Research from the Ponemon Institute tells us that for the first time in seven years, the cost of data breaches from malicious attacks decreased to an average of “only” $5.5 million, down from $7.2 million the year before. While that’s positive news, more than a third of breaches were as a result of lost or stolen devices, including endpoints like laptops or USB drives that contained sensitive information. As portable devices continue to become pre-eminent, sensitive information will continue to be at risk.
Plus, besides malicious attacks and endpoint breaches, companies also continue to face tremendous pressure to comply with increasing regulation and legislation.
So what are organizations to do? Data loss prevention (DLP) is still about proactively protecting information and that means continuing to answer three key questions:
- Where is your confidential data?
- How is it being used?
- How do you prevent its loss?
Organizations looking for data protection and endpoint security need to look to unified data loss prevention solutions that answer these questions including discovering where confidential data is stored, monitoring how data is being used, and proactively protecting data to prevent its loss.
Answering these questions and measurably reducing the risk of data loss requires a multi-phase methodology including:
- Visibility: One the biggest challenges is gaining visibility into where data loss risk is located. A successful data loss prevention solution should have customizable reporting and dashboards to help identify exposed areas, broken business processes and high risk users.
- Remediation: Once you know what business processes are broken and who your top offenders are, you can start remediating them. A successful DLP solution must enable you to set up custom workflow paths and remediation responses to make sure the right action is taken at the right time.
- Notification: It’s important to notify employees about policy violations right away. Doing so instantly educates them on data security policies and helps prevent repeat offenses, reducing incidents in the future.
- Prevention: This means stopping the data from inappropriately leaving the company. When an incident is detected, a proper DLP solution should proactively trigger protection actions according to policies you’ve defined. For example, you can prevent an email message from leaving the company, quarantine a file that contains sensitive information, or automatically route sensitive emails to an encryption gateway for secure transmission.
Symantec offers a variety of Data Loss Prevention and Endpoint Protection solutions, as well as unified solutions like Symantec Protection Suite Enterprise Edition 3.0, which can help protect confidential data wherever it’s stored or used, across endpoint, network and storage systems, including virtual environments.
To learn more about how Symantec Data Loss Prevention and Endpoint Protection high performance solutions are simplifying the protection of data and increasing security for endpoints, visit the Symantec Store at softchoice.com and Symantec’s Data Loss Prevention Center.