7 Tips For DLP Implementation

Kotak Mahindra Bank has initiated the DLP implementation across all business units in a phased manner and the implementation was started 6 months ago with critical business units. The solution monitors all channels, viz. Internet, Email and End point.

1. Proper strategy and planning are vital for successful DLP implementation.

2. Get management support for the Project. Identify the critical business units considered for DLP implementation.

3. Get the data classification in place which provides a substantial idea on the critical data assets (sensitive data) that needs to be protected.

4. Ensure that the Incident Monitoring and Management process is in place.

5. Start Small: Probably start monitoring two to three business units and get the incident management process and workflows in place. (It would be good if OU structure in Active Directory is aligned with Business Units)

6. Grow Carefully. Be sure you’re measuring not only what DLP Control wants you to measure, but that you’re also measuring how effective the solution is overall for your organization. Are you catching tons of false positives and few true positives? Do you have ways of measuring false negatives?

7. Periodic reviews is very crucial to identify the false positives/negatives and trending the alerts that are being thrown by the tool.

-With Agnelo Dsouza,CISO,Kotak Mahindra Bank on '7 Tips to DLP Implementation'

Read more:  My Key Learning While Implementing Database Security

E-mail me when people leave their comments –

CISO Platform

You need to be a member of CISO Platform to add comments!

Join CISO Platform

Comments

This reply was deleted.

CISO Platform

A global community of 5K+ Senior IT Security executives and 40K+ subscribers with the vision of meaningful collaboration, knowledge, and intelligence sharing to fight the growing cyber security threats.

Join CISO Community Share Your Knowledge (Post A Blog)