Cyber Hygiene
Security Risks From Employees Working From Home
Audits Don't Solve Security Problems
Is 'Discover, Classify, Protect' Wrong In Cybersecurity Today?
Breadth Vs. Depth: Cybersecurity Industry Has Been Focusing On The Wrong Thing
Third Party Vendors
The Rise Of DASB, Sunset Your DLP
AWS Source Code Leak
End Source Code Theft
Why Isn’t DLP Preventing Data Breaches?
SecureCircle Data Access Security Broker (DASB) Selected By Quanta Storage To Eliminate Insider Threats
Organizations Should Bulk Up Cybersecurity In Case Of Iranian Cyber Attack
The Evolution of Data Protection
Ransomware stealing data before encrypting
Insider Threats Infographic
Who collected 4 billion records on 1.2 billion users?
Cisco Systems - Target of Malicious Insiders
New Yorks SHIELD Act
Insider Threat at Lion Air (Update)
How to Prevent the Lion Air Databreach
CIO IT Taiwan | SecureCircle 控管檔案讀取 權不怕合作生變造成洩密
How to Prevent the Mastercard Data Breach
Capital One Hacker Breached 30 Companies Through a Single Cloud Provider
Government Organizations Are Not Ready for Cyberattacks
How to Prevent the Boeing Data Leak
End Insider Threats Without Impacting Users Or Business Workflow
Singapore Overhauling Data Protection Practices
SecureCircle available on Taiwan Government CloudMarketplace
SecureCircle placed on UK Government Framework Catalogue
The New Federal Data Strategy
SecureCircle announces United Kingdom and EMEA Distributor, Care21
Quest Diagnostics and LabCorp in Trouble
Insider Threat in the Air Force
Disruptor Daily | What trends are shaping cybersecurity in 2019?
Disruptor Daily | What is the future of cybersecurity? Experts share their insights
How to Combat the Business Email Compromise Scam
How to Prevent Government Data Breaches
Availability Bias in Cybersecurity
How to Minimize Your Exposure to Employee Mistakes
A Look Inside Toyotas Second Data Breach
Four Keys to Data-Centric Data Protection
Asymmetric Information Causes Data Breaches
SecureCircle Introduces Send Secure for Agentless Protected Data Sharing
The Financial Consequences of a Data Breach
Insider Threats Can Happen to Anyone
Federal Data Privacy Laws Are Coming
Forget Collection 1: Here comes Collections 2-5
Forbes | 10 Industries On The Cusp Of Technological Disruption
Collection 1: Not a Big Deal?
It All Adds Up: Better Cybersecurity is a Necessity in 2019
Why New Year Resolutions Fail
9 Costly Security Mistakes
Security InfoWatch | The Last Mile Security at the Edge
2019 Security Predictions(Infographic)
Security Today | Rethinking Access Control
We love what we do - 2018 Review (Infographic)
Holiday Hacks Are Not Going Away
Solving Multi-Cloud Security
A better solution than web bugs for internal visibility
Why File Encryption is not enough - A Customer Conversation
Security, Visibility, and Control
SecureCircle Introduces Enhanced Cybersecurity Offering for Cloud-First Enterprises
Healthcare Needs a Change
What is old is new: Cold Boot Attacks
Inside Information - Data that should NEVER leave the organization
CTimes | SecureCircle and Netbridge Distribution Partnership (Chinese)
SecureCircle Announces Asia Pacific Distributor, NetBridge Technologies
Insider Threats
CSO | The hidden security problem we all need to know about
Opt-Out is more than blocking SPAM
What is Opt-Out Data Centric Protection? And why is it so important
Digital Hygiene in a GDPR World
Security Info Watch | Enterprises Beware: Cybersecurity Challenges in the Cloud
GDPR Readiness (Infographic)
The Lost Laptop
Strategic Finance | Security in a World of Zero Trust
Reading Between the Lines - The Real Impact of Insider Threat (Infographic)
Protecting Internal Data
Press & News Embargos
CSO | GDPR: Where are we now?
SecureCircle @ CIAB FEBRABAN, Sao Paulo Brazil - The Recap
California Consumer Privacy (The next generation of GDPR)
I am safe. My data is encrypted. Right?
University of Texas MD Anderson Cancer Center ordered to pay $4.3 million in HIPAA violations
Is my Air Gapped Computer Safe?
The Broken 80/20 Rule
SecureCircle and Fiandeira Tecnologia Showcase Unstructured Data Solution at CIAB FEBRABAN
SecureCircle will be exhibiting at CIAB Sao Paulo Brazil June 2018
Throw Tech Away - The Rise of a New Generation of Data Security
GDPR Compliance Tips: The Top Experts Speak
Are you ready for a password-less world?
CSO | The Impact of Human Behavior on Security
Account compromised? What about your file content?
Age old discussion: Convenience versus Security
SDxCentral | Four Security Myths You Need to Shake
Security Today | Digital Security in a Zero Trust World
MegaMinds AIthority Interview with Jeff Capone
2018 Govies Awards
Data Protection needs to be agnostic like Switzerland

What is Data Loss Prevention?

