| A layered approach to data protection | | | | compliance should provide control over applications |
| What do we mean by data protection? | | | | (e.g., instant messaging, P2P file sharing), removable |
| Data protection is an umbrella term for technologies, | | | | storage devices (e.g., USB keys), and corporate |
| tools, and best practices related to protecting sensitive | | | | systems (e.g., web browsing and email). Controlling the |
| data within organizations. An effective data protection | | | | way in which these are used means that employees |
| strategy is one that balances protection with | | | | can be given the tools they need to do their job |
| productivity — ensuring that all sensitive and | | | | without putting data at risk. |
| confidential data is secure without preventing users | | | | Data Loss Prevention: DLP provides automated |
| from going about their daily business tasks. | | | | oversight and monitors data movement to prevent |
| For a strategy to be successful, the technologies need | | | | users from accidentally exposing sensitive information |
| to be implemented in a timely fashion while being | | | | via removable storage devices or internet applications. |
| affordable, easy to deploy and simple to administer. | | | | Content control lists (CCL’s) are a critical element |
| The ideal solution to the problem of data protection is | | | | of DLP, defining data types that need to be protected |
| therefore one that integrates key technologies with | | | | such as personally identifiable information (PII) or |
| best practices and pre-packaged intelligence to make | | | | financial data including credit card numbers and bank |
| effective policies out of the box — helping you get | | | | accounts. |
| started faster. | | | | The ideal solution should provide pre-packaged |
| Effective data protection = Technology that embodies | | | | CCL’s to make deployment and configuration quick |
| best practices + Pre-packaged intelligence | | | | and painless while also integrating tightly with policy |
| A comprehensive data protection strategy should | | | | compliance and other components of the data |
| cover the following four key areas: | | | | protection strategy — all while providing a seamless |
| Threat Protection: Threat protection should protect | | | | experience for users that minimizes impact on |
| data against infection from malware and prevent | | | | productivity. |
| hackers from gaining direct or indirect access to | | | | Encryption: Encryption is essential for protecting the |
| sensitive data on your systems and network. Thus | | | | confidentiality, integrity, and authenticity of data at rest |
| threat protection must include: intrusion prevention, | | | | or on the move and is a key requirement for many |
| firewall, anti-virus, anti-malware, and anti-spam to | | | | regulations. It should secure data on desktops and |
| ensure hackers do not gain a foot-hold on your | | | | servers, mobile devices including laptops and |
| network with which to compromise and steal sensitive | | | | removable storage media, as well as data that is |
| data. Since threats are constantly evolving and | | | | allowed to be sent via email. The ideal solution is one |
| becoming more financially driven, proactive protection | | | | that is both transparent to the end user to avoid |
| that can identify and block new threats before they | | | | productivity and workflow disruptions, while also being |
| are cataloged is critical. | | | | easy to deploy and manage with flexible policies that |
| Policy Compliance: The role of policy compliance is to | | | | adapt to your business. Furthermore, a solution that |
| reduce the threat landscape, legal liability and exposure | | | | integrates encryption with DLP provides a significant |
| by implementing best practices in the form of policy to | | | | advantage in ensuring any sensitive data that is |
| prevent users from inadvertently putting themselves or | | | | allowed to be moved off the network for valid |
| the organization at risk while still giving them the tools | | | | business reasons cannot be compromised. |
| they need to go about their daily work. Policy | | | | |