There’s a bewildering volume of data in modern business. IDC has predicted that by 2025 there will be 175 zettabytes of data in the world, a figure that's almost impossible to conceive. While this data will not be of interest to many people, there will be some that is highly prized indeed.
Data has become highly valuable IP for many organizations, and the need to keep it protected from cyber-criminals, hackers, internal threats, and more has increased accordingly. Keeping data secure relies on many factors – people, policies and procedures included – but an essential component of doing so is the right data security solution.
Integrated Data Loss Prevention (DLP) technology that can provide content filtering and inspection for data transferred via email, web or the cloud is an effective solution to keep sensitive data secure. Yet as the need for security has grown, the shortcomings of DLP have become more apparent, giving way to a far more effective upgrade.
We ask – what is adaptive Data Loss Prevention?
The Failings of Traditional DLP
For many years now, DLP has existed as a solution that aims to prevent sensitive data from being leaked or shared without full authorization. It was initially successful in this objective. It works by identifying potentially sensitive information and then, in the case of an email for example, it blocks the communication containing the data as it is classified as a risk. This process is effective but places significant restrictions on the day-to-day flow of communication.
If you think about the volume of emails sent and received each day, then also imagine how frustrating it would be not to know if an important email you sent to a customer had yet reached them? Or if you were waiting for a vital piece of information to complete an urgent report and that information had been incorrectly blocked by your DLP solution. This is the fundamental flaw with DLP – it also stops legitimate correspondence, which can have a disastrous effect on business.
Yet the need for a DLP-type solution has never been greater. Email remains a principal communication method for many (and a chief threat to data security), but more critical applications are hosted in the cloud than ever, and the use of collaboration tools such as Dropbox and Box has soared too. Employees do not want to be restricted in how they communicate and collaborate, which is why adaptive DLP has emerged to meet this need.
How Adaptive DLP is Different
Adaptive DLP is a significant advance on the restrictive 'stop and block' approach of traditional DLP. It not only keeps an organization's critical data secure but does so in a way that ensures communication is not restricted in any way. This fits with the ways people work now – increased collaboration, more file-sharing and interaction with people both inside and outside the organization.
Instead of merely blocking communication, it automatically removes any sensitive or malicious data as it enters or exits the network (see figure 1). Only content that breaks policy (established by the organization) is removed, meaning communication continues completely unrestricted, and there is no waiting for IT to approve and release communication.
Figure 1. How It Works: Bi-Directional Adaptive DLP Integrated in a Secure Email Gateway
At the heart of Clearswift's DLP technology is its advanced Deep Content Inspection (DCI) capability, which allows it to go beyond traditional DLP solutions. Clearswift's adaptive DLP will remove active code or malicious content buried deeply in attachments and downloads because it understands document structures. This approach provides comprehensive protection against malware entering the network, and adaptive DLP can even remove hidden metadata, revision information and auto-saved data associated with documents and images.
Context is King
What really sets adaptive DLP apart from other integrated DLP solutions is its ability to take account of context. Who is sending an email, and why are they doing so? Do they have a legitimate reason to include sensitive data in it? Adaptive DLP will take all this into account when assessing what to do and act accordingly.
There is even flexibility around different groups. The finance team can be the only ones allowed to email official company financial data, for example. This shows how adaptive DLP can be used to help enforce existing internal policies too. If the document includes classified data, then the organizational policy is automatically applied.
Successful DLP Deployment
Data security has never been as crucial as it is currently. There are more threats than ever before and more ways for cyber-criminals to try and extract data or infect a network with malicious code. But there is also more collaboration than ever, and many businesses rely on the swift exchange of information to succeed.
These organizations cannot afford for the communication flow to be interrupted, which mean that traditional DLP solutions are no longer fit for purpose in modern business. To keep data secure without compromising on day-to-day business operations, the DLP solution must be adaptive.