I am looking to start a Data Loss Prevention program/project. Can you share any information/guidance on key dependencies prior to starting or that must be dealt with early on in the project/program that are keys to success?

Security & GRC Data Governance Data Management+3 more

591 views1 Upvote7 Comments

Sort By:

Oldest

CIO/CISO in Softwarea year ago

First of all, before selection of any software I would recommend to define/agree realistic scope of the DLP: what data and what type of data to control, where, what actions trying to control, what you would like to block and what to monitor, what employees are in scope (you may have significantly different controls for different type of employees), etc.
Don't forget to involve at least colleagues from Legal, Risk management and HR Compliance.
Software is important, but it is just secondary

Director of IT in Healthcare and Biotecha year ago

At a level, it's going to require extensive preparation, planning, and knowledge of the organization's data ecology. Identifying data to safeguard, detecting possible data departure ports, adopting suitable technical solutions, and establishing a data security culture are essential dependencies.

Balancing data security and operational efficiency is difficult. It's crucial for DLP success and organizational resiliency.

Global Chief Cybersecurity Strategist & CISO in Healthcare and Biotecha year ago

Microsoft has a good walkthrough that isn't product dependent. Here's the link https://learn.microsoft.com/en-us/microsoft-365/compliance/dlp-overview-plan-for-dlp?view=o365-worldwide

Please join or sign in to view more content.

By joining the Peer Community, you'll get:

Peer Discussions and Polls
One-Minute Insights
Connect with like-minded individuals

Principle Consultant in IT Servicesa year ago

One of the first things you need to do it to understand what types of data does your company have, what is the importance of each type of data to the company, where is that data today, where should it be? Then, you can start with the highest importance and the data at the most risk to being exposed.

Senior Director, Information Technology in Softwarea year ago

Build a risk matrix of all your organization's data sources, information, and their importance. Use this inventory to assign and manage risk on data loss. Numerous products are available to support your project based on the risk matrix and data sources.

Content you might like

We are a large manufacturing company with over 17,000 associates, about half of whom have company-provided cell phones. We average two lost devices per week, which seems low, but executive management is concerned and wants to know if our numbers are typical compared to other companies. My questions are: 1. Do other companies also struggle with lost or stolen devices? 2. What is the average number of lost devices per week? 3. Are there repercussions for associates who lose devices due to carelessness or negligence?

Mobile Device Management (MDM)Mobile Devices Security+2 more

VP of IT in Retail3 days ago

My previous organization implemented a strict one-strike policy for lost or damaged devices. While the first incident was considered an accident, repeat offenders were required to reimburse the company for the lost or damaged ...read more

82 views1 Comment