The Data Leak Prevention Project was rolled out in Lanco Infratech Ltd
- To protect its proprietary assets and business data against any loss or leakage
- To meet regulatory requirements as per the segment of industry.
- To increase awareness amongst the employees by publishing the incidents and policy violation cases across the group
- To help in establishing evidences of intentional breaches to initiate disciplinary cases.
(Read more: Top 5 Application Security Technology Trends)
Check-list for Evaluation:
Policy Definition
- Policy Wizard to enable predefined policy templates based on Geography and Industry
- Ability to define policy owners for each policy
- Policy should allow administrators to run different external command for different policy violations
- Ability to enforce fingerprint policies when the endpoint is disconnected from corporate network
- Ability to allow administrators to define applications or application groups that can have access to sensitive data
Database Fingerprinting
- Fingerprint databases using ODBC or equivalent protocol
- Ability to create multiple rules which correlates different fields within a database with options for different threshold for different rules
- Fingerprint specific tables from a database
- Fingerprint specific fields from a table
Directory/file fingerprinting
- Ability to ignore information(Organization boiler plates, confidentiality Notice etc) from fingerprinting in files
- Ability to schedule the task for ignoring information from fingerprinting
Discovery
- Options to provide agentless discovery on databases, file servers, SharePoint portal exchange mailboxes etc
- Ability to control the bandwidth used for discovery
- Ability to maintain the original file access time stamps while performing the discovery
Destination Awareness over Web
- Create policies based on URL categories
- Real Time User Identification
(Read more: 5 easy ways to build your personal brand !)
SSL Decryption
- Ability to natively decrypt SSL sessions and inspect content sent over SSL(HTTPS).
- Hardware required for SSL decryption
- Unified Management
Custom pattern creation
- Ability to create custom patterns based on organization/data owner needs
Notification
- Options to send different notification templates for different policies
- Notification to the policy owner should be possible in the policy by adding the email address of the policy owner
- Options to notify administrators, policy owners, senders and sender's manager
Management & Reporting
- Options to view incidents by setting different filters
- Options to report sensitive information sent to multiple recipients in a single mail as a single incident
Workflow management
- Ability to quarantine sensitive emails and notify the sender's manager, policy owner and give them permissions to release the email from the system if its approved or required by business.
- Ability to escalate an incident to a person who is defined in the workflow process
- Ability to integrate automatically with DRM and encryption software
- Ability to not allow incident managers or administrators to delete an incident
Deployment Options
- Capabilities to integrate with ISA proxy by installing an agent on ISA
- Options for SSL Decryption to monitor leaks over HTTPS
- Options to monitor printing on Network printers
- Options to monitor internal mail traffic
Hardware required
- Number of hardware required to deploy DLP at HOV
- Additional hardware for SSL Decryption
Support Capabilities
- 24x7 support
- Trained partners
- Training
-With KK Chaudhary, Lanco Infratech Ltd on How To Evaluate a DLP Vendor ClickToTweet
What are some other factors you use to evaluate a DLP solution vendor ? Share your thoughts in the comments below.
(Read more: How the Heartbleed bug was found by Antti Karjalainen - discoverer ...)
Comments