Checklist to Evaluate a DLP Provider

The Data Leak Prevention Project was rolled out in Lanco Infratech Ltd

  • To protect its proprietary assets and business data against any loss or leakage
  • To meet regulatory requirements as per the segment of industry.
  • To increase awareness amongst the employees by publishing the incidents and policy violation cases across the group
  • To help in establishing evidences of intentional breaches to initiate disciplinary cases.

(Read more:  Top 5 Application Security Technology Trends)
  

Check-list for Evaluation:

Policy Definition

  • Policy Wizard to enable predefined policy templates based on Geography and Industry
  • Ability to define policy owners for each policy
  • Policy should allow administrators to run different external command for different policy violations
  • Ability to enforce fingerprint policies when the endpoint is disconnected from corporate network
  • Ability to allow administrators to define applications or application groups that can have access to sensitive data

 

Database Fingerprinting

  • Fingerprint databases using ODBC or equivalent protocol
  • Ability to create multiple rules which correlates different fields within a database with options for different threshold for different rules
  • Fingerprint specific tables from a database
  • Fingerprint specific fields from a table

Directory/file fingerprinting

  • Ability to ignore information(Organization boiler plates, confidentiality Notice etc) from fingerprinting in files
  • Ability to schedule the task for ignoring information from fingerprinting

Discovery

  • Options to provide agentless discovery on databases, file servers, SharePoint portal exchange mailboxes etc
  • Ability to control the bandwidth used for discovery
  • Ability to maintain the original file access time stamps while performing the discovery

Destination Awareness over Web

  • Create policies based on URL categories
  • Real Time User Identification

(Read more:  5 easy ways to build your personal brand !)

SSL Decryption

  • Ability to natively decrypt SSL sessions and inspect content sent over SSL(HTTPS).
  • Hardware required for SSL decryption
  • Unified Management

Custom pattern creation

  • Ability to create custom patterns based on organization/data owner needs

Notification

  • Options to send different notification templates for different policies
  • Notification to the policy owner should be possible in the policy by adding the email address of the policy owner
  • Options to notify administrators, policy owners, senders and sender's manager

Management & Reporting

  • Options to view incidents by setting different filters
  • Options to report sensitive information sent to multiple recipients in a single mail as a single incident

 

Workflow management

  • Ability to quarantine sensitive emails and notify the sender's manager, policy owner and give them permissions to release the email from the system if its approved or required by business.
  • Ability to escalate an incident to a person who is defined in the workflow process
  • Ability to integrate automatically with DRM and encryption software
  • Ability to not allow incident managers or administrators to delete an incident

Deployment Options

  • Capabilities to integrate with ISA proxy by installing an agent on ISA
  • Options for SSL Decryption to monitor leaks over HTTPS
  • Options to monitor printing on Network printers
  • Options to monitor internal mail traffic

 

Hardware required

  • Number of hardware required to deploy DLP at HOV
  • Additional hardware for SSL Decryption

 

Support Capabilities

  • 24x7 support
  • Trained partners
  • Training

-With KK Chaudhary, Lanco Infratech Ltd on How To Evaluate a DLP Vendor ClickToTweet

What are some other factors you use to evaluate a DLP solution vendor ? Share your thoughts in the comments below.

(Read more:  How the Heartbleed bug was found by Antti Karjalainen - discoverer ...)

Views: 2029

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform

FireCompass

Forum

CISO as an enabler

Started by Maheshkumar Vagadiya Jul 30. 0 Replies

Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue

Has Anyone Evaluated Digital Signature (like Docusign)?

Started by CISO Platform. Last reply by SACHIN BP SHETTY Apr 24. 1 Reply

(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue

What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?

Started by CISO Platform. Last reply by ANAND SHRIMALI May 20. 4 Replies

(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue

[Please Suggest] Corona Virus: Security advisory for work from home

Started by CISO Platform. Last reply by Bhushan Deo Mar 20. 12 Replies

(question posted on behalf of a CISO member)Due to CORONA virus most of the organizations are allowing their employees to work form home.Has any one issued security advisory for work from home ?Continue

Tags: #COVID19

Follow us

Contact Us

Email: contact@cisoplatform.com

Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2020   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service