Problem

The security industry has evolved to the point where data can now be granularly tracked, monitored, blocked and reported. Products such as Vericept and Vontu are attempting to address these problems from a technology perspective, but any security solution needs to address people, process and technology challenges. With so many forms of connectivity into and out of the organization, it is difficult to know where your data is and who has access to it. The Data Loss Prevention (DLP) assessment addresses the needs of organizations to more tightly control their data, know where it is, from creation, to modification to transport, to storage and destruction. Data can reside anywhere from the Blackberry, to email, to spreadsheets on a desktop with no way of tracking it.

Solution

The DLP assessment helps an organization determine all the mechanisms of where data is residing and all the potential ways is can leave the organization. We help you gain an understanding of how information moves into and out of your organization and develop policies and procedures along with the necessary tools to control your data leakage problems.

The process will:

• Assess the current state of data movement
• Identify Data-in-motion, Data-at-rest and Data-in-use scenarios
• Identify threats to your data, both internal and external
• Review and develop policies and procedures around DLP
• Recommend tools for further security
• Identify compliance risks because of data leakage
• We will map solutions to any regulatory requirements you may have
• Assess the need for host based and networks based DLP technologies
• Develop or modify risk classification standards for future data creation and management
• Ensure acceptable use of data and provide protection and prevention of unauthorized access
• Extend your corporate security policies to remote employees, vendors, contractors and suppliers

How the Process Works

We will go onsite to interview your IT and security staff and business unit owners to understand how data moves through the environment. We will review all your documented procedures and assess the technology you already have in place that may help in DLP. We will make procedural and technical recommendations to implement a robust DLP solution.