We use the solution to ensure that no data breach, such as credit card details and national insurance numbers, leaves the company. However, we have to allow some information to go through because we send a lot of information to the National Healthcare Service.
Owner / CEO at Midwest Technology Specialists LLC.
Consultant
2021-10-08T15:24:00Z
Oct 8, 2021
The big issue with data-loss protection is the end-to-end encryption between the user and whatever site they're connecting to. And that diminishes the effectiveness of the data loss protection because it can't inspect all of the data contents. Formatting is still reliant on numbers, letters, and sequences recognizable as credit cards, driver's license birthdays, etc. There's a lot of other sensitive material that could be at a client site, for example, that doesn't have a known methodology. It can be challenging to set it up to recognize instances of information unique to an environment. Unfortunately, it's even the case with a company like Microsoft. I would compare it to the data loss protection within Office 365 and say that it has the same inherent problems that you see with any encrypted email.
What is data loss prevention? Data loss prevention (DLP) is a solution or process used to prevent data breaches and ensure that sensitive data is not lost, accessed by unauthorized users, or otherwise misused.
We use the solution to ensure that no data breach, such as credit card details and national insurance numbers, leaves the company. However, we have to allow some information to go through because we send a lot of information to the National Healthcare Service.
The big issue with data-loss protection is the end-to-end encryption between the user and whatever site they're connecting to. And that diminishes the effectiveness of the data loss protection because it can't inspect all of the data contents. Formatting is still reliant on numbers, letters, and sequences recognizable as credit cards, driver's license birthdays, etc. There's a lot of other sensitive material that could be at a client site, for example, that doesn't have a known methodology. It can be challenging to set it up to recognize instances of information unique to an environment. Unfortunately, it's even the case with a company like Microsoft. I would compare it to the data loss protection within Office 365 and say that it has the same inherent problems that you see with any encrypted email.
We use it to meet our compliance.