual forms, hence require physical, technical and administrative controls.

Data Loss Prevention (DLP) aims to enable mitigation measures to protect and secure your data complying to data protection regulations. 

The DLP refers to prevention of data losses and data leakages which may be caused by  ransomware, insider or other application, database or network attacks. The aim of DLP is to prevent unauthorized dara transfers outside organization.

DLP help organisations to protect 
  • Personally Identifiable Information (PII) 
  • Intellectual Property 
  • Achieve data visibility
  • Secure mobile workforce and enforce BYOD security
  • Cloud systems

Data leaks can happen due to following causes. 
Malicious insider threats :
An insider  compromising a privileged user account, abuses the  permissions to transfer sensitive data outside the organization.

Extrusion by attackers : 
An attacker penetrating the security perimeter uses  phishing, malware or code injection etc to gain access to sensitive data.

Unintentional data exposure :
An act of negligence by an employee cases public access to  sensitive data. 

Data Leakage Prevention can use security tools such as Intrusion Detection System (IDS), which alerts security team on attempts to access sensitive data. Antivirus software help protect against ransomware. Firewalls help blocking of external access to sensitive systems.

Security Operations Centers (SOCs) use Security Information and Event (SIEM) system to detect potential data leaks.

DLP strategies 
  • Data classification to determine sensitivity and applying rules of access.
  • Securing data at rest with access control, encryption and data retention policies
  • Securing data in motion by analyzing traffic to detect sensitive data transfers.
  • Securing endpoints to control data transfer between users and groups.
  • Securing data in use by monitoring and flagging unauthorized activities 
  • Data leak detection using tools like IDS, IPS, and SIEM
  • DLP and File Security Solutions to monitor access to all sensitive files 
  • Alerting and automatically blocking of actions that violate DLP policies.
  • Detecting abnormal or suspicious user behavior using machine learning
  • Detecting and Mitigating Ransomware attacksby blocking file access patterns.
  • Data access and file operations auditing and investigation for compliance 


Comments

Post a Comment

Popular posts from this blog

ISO 27001 ISMS in a Nutshell

By
Image
Image : ISO The ISO 27001 certification is the most comprehensive  information security standard recognized globally. It ensures standardizing of your organisation's information security strategies to ensure confidentiality, integrity and availability of your systems and data to conduct your business effectively.  Gaining the certification is a journey with several milestones. It is a carefully planned systematic activity that transforms an organisation to a secure entity,  where everyone becomes a stakeholder in information security. Follow this processes to get to your goal successfully. Step 1. Obtain Management Support . This is the most critical requirement to achieve ISO 27001 status. Your ISMS project will definitely fail if it does not receive to management support. The management should provide, people, money and strategic direction for your ISMS to be a success story. In the sections below you’ll find some tips on how to convince your management, and how much the implemen
Read more

How easily the data breaches occur? 5 ways to be aware of.

By
Image
Data breaches can occur at any unexpected moment. Unless you do not detect it fast, cybercriminals will have more time to exfiltrate information and cause bigger damage. On average it takes up to 30 days and costs $1 million to address a data breach incident stated 2021 Cost of a Data Breach Study. However, it could be more if you wait longer. Unfortunately, some took 6 months to respond.      Better safe than be sorry! Be prepared against data breaches.  There are 5 ways for your organization to avoid data breaches. Here is how. 1. Weak and stolen credentials  The most simplest way hackers use for data breaches is stealing passwords. Many people use predictable passwords like ‘Password1’ and ‘123456’. With them, cybercriminals don't even need to hack into a system to steal your sensitive data.  There are many tools that can help a cybercriminal to crack passwords. They run millions of popular credentials to break into your system. This requires you to have a strong password policy
Read more

Best Practices for secure Software Development

By
Image
image : OpenSense Labs Are you aware of the  Solarwinds attack in 2020? The hackers exploited software vulnerabilities of Orion IT monitoring and management software used by thousands of enterprises and government agencies. This hack triggered a larger scale supply chain incident which affected thousands of organizations, including the U.S. government. The attackers infliltrated the Solarwinds network, and infected the software used for Network monitoring before it shipped to customers.This insident and many more warn us on the importance of building secure software.  Secure software development is a methodology used for creating robust software by incorporating security practices into every stage of the software development life cycle (SDLC). It begins at planning stage before a single line of code is written, and continue through the life cycle. A bug fixing at implementation stage cost six times than fixing it during design stage. Every new feature added, may carry series of vulnera
Read more