Getting Value from Your DLP Investment

People can sometimes feel overwhelmed when they think about deploying data loss prevention (DLP) at their organization. Some common concerns I hear from prospects are:

• First I want to classify my data.  How can I do that?
• DLP has many components.  Where do I start?
• I have lots of data – some sensitive, some not. How do I determine what is valuable?

 The complexities arise because there are so many moving parts and DLP touches so many different parts of an organization.  For example,

• Most solutions require that you install and maintain a separate database for recording and reporting on DLP incidents.  Can I say additional headcount?
• Policies need to be setup and tuned to reduce the number of false positives. It is expensive to have your team to work on spurious incidents.
• Due to the sensitive nature of data captured by DLP solutions, you’ll want to control what information can be viewed by whom in the incident response chain.
• Network monitoring components will need to be placed at each network egress point in order to get a complete picture of data leaving the enterprise. Connections are typically via port mirroring or a network tap, so you’d typically need to work with the network team to get this setup.
• Data discovery components will need to be placed in major data centers to efficiently crawl the servers for sensitive data. You’ll need to work with the data center team to get these components placed into the data center and will also need login credentials with the correct access levels to find everything on the servers.
• Network prevention components have to integrate with web proxies and email gatewaysin order to perform active remediation ((i.e. blocking email, rerouting for encryption, etc.) on network communications.
• Endppoint components have to be deployed on your laptops and desktops.   That requires you working closely with the desktop team.

 With McAfee Data Loss Prevention (DLP), we make things easier.

• We’ve got a great set of products, having been positioned as a Leader in both Gartner’s Magic Quadrant for Content-Aware Data Loss Prevention and Forrester’s Wave for Data Leak Prevention Suites.
• We also provide hardened appliances (available in either physical or virtual form factors). That means you can get our solution deployed fast. No need to build servers, patch oprating systems or procure databases.
• We integrate with McAfee ePolicy Orchestrator, which makes deploying the DLP endpoint componenta cinch. Additionally,you can use McAfee ePolicy Orchestrator as your one-stop-shop from which you can create, deploy, test and report on IT security policies. 
• We have unique Capture technology. This allows you to immediately test your policies against your organizations historic data – and get to effective protection in days, not months.

And that is just the beginning.  If you own McAfee DLP, I want to make it easier for you to learn about the value that you can get out of it. Learning from watching is next best to learning from doing and so I invite you to view some short technical video tutorials that the team has pulled together and posted to the McAfeeDLP YouTube channel.

• Searching in the McAfee DLP Capture Index
• Using Policies in McAfee DLP
• Using Concepts in McAfee DLP
• Creating Action Rules in McAfee DLP
• Creating Templates in McAfee DLP
• Data Classification with McAfee DLP
• Performing Incident Management in McAfee DLP
• Fingerprinting Documents with McAfee DLP
• Traffic Analysis in McAfee DLP
• Role-Based Access Control (RBAC) and LDAP Integration
• Location Based Tagging with Unified DLP Management

As always, these blogs aren’t the only way to stay current on DLP.  Follow us on Twitter (@McAfeeDLP) and, of course, subscribe to the McAfeeDLP YouTube channel as we’ll be adding more videos over time.

By Nikfar Khaleeli