AppSec Knowledge Base

WHAT IS DLP

The term “DLP” has gained wide recognition as a top priority for CISOs. But what is DLP exactly, and how can it help improve data security and protect the interests of the organization?

Here’s a short introduction to “What is DLP?” that provides a definition of this important security technology.

What is DLP?

DLP is an acronym for data loss prevention, or data leak prevention, and refers to network security tools that can identify confidential information, track its movement through an enterprise, and prevent unauthorized exposure or disclosure of sensitive data by enforcing leak prevention policies.

What is DLPintended to address?

DLP solutions are designed to address an all-to-common scenario where sensitive information is purposefully or inadvertently leaked or lost. DLP policies are intended to cover critical and confidential data that includes:

  • Corporate data, including strategic planning documents, financial documents, due diligence research and employee information.
  • Intellectual property such as product design documents, internal price lists, source code and process documentation.
  • Customer information, including credit card numbers, medical records, financial statements and Social Security numbers.

What is a DLP solution?

A DLP solution is a technology that automates the enforcement of data loss prevention policies, enabling organizations to improve security while reducing the administrative burden of managing and monitoring DLP activities.

What is DLP for networks?

Network-based DLP solutions help protect data while it’s in motion, monitoring network traffic to identify and block sensitive data that is leaving the enterprise.

What is DLP for data centers?

Storage-based DLP solutions help protect data at rest within file servers, databases and SharePoint. These solutions help to identify were sensitive information exists and determine whether it is stored securely.

What is DLP for endpoints?

Endpoint-based DLP solutions monitor laptops, tablets and other user devices for actions that may indicate potential data leaks. These actions may include sending email, printing files, or copying data to a USB drive.

What is DLP’s relationship to application security?

When building microservices, desktop programs, web applications and mobile apps, application security solutions can help development teams augment DLP by eradicating software vulnerabilities that can lead to data leaks. Veracode’s powerful suite of cloud-based testing services can help to prevent breaches, eliminate leaks and better protect data, moving beyond the network security firewall to build more effective application layer defenses.

Learn more about “What is DLP?”, or visit Veracode’s AppSec knowledgebase to learn about vulnerabilities such as insecure cryptographic storage and to view a spoofing definition.

 

 

contact menu