<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2975524&amp;fmt=gif">
BLOG

What Is Data Loss Prevention And Why Is It Important To Your Business?

November 18, 2016

It has many names, from “data loss prevention” and “data leakage prevention” to the brief “DLP,” but regardless of which term you use, this objective and its network tools are designed for one major task: detect and prevent unauthorized transmission of your data to outside parties.

DLP tools process highly classified or sensitive information, such as PCI, PII and PHI and ensures that end users don’t send that information outside of your network. These tools are built for a perimeter-based prevention approach, client-based approach and a combination of the two. In today's world, this includes wherever the data lives, cloud, on premise or at the endpoints.

As you might guess, these tools are prevalent with government agencies and in the banking and insurance industries.

Data loss prevention is not the simplest mechanism. As Network World writes, “Finding the right perimeter-based data loss prevention tool means striking a balance between speed, accuracy at detecting and blocking sensitive data from exiting the network, and adequate coverage across a broad range of rule-sets and protocols.”


How To Leverage Data Loss Prevention Tools

DLP tools must have access to all outbound connections from your transaction processing network in order to completely secure your data. Do not restrict this program. In fact, you may even need additional resources to maintain strong data and network security. And as one information security expert explains, most data leakage prevention tools block unwanted traffic only when it’s combined with a network, so managing your egress filtering helps to block as much of such traffic as possible.

What Your Network Is Missing 7 Tools To TAP

DLP Installation 

In most cases, companies that provide data loss prevention services come on site to configure their tools for you. Even if you installed them yourself, the process is relatively simple and straightforward for most products, though there are some tools that require a bit of communication between you and your DLP partner.

Upon installation, your DLP tool should pass data between the simulated LAN and WAN, at which point you’re able to customize your own specifications for filtering data. This could be anything from source code to credit card numbers and other sensitive information to types or sizes of files. Typically, you also have the power to customize protocols for how your DLP tool blocks data.

Connection Issues

Gaining access to complete network traffic is essential for successful data loss prevention. SPAN ports will not provide 100% of network traffic when oversubscribed or unavailable. If your DLP tools need to simultaneously monitor multiple network segments and aggregate or replicate data to multiple network tools, a network TAP is more reliable device. 

In addition, because a DLP tool needs to be installed in-line, it might create network downtime in the event of failure or need for maintenance, depending on how it’s connected to your network. With bypass TAPs, however, the network link is able to run while any work is being performed. To properly mitigate the risk of data loss, ensure that you’re able to intelligently connect your DLP tool. Otherwise, there’s always a greater possibility that your precious information is in danger.

 

Read more about Data Loss Prevention Tools in our free white paper, What's Your Network Missing: 7 Tools to TAP
 

See Everything. Secure Everything.

Contact us now to secure and optimized your network operations
Contact Us

Heartbeats Packets Inside the Bypass TAP

If the inline security tool goes off-line, the TAP will bypass the tool and automatically keep the link flowing. The Bypass TAP does this by sending heartbeat packets to the inline security tool. As long as the inline security tool is on-line, the heartbeat packets will be returned to the TAP, and the link traffic will continue to flow through the inline security tool.

If the heartbeat packets are not returned to the TAP (indicating that the inline security tool has gone off-line), the TAP will automatically 'bypass' the inline security tool and keep the link traffic flowing. The TAP also removes the heartbeat packets before sending the network traffic back onto the critical link.

While the TAP is in bypass mode, it continues to send heartbeat packets out to the inline security tool so that once the tool is back on-line, it will begin returning the heartbeat packets back to the TAP indicating that the tool is ready to go back to work. The TAP will then direct the network traffic back through the inline security tool along with the heartbeat packets placing the tool back inline.

Some of you may have noticed a flaw in the logic behind this solution!  You say, “What if the TAP should fail because it is also in-line? Then the link will also fail!” The TAP would now be considered a point of failure. That is a good catch – but in our blog on Bypass vs. Failsafe, I explained that if a TAP were to fail or lose power, it must provide failsafe protection to the link it is attached to. So our network TAP will go into Failsafe mode keeping the link flowing.

Glossary

  1. Single point of failure: a risk to an IT network if one part of the system brings down a larger part of the entire system.

  2. Heartbeat packet: a soft detection technology that monitors the health of inline appliances. Read the heartbeat packet blog here.

  3. Critical link: the connection between two or more network devices or appliances that if the connection fails then the network is disrupted.

NETWORK MANAGEMENT | THE 101 SERIES