Below are Top 6 Reasons Why/ Data Leakage Prevention/Data Loss Prevention Fails:
Lack of business/key-stakeholders involvement:
Failure to include key stakeholders (Including Business and C-level executives) while defining requirements and formulating DLP policy make implementation harder. A clear ‘Data Loss Prevention policy’ from the management and Board clearly sets up the expectations, allocate needful resources and comes up with a plan for its governance.
Ineffective data classification methods:
Failure to identify the right data to be protected. Undermining certain data can lead to the exposure of sensitive information while the overwhelming amount of protected data can bring down the system and network performance. Conducting risk assessment on data, data owners, and data custodians is very crucial for the success of any DLP implementation.
Improperly configured content scanning module:
Failure in defining right use cases and processes related to sensitive information may lead to ineffective controls which can open doors for an attacker to get his hands on the sensitive information
Excessive False positives:
Overly strict rule-set, policies can lead to an overwhelming amount of false positives and reporting. This can drastically bring down employee productivity and results in unnecessary workload for IT security team
Loosely Integrated Data Loss Prevention modules:
A complete DLP implementation will have network protection modules, Host protection modules and storage modules tightly integrated and centrally managed. Loosely Integrated DLP modules will create a lot of management overhead and may lead to ineffective monitoring.
Failure in periodic monitoring of changes in organization IT Infrastructure, Business units, and processes:
This can render previous DLP controls ineffective. The changes must be taken into account to fine-tune DLP modules from time to time in order for the DLP solution to deliver its value
Re-post of the blog, originally posted on CISO Platform