Secondly, it is very important to note that DLP will collect and report on the most sensitive information traversing your systems or networks. Think of all of the sensitive email discussions and documents shared between business leaders and board members, and HR for example. Allowing your support teams to be able to see this data is clearly inappropriate. You will therefore want to restrict access to the content of the DLP event (i.e., John Smith copied 1,000 names and social security numbers to a USB thumb drive and here are all of the social security numbers and names he copied).
On the other hand, the context of the DLP event should be available to support teams so they can address the event (i.e., John Smith copied 1,000 names and social security numbers to a USB thumb drive). Many DLP solutions provide for these distinctions. In fact, it should be a showstopper if this capability does not exist in the solution you are considering.
Deploy cautiously & develop documentation
Deploy cautiously and consciously. Keep in mind that DLP is powerful technology, and if deployed improperly can impact key components of your communications. Keep your DLP deployments small at first. Then, as confidence with the solution grows expand into additional groups. Think about deploying to some of the highest risk areas of your business early on; you wouldn't want an otherwise preventable breach to have occurred while you were busy deploying to lower risk areas of the business, and you will learn more at the same time.
Begin by enabling monitoring only. Don't start out with blocking or auto-encrypting data until you are truly ready and understand the implications of getting any of this wrong. Expect help desk calls, and prepare your support teams so they are able to respond to them effectively. Determine what you will do when you learn of a given policy violation and gain alignment with stakeholders (Legal, HR, IT) for each scenario that is likely to occur.
Ensure that you document everything related to the architecture and deployment of DLP. If you were to burn it all to the ground, your documentation should be able to guide you through full re-deployment. If it cannot, then your documentation is insufficient. Lastly, share reports and metrics with leadership that illustrate the positive impact DLP is having on your ability to protect sensitive information. They will want to know how effectively their organization's money and resources have been spent.
Sign up for MIS Asia eNewsletters.