Choose language:
Pratite nas:

Data leakage prevention

Ensuring appropriate visibility and control over business information flows and unauthorized information disclosure is one of the key information security challenges.


The traditional network-centric control or system-centric approach to security fails to protect company sensitive data. To reduce the risk of data loss, companies need to take a risk-based, data-centric approach to security, which is a paradigm shift from the traditional network-centric or system-centric security. The approach is a combination process and technology that focuses on information flow across business processes.

The goal of implementing data-centric security is to create and sustain flexible, ongoing, and continually improving security processes that recognize and react to changes in internal and external environments and enable business processes.

Thus, the data-centric approach focuses on data and requires the understanding of:

  • Discovery – Which sensitive data exists, and where is it located?
  • Activity – which user is taking which actions pertaining to sensitive data?
  • Destination – Where is sensitive data going?
  • Control – What controls are needed to mitigate the risk of users’ actions?

Currently, only a few companies can claim they can control information flows within their information system to the extent they can efficiently prevent information leakage or timely and undoubtedly determine who disclosed business critical information and how it was done.

Information can be exchanged in different ways in a modern IT system:

  • File share,
  • E-mail,
  • Copy of USB memories or disks or CD/DVD media,
  • Web exchange, FTP exchange or other protocols for information exchange,
  • Instant messaging or social networks,
  • Printing.

Each of the ways can be regular and justified, but it could also be a potential data leakage point.

Major function of a Data Leakage Protection (DLP) and Enterprise Information Protection system is to ensure efficient and complete protection of unauthorized information revelation.

Good and appropriately implemented DLP/EIP system ensures:

  • Automated discovery of business sensitive information,
  • Automated and user initiated classification of business sensitive information,
  • Visibility over user activities related to classified information,
  • Egress control over business information,
  • Encryption of business sensitive data,
  • Accurate and consistent alerting and reporting,

Regardless of the method of DLP/EIP implementation, it is necessary to ensure undisturbed performance of business processes in addition to the high level of protection.

In order to reduce the risk of data leakage, INFIGO IS offers its clients Digital Guardian platform for enterprise information protection as well as professional services which will ensure thorough and efficient implementation.