The DLP Rabbit Hole
Written by Jacob Woodfield |10 Jan, 2021
It doesn’t matter if you choose Microsoft, Guardian Edge, Forcepoint, Broadcom or any other DLP vendor, only one thing makes them all successful: UNDERSTANDING.
What is important with DLP, and in fact any technology, is understanding what its intended function is and how that function can help you and your organisation.
Like most things, when researching DLP many find themselves lost in a rabbit hole of information – to understand one area, you must first understand another and so on until you somehow find yourself on Wikipedia at 2am reading about why Social Security numbers were first invented and how best to protect them without inundating your management console with thousands of false positives a day (Okay admittedly, I may be alone here).
Let me fall back on the much-loved (read: overused) analogy in our industry – cars. Much like buying a brand-new car, DLP is a significant investment. You want it to be fast and flashy, but mostly you want it to be functional. After all, it’s still a car, regardless of how much money you spent on it. It’s great to have a large touch screen display, a GPS, high quality speakers and the ability to go back in time when it hits 88mph, but all these features are kind of redundant if you don’t know how to drive. You can sit in it on the drive and play around, but you can’t use it to drive the kids to the Zoo on the weekend or drop the in-laws off at the airport to buy yourself a few days of peace.
What you have in this scenario, isn’t a car, but a small room on wheels you can sit in and listen to some music and watch your local neighbourhood go about it’s business. It may be a car by name, but not by function.
The same is the case with DLP. It’s great to have a solution with all the bells and whistles, which is lightning fast and can calculate the meaning of life, but if you can’t use it to perform it’s basic, rudimentary intended function – why are you calling it your DLP solution?
I’ve seen this too many times in my career to count; organisations who need to essentially tick a box for clients or partners to say “Yes, we have DLP”. They look to their email gateways, or their web proxies and they see the ability to enable some level of pseudo DLP protection. Six months down the line they discover a data exfiltration incident has occurred and they then need to explain that they “Have DLP on our email gateway only”.
So, what is DLP?
In our eyes, DLP (Data Loss Prevention) is the ability to define your sensitive data within your organisation and protect it across the entire estate regardless of digital exfiltration method. True DLP isn’t stopping a handful of keywords going through your email gateway or preventing all users from writing to USB drives unless they’re on a whitelist. DLP requires a centralised management console which unifies components from across your organisational span of control; Cloud, Endpoint, Web & Email as a minimum to ensure a comprehensive security posture.
This brings me back to our original success criteria, and the point of this entire blog:
Unlike cars, DLP tool sets aren’t a requirement for day-to-day life (no matter how much they may feel like they are sometimes). This means there are far fewer people with the ability to “drive” them and even less with the ability to drive them well.
If you don’t have a car, you still need to get about. In the analogous world, you could hire a taxi but in the DLP one, you’d hire a Professional Service engineer to get you from point A to point B (installation and configuration – I think this analogy is being a little stretched, but we’re almost there). However, if you’re fortunate enough to have a car, but no ability to drive it, you might hire a full-time chauffeur (in the DLP world we’d call this a Managed Service).
No matter if you need a taxi, a chauffeur or even a bus (you’ll need to use your imagination for that one), the most important thing is the understanding of the risks associated with trying to drive it yourself. Sure, you may make it to the shop down the road a few times a week without being pulled over or getting into an accident, but when you try to make that long-distance journey, still not fully aware of what all the road signs mean, the chances of you getting yourself into serious trouble increase exponentially.
Gradian have been driving (this is the last one I promise) every day for two decades. We remember back before the bypass down the road was put in and we used to have to sit in traffic for 2 hours every morning to get to work. Whether you need driving lessons, a lift to the airport or someone full time to drive you anywhere you need to go, we know the cars, we know the roads and we’re always happy to get you to where you need to go, click here to get in touch today.