DLP: Data Leak Prevention / Data Loss Protection
What is DLP?
DLP can stand for either Data Leak Protection or Data Loss Protection. These cybersecurity-related concepts are similar – in either case, companies hope to protect themselves against the exposure of confidential data to the outside world. In order to do this, they deploy a DLP system to protect sensitive information.
Examples of this would be customer details in CRM (customer relationship manager) software or credit card numbers in a database. DLP systems can detect a data breach such as an employee exporting information from a CRM order list to send to competitors, and protect against such intellectual property theft.
How traditional DLP systems work?
DLP systems oversee work carried out with various types of data.
Monitoring is done by targeting specific files or data in information systems, with the goal being to prevent intellectual property theft. Targets of such monitoring may be defined by name or data pattern.
For example, XXXX-XXXX-XXXX-XXXX is a typical pattern used for credit card numbers and + X (XXX) XXX- XX-XX is often seen in phone numbers. If an employee tries to execute a prohibited operation (viewing, printing, sending by e-mail) with such files or data, the action will be cancelled and the company’s security department will be notified of the incident.
Why DLP systems do not optimally protect information?
In general, a company’s most important information is not stored in files but rather in systems such as CRMs, databases and ERP software which are harder to control. If the data format is changed, the DLP system will not be able to keep track of it. For example, if you change the number of credit cards with the pattern XXXX-XXXX-XXXX-XXXX to an AXXXX, BXXXX, CXXXX, DXXXX format, the DLP system will not deem this important and will therefore miss the incident.
Furthermore, continuous monitoring of the use of these resources heavily taxes workers’ computers as well as the resources of the whole company. The software is expensive and usually requires the intervention of a team of experts.
What Kickidler’s advantage over classic DLP systems?
Kickidler is a type of computer forensics software which is focuses on employees’ activities, not the data itself. While data can be changed to deceive DLP systems, workers’ actions will always be made visible by Kickidler’s monitoring system.
With Kickidler, you can easily detect insider threats by collecting data on violations committed by employees, such as unauthorized access to confidential information.
Kickidler can detect employee fraud by recording videos of every action someone takes on their computer. Using these records, you can accurately determine whether employees are using protected information to the detriment of the company and thereby reduce insider risk.