Put a Data-Loss Prevention Strategy in Place

Posted by: Rod Kurtz on November 3, 2009

Massive data breaches make headlines every day, but even small data breaches can have devastating repercussions on businesses and their clients. When one considers the financial, legal, and reputational damage that a data breach causes, it becomes clear that even small organizations can’t afford to operate without a data-loss prevention solution.

Here are two steps for getting started:

Step 1. Determine where the primary point of data control should be—at the endpoint, the network, or a combination of both. There are many different approaches to data protection, from network-level data-loss prevention suites to laptop encryption technologies and everything in between. To decide what’s best for your business, begin by determining where the primary point of data control should be.

Endpoint technologies protect intellectual property from theft or unauthorized dissemination, such as preventing someone from downloading a customer list onto a USB drive and walking out the front door. The value of network solutions lie in monitoring how information is used within the organization so you can identify and correct faulty business processes. Some small businesses begin with a data discovery project simply to understand where their sensitive data exists and determine their level of risk.

Step 2. Selecting the right data-security solution begins with research. Take advantage of readily available research in published analyst reports to understand product capabilities. Look for a solution that provides the flexibility to take an incremental approach and provides coverage across a broad array of communication channels including e-mail, Web traffic, instant messaging, peer-to-peer, streaming media, and endpoints such as USB drives, printers, desktops, and laptops.

Some small businesses will opt for a data-loss prevention solution that spans the network and endpoints. Others will find value in e-mail security solutions that monitor outgoing e-mail for sensitive information. Still others will opt for endpoint encryption technologies.

The important point is that more small businesses must begin enforcing data-security policies. A single data breach can have lasting repercussions. With the right policies, technology, and employee education, you can mitigate your risk.

David Meizlik
Director, Web and Data Security
Websense
San Diego

Reader Comments

Joseph Lazzarotti

November 3, 2009 8:12 AM

Great post, and given the human element that leads to many breaches, clear policies and training can go a long way to preventing a breach. I prepared a primer for midsized businesses that go through many of the areas companies should be thinking about when developing a plan. www.workplaceprivacyreport.com

James Reid

November 4, 2009 10:19 AM

I use http://www.backupspace.com to do my remote backups. Have needed to restore and there was no issues, support staff was great in helping me set up some advanced features I wanted to try out but couldn't set up myself as I am not the most computer savvy person in the world =/. Excellent product, I highly recommend!

Post a comment

 

About

Want to improve the way you run your business? Entrepreneurs, academics, and consultants from diverse industries offer practical advice on a variety of topics each business day.

To submit a tip for consideration, first check our archive of previous tips to make sure you're not repeating a tip someone has already contributed. Then send the tip to Small Business channel contributor Michelle Dammon Loyalka. Because of the volume of material she receives, she may not respond to each individual.

BW Mall - Sponsored Links

Buy a link now!