Written by 
Davin
 | 
May 29, 2020

Data Loss Prevention (DLP) is a broad topic. Many products claim they're DLP solutions, including DLP, Information Rights Management (IRM), and encryption. All focus on different aspects of security. The DLP goal is to prevent data breaches and protect data, including intellectual property and personal information in all forms, including Personally identifiable information (PII), credit card information known as Payment Card Industry (PCI), Protected Health Information (PHI), and much more. Regulations like General Data Protection Regulation (GDPR) and California Consumer Privacy Act (CCPA) exist because data breaches made news headlines daily, and governments decided corporations need oversite.

DLP went mainstream in 2007 when Symantec bought Vontu. At the time, Vontu was the Gartner Magic Quadrant leader in Content Monitoring and Filtering and Data Loss Prevention. The core DLP feature was blocking sensitive data from being copied.

"The ultimate goal of data-loss prevention is to change employee behavior," director of product marketing at Vontu said in an interview regarding the release of Vontu DLP 8 in 2007.

Regardless of the features, data types, and brands involved in the DLP market, the idea employees need to change their behavior in the name of security has been present. Because altering employee behavior is so difficult, a workflow evolved within the DLP world: Discover, Classify, Protect. The result is to identify only the subset of data that is important and needs protection.

There are two main flaws with this approach. First, changing employee behavior is a herculean task. Second, this workflow relies on employees making data classification decisions. For DLP, IRM, and file encryption, users have to decide what is essential to protect. Users, however, aren't good at making these decisions. Most users will classify the data so that it is easy for them to do their work, such as sending reports externally to customers or partners. Even if employees are diligent in making decisions, data that is not important today may be sensitive tomorrow. Employees OPT-IN to security in the legacy DLP model, deciding what should be secured.

How does SecureCircle achieve data protection?

For SecureCircle, we take a fundamentally different approach to data protection than legacy DLP. We protect data by default. Employees must OPT-OUT of security in the SecureCircle model.

Transparent

Unlike the goal of legacy solutions to change users' behavior, SecureCircle believes security should be transparent to users and business workflows. Authorized users work with protected data in the same method as before. Unauthorized users are the only users to see error messages when trying to access data without proper permission.

Data-Centric

Legacy technologies focus on protecting the device or the file. Legacy DLP tries to prevent the file from leaving the device, blocking the ability to copy a file to a USB drive, blocking Save-As, or removing attachments from email.

SecureCircle protects data, not files or devices. A data-centric approach to data security focuses on the information that needs protection instead of the network, device, or application.

SecureCircle's data-centric protection allows files to move anywhere, including removable media and cloud storage. The data is persistently protected at rest, in transit, and in use. Unauthorized users can't access protected documents.

Proactive

SecureCircle doesn't rely on fragile data classification. Instead, SecureCircle's MagicDerivative(TM) autonomously protects data based on content. MagicFolder(TM) and MagicProcess(TM) autonomously protect data based on context.

MagicDerivative autonomously monitors protected data and protects similar data with the same permissions as the initially protected content. If an authorized user accesses a protected spreadsheet and copies data from the spreadsheet to a new presentation file, the presentation is autonomously protected with the same permissions as the original spreadsheet since the data has moved to the presentation. Save-As automatically creates a protected file since the contents of the new file are similar to the contents of a protected file. Even when a user manually recreates the content of a document, the new document will be autonomously protected.

MagicFolder and MagicProcess automatically protect data based on context. Enterprise Resource Planning (ERP) finance reports generated and placed into the Finance folder on a file server are automatically protected. The Finance folder is a MagicFolder, and all files placed into that folder automatically are protected. The files and data remain protected when users download the files from the file server to their computer.

MagicProcess enables applications to protect all output autonomously and allows complete protection for finance, HR, design, CAD, media, source code, and any other application that creates data that should never leave an organization.

How does this benefit my organization?

SecureCircle's unique features and overall approach to data loss prevention allow organizations to protect data without impacting end-users or changing business workflow. Organizations can support a wide range of use cases such as accidental and malicious insiders, intellectual property and source code protection, lost or stolen devices, data visibility for regulated data, third party collaboration, and more.

SecureCircle is proactive data loss prevention, at scale, that is transparent, and data-centric.

Prevent Data Breaches

Let’s discuss your unique cybersecurity challenges and needs.

Contact Us

If you want to notified when we post the newest content about mitigating insider threats, data breaches, protecting source code, and DASB, please subscribe to our SecureCircle newsletter.

Thank you! Your subscription has been received!
Oops! Something went wrong while submitting the form.

Share: