Data Loss Prevention Concepts PDF
Document Details
Uploaded by barrejamesteacher
null
EC-Council
Tags
Summary
This document discusses data loss prevention (DLP) concepts for cybersecurity technicians. It explains the importance of DLP in data security and various DLP solutions.
Full Transcript
Certified Cybersecurity Technician Exam 212-82 Data Security Module Flow 01...
Certified Cybersecurity Technician Exam 212-82 Data Security Module Flow 01 4 03 Understand Data Security 5'44. 7:4. w7" Discuss Data Backup, and its Importance Retention, and Destruction 02 02 g./%% 0404 Discuss Various Data ,,,4- ,,,4. v Discuss Data Loss Security Controls Prevention Concepts Copyright ©© by EC-C Copyright EC-Coumcll. cll. Al All Rights Rights Reserved. Reserved. Reproduction Reproductionis Strictly Prohibited Prohibited. Discuss Data Loss Prevention Concepts The objective of this section is to explain the importance of data loss prevention (DLP) in data security. Module 15 Page 1912 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security What is Data Loss Prevention? O Data loss prevention (DLP) includes a set of software products and processes that do not allow users to send confidential corporate data outside the organization D ata L oss QO Itis used by organizations to: v' Discover sources of data leaks ¥v" Monitor the sources of data leakage P revention v’ Protect organization assets and resources v Prevent accidental disclosure of sensitive information to unintended parties v" Manage resources with business rules, security policies, and software What is Data Loss Prevention? Data loss prevention (DLP) includes a set of software products and processes that do not allow users to send confidential corporate data outside the organization. These software products help security professionals in controlling what data end users can transfer. DLP rules block the transfer of any confidential information across external networks. They control any unauthorized access to company information and prevent anyone from sending malicious programs to the organization. DLP software are implemented according to the organizational rules set by the management. This prevents accidental/malicious data leaks and losses. If an employee tries to forward or even upload company data on cloud storage or on a blog, the access will be denied by the system. A DLP policy is adopted by the management when internal threats to a company are detected. A DLP policy ensures that none of its employees send sensitive information outside the organization. New emerging DLP tools not only prevent the loss of data but also monitor and control irregular activities from occurring on the system. Different DLP products are available to help security professionals determine what data users can transfer. DLP products are also known as data leak prevention, information loss prevention, or extrusion prevention products. DLP is used by organizations to: = Discover sources of data leaks = Monitor the sources of data leakage = Protect organization assets and resources Module 15 Page 1913 Certified Cybersecurity Technician Copyright © by EG-Council All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security = Prevent accidental disclosure of sensitive information to unintended parties = Manage resources with business rules, security policies, and software Module 15 Page 1914 EG-Council Certified Cybersecurity Technician Copyright © by EG-Gounell All Rights Reserved. Reproduction is Strictly Prohibited. Certified Cybersecurity Technician Exam 212-82 Data Security Types of Data Loss Prevention (DLP) Solutions Endpoint DLP A solution that monitors and protects PC-based systems such as tablets, laptops, etc. It is used for preventing data leakage through clipboards, removable devices, and sharing applications Network DLP A solution that monitors, protects, and reports all data in transit It is installed at the “perimeter” of an organization’s network It helps the security professionals in scanning all data moving through the ports and protocols within the organization Storage DLP A solution that monitors and protects data at rest, that is, the data stored in an organization’s data center infrastructure such as file servers, SharePoint, and databases It identifies the location where sensitive information is stored and helps users in determining whether it is stored securely Types of Data Loss Prevention (DLP) Solutions There are various types of DLP solutions that function differently with the same objective, that is, to prevent data leakage. Endpoint DLP: Endpoint DLP is a solution that monitors and protects PC-based systems such as tablets, laptops, etc. It is used for preventing data leakage through clipboards, removable devices, and sharing applications. The solution includes an agent that monitors specific user operations such as sending an email, copying a file to removable media devices, printing a file, etc. Endpoint DLP protects data in use. Network DLP: Network DLP is a solution that monitors, protects, and reports all data in transit. It is installed at the “perimeter” of an organization’s network. It helps the security professional in scanning all data moving through the ports and protocols within the organization. It may analyze email traffic, social media interactions, SSL traffic, instant messaging, etc. The solution maintains reports containing information such what data is used, who is using the data, and where the data is sent. Thus, it helps in controlling the flow of data over the organization's network and meets regulatory compliance. Data collected by a Network DLP is stored in a database for retrieval later. Storage DLP: Storage DLP is a solution that monitors and protects data at rest, that is, the data stored in an organization’s data center infrastructure such as file servers, SharePoint, and databases. It identifies the location where sensitive information is stored and helps users in determining whether it is stored securely. It allows authorized users to view and share sensitive files in the organization’s network. Module 15 Page 1915 Certified Cybersecurity Technician Copyright © by EG-Gouncil All Rights Reserved. Reproduction is Strictly Prohibited.