Data Leakage Prevention encompasses all technical and organizational measures that serve to detect and prevent data breaches, exfiltration or unwanted destruction of sensitive data. Organizations use DLP to protect and secure their most valuable digital assets as well as to comply with regulatory requirements.

DLP refers to both protecting organizations from data loss and preventing data leakage. Data loss refers to events where critical data is lost to the organization, such as a data harvest attack. Data leak prevention focuses on preventing the unauthorized transfer of data outside the organization’s boundaries.

A positioning in cyber security (C-I-A triangle) can be described as followed. DLP covers Confidentiality and ensures that sensitive information are accessed only by an authorized person and kept away from those not authorized to possess them. Data access is managed using security mechanisms such as user names, passwords, access control lists and encryption for authentication. A data classification needs also to be provided here to categorize the information according to the extent of the damage that can be caused if it gets into unintentional hands. This classification can be based on content and context.

On the basis of this, the distribution groups, distribution routes and distribution channels needs to be defined/establish with whom confidential information can be shared and/or distributed. In some scenarios, it is necessary to verify whether the recipient should be able to use confidential information that has already been transmitted at a later point in time. If these key points are taken into account, security measures can be implemented accordingly.

Using our framework for cybersecurity, we gather the confidentiality requirements of sensitive corporate data and transform them into a clearly structured set of rules using our proven methodology. Individual rules can be defined by detailed descriptions as well as by standardized graphics.

The use of graphics can save a lot of time and serves to avoid overlapping and/or contradictory rules. It is also extremely effective in avoiding conceptual gaps.