Protecting your intellectual property and customer data is essential in order to mitigate risks (compliance, business, reputation). It is the companies’ responsibility to protect all data in a state-of-the-art way. Note that data loss can occur not only due malevolence, but also a well-meaning employee can lose data, e.g. by sending information to the wrong recipient (inside or outside the company) or losing an USB stick.
Data Loss/Leakage Prevention (DLP) is a suite of technologies aimed at preventing the loss of sensitive information that occurs in enterprises across the globe. DLP is an important building block in creating a secure environment which protects your intellectual property and key data in a way that does not threaten your business and ensures compliance with all rules and regulations.
The data security approach in organizations is currently typically focused on network security (firewalls, encryption) and on completely blocking channels (like USB ports). Important Data Loss scenarios, e.g. via Mail or Internet Upload are yet not covered.
The approach of Be together with our partner e3 (https://www.e3ag.ch) focuses on the domain of Business Information Security, i.e. protecting information based on its content and use. In order to get a full coverage of the process chain, suppliers must also be considered.
Our approach covers the following data areas:
Stored data resting in Cloud Storages and Cloud Applications. Knowing if sensitive data is stored in the cloud and potentially removing it or restricting access, is the primary goal of data at rest in the cloud.
Endpoint Security are mail to clients, prints, clipboards, and attached storage points such as USB, up- & download network.
The main goal of data in use is to take preventive measures regarding the endpoint and to coach employees (pop-up’s).
Data at Rest is data resting in file shares, Sharepoint, Databases and Intranet.
The goal is to map sensitive data stored and potentially remove, encrypt or quarantine data and files.
Data in Motion are data transferred via email, web, network and mobile.
The focus is the detection and prevention of data loss beyond the corporate control.
Our methodology to deal with DLP covers the following process domains:
We offer different solutions to protect your data:
Our approach is based on solution packages of Symantec and McAfee.
DLP is not plug-and-play – whatever software product vendors are telling you.
DLP projects require a high focus on processes, governance, eco system integration and automation.
Most DLP solution providers do not go beyond the base product. The result is often an insufficient solution (e.g. bad detection, non-fitting processes, missing governance) and high operational costs due to a huge number of security incidents and consequential manual efforts.
Be together with e3 provide services and software addons to solve these issues which result in less operation costs and higher accuracy.