Are you generating the right business value out of DLP implementation?

Data is the most valuable asset to any organization .Organizations today is investing millions of dollars to safeguard sensitive and confidential data in order to avoid cost associated with data breach.
DLP solution has been one of the major areas of investment for many organizations to protect sensitive data from unauthorized access or exposure. There are many ways to quantify the business value of DLP investment. Some organizations may calculate it with the rate of reduction in frequency of occurrence of data breach incidents post DLP implementation while others may calculate it in terms of cost associated per data breach or loss in brand and shareholder value as result of non compliance.
But one has to also understand whether DLP investment has generated the right business value without impacting the overall operational efficiency and business productivity.
DLP solution through its content monitoring and filtering feature is expected to identify sensitive contents but has faced challenges of generating large number of false positives due to stringent policies and rules .This has resulted in reducing the over ease of operation and also disrupting the business agility.
The best way to address this problem is not by implementing an over permissive rule which again would generate a lot false negatives leading to greater business loss but by properly identify and classify data. Integrating a DLP solution with proper classification of data would not only protect sensitive data effectively but also improve the overall operational efficiency.
The best way to achieve this is by engaging and shifting the responsibility of classifying data to the data owners or users as they are the ones who create and use data. Data owners should first be provided security awareness training to educate about the Organization's data classification policy and its importance and then senior executives should enforce a culture of classifying every data that gets generated.
With classification becoming all pervasive in overall information security strategy, Organizations can then generate greater business value out of DLP solutions. DLP solutions can then make consistent decisions with greater accuracy and efficiency resulting in reduction in operational inefficiency and better business productivity.

Rate this article: 
Average: 1 (2 votes)
Article category: