Definition

data loss prevention (DLP)

Part of the Data and data management glossary:

Data loss prevention (DLP) is a strategy for making sure that end users do not send sensitive or critical information outside of the corporate network. The term is also used to describe software products that help a network administrator control what data end users can transfer.

Next Steps

Adoption of DLP, variously called data leak prevention, information loss prevention or extrusion prevention, is being driven by insider threats and by more rigorous state privacy laws, many of which have stringent data protection or access components.

DLP software products use business rules to examine file content and tag confidential and critical information so that users cannot disclose it. The software can be useful for identifying and tagging well-defined content (such as Social Security or credit cards numbers) but tends to fall short when an administrator is trying to identify other sensitive data such as intellectual property. To implement enterprise DLP software successfully, personnel from all levels of management need to be actively involved in creating the business rules for tags.

Once DLP software tools have been deployed, an end user who accidentally or maliciously attempts to disclose confidential information that's been tagged will be denied. In addition to being able to monitor and control endpoint activities, DLP tools can also be used to filter data streams on the corporate network and protect data at rest.

This was last updated in December 2012
Posted by: Margaret Rouse

Related Terms

Definitions

  • data hygiene

    - Data hygiene is the collective processes conducted to ensure the cleanliness of data. Data is considered clean if it is relatively error-free. Dirty data can be caused by a number of factors includ... (WhatIs.com)

  • Amazon RedShift

    - Amazon RedShift is a fully managed petabyte-scale data warehouse service. RedShift is designed for analytic workloads and connects to standard SQL-based clients and business intelligence tools. (WhatIs.com)

  • erasure coding

    - Erasure coding (EC) is a method of data protection in which data is broken into fragments, expanded and encoded with redundant data pieces, and stored across a set of different locations, such as d... (SearchStorage.com)

Glossaries

  • Data and data management

    - Terms related to data, including definitions about data warehousing and words and phrases about data management.

  • Customer data management

    - Terms related to customer data management, including customer data integration (CDI) technology definitions and words and phrases about data quality and data governance.

  • Security management

    - Terms related to security management, including definitions about intrusion detection systems (IDS) and words and phrases about asset management, security policies, security monitoring, authorizati...

Ask a Question. Find an Answer.Powered by ITKnowledgeExchange.com

Ask An IT Question

Get answers from your peers on your most technical challenges

Ask Question

Tech TalkComment

Share
Comments

    Results

    Contribute to the conversation

    All fields are required. Comments will appear at the bottom of the article.
    Back to top