Data leakage protection (DLP) should be implemented for any site that is concerned with regulatory compliance, protection of corporate confidential information or personally identifiable information. These tools can be used to detect ingress or egress of protected information from an environment. While there are still a number of methods to extract data from environments that cannot be controlled through such means, it significantly raises the bar and prevents many common methods of extracting data from an environment. These systems are also useful in detecting misconfiguration of systems that intentionally move data between environments through common messaging tools.
Internet access control systems provide enforcement of Internet usage. This is valuable even when used only to prevent access to malicious sites. Internet access control systems can be used to identify systems that have been subverted, including botnets, and viruses that communicate over various command and control connections. While there are other ways to control access to Internet sites (or prevent access to specific sites), dedicated systems are easier to manage and support production of consumable management reports.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.