Kotak Mahindra Bank has initiated the DLP implementation across all business units in a phased manner and the implementation was started 6 months ago with critical business units. The solution monitors all channels, viz. Internet, Email and End point.

1. Proper strategy and planning are vital for successful DLP implementation.

2. Get management support for the Project. Identify the critical business units considered for DLP implementation.

3. Get the data classification in place which provides a substantial idea on the critical data assets (sensitive data) that needs to be protected.

4. Ensure that the Incident Monitoring and Management process is in place.

5. Start Small: Probably start monitoring two to three business units and get the incident management process and workflows in place. (It would be good if OU structure in Active Directory is aligned with Business Units)

6. Grow Carefully. Be sure you’re measuring not only what DLP Control wants you to measure, but that you’re also measuring how effective the solution is overall for your organization. Are you catching tons of false positives and few true positives? Do you have ways of measuring false negatives?

7. Periodic reviews is very crucial to identify the false positives/negatives and trending the alerts that are being thrown by the tool.

-With Agnelo Dsouza,CISO,Kotak Mahindra Bank on '7 Tips to DLP Implementation'

Read more:  My Key Learning While Implementing Database Security

Views: 454

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform

Comment by pritha on October 27, 2014 at 1:42pm

Our pleasure Adel, why don't you share your learning with the CISOs by writing an article ? Please click here to write

Comment by Adel Gaber Higazy on October 26, 2014 at 1:29pm


© 2020   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service