Network Trace
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

38) Does your organisation prevent unauthorised transfer of data via email, web browsers, or other data transfer mechanisms?

August 30, 2022

Answer yes if your organisation has any form of Data Loss Prevention (DLP) controls in place to ensure only authorised data is transferred outside of your organisation. In the notes, please describe the controls you have in place and how these are managed.

Data Loss Prevention (DLP) controls can help detect and prevent confidential data travelling across your organisational boundaries. This might include:

  • Local email clients
  • Web-based email
  • Online file transfer services
  • Online document repositories
  • Live web chat
  • Removable media such as external hard drives, mobile phone transfers etc.

Most DLP solutions come with default rule sets you can use, such as detecting personal data or banking details, but you will need to configure the solution to be relevant to your organisation based on the information you hold and your usual operating procedures. For example, you may want to create rules to check for particularly sensitive project names or client names.

DLP controls can be helpful to detect and prevent accidental data losses, or as a way to increase the cost to an attacker, but they should not be relied upon as the only method of preventing a data breach. This is because implementation can be extremely complex and a determined attacker will often be able to find a way around the controls.

How to implement the control

For organisations using Microsoft 365, you can find out more information about how to use Microsoft's built-in DLP capabilities here.

Google Workspace also has options to implement DLP controls on Gmail and Google Drive. See the relevant Google Workspace Admin Hep pages for how to set this up.

There are a number of other third party solutions, either dedicated DLP solutions, or DLP capabilities within other IT management and control solutions such as endpoint device management or email and web security solutions.

You will also need to implement surrounding processes and procedures to ensure that any alerts are triaged and investigated as appropriate.

If you would like to contribute to this article or provide feedback, please email knowledge@riskledger.com. Contributors will be recognised on our contributors page.

Pattern Trapezoid Mesh

Defend against supply chain attacks with Defend-As-One.

No organisation is an island.