Data Leakage Protection (DLP) is one of the hot new IT security technologies on the market. The point of these tools is to catch sensitive and confidential data before it can be maliciously leaked out of the company. While the tools certainly have value, they are not the be all and end all of IT security that vendors are purporting them to be.

DLP – What it Does, and How it Does it

DLP tools exist in two distinct formats, though both can be offered by the same solution, with both seeking to prevent the loss of sensitive or confidential data. The most common format offers protection at the network gateway while the less common format provides protection at the endpoint. Gateway solutions focus on monitoring and restricting the transmission of electronic communications while endpoint solutions limit the transfer of data to devices such as USB drives and to hardcopy printouts. Naturally, endpoint solutions require the installation of an agent on the device while gateway solutions don’t.

DLP tools work by analyzing files for signature data and then enforcing policy-based restrictions. For example, a DLP solution could be configured to block the outbound transmission of Social Security Numbers. Since these numbers have a consistent and recognizable structure, the tool would scan all outbound messages and files looking for numerical data that matched the set pattern. Any time the pattern was noted, the transmission would be disallowed. Equivalent actions can be taken at the endpoint such that Social Security Numbers could be neither printed nor copied to external media.