Champion’s data loss prevention (DLP) service helps you identify, monitor and protect sensitive information in your organization through deep content analysis. DLP is increasingly important for enterprise message and collaboration systems, because business-critical email and collaboration often includes sensitive data that needs to be protected. Worrying about whether financial information, personally identifiable information (PII) or intellectual property data might be accidently sent to unauthorized users can keep a Chief Security Officer (CSO) up all night.
We address your DLP concerns and make sure you can rest easy by following our time-tested five step methodology:
Step 1: Discovery
Through a series of interviews, workshops, questionnaires and automated data gathering tools, we gather extensive information about your company that is crucial to developing a unique and effective DLP strategy. We ask questions such as:
- What are your organizational goals?
- Do you have regulatory compliance requirements that must be met?
- Who currently has access to what data?
- Do you have policy templates in place today, and if so what are they?
- How do you handle employee education and acknowledgment of DLP policies?
- What is your current technology? Is it doing its job accurately or is it causing compliance burdens on your business?
Step 2: Analysis
After our discovery phase, our consultants analyses your current requirements, environment and future needs, we perform a gap analysis, measuring what you have today against what will be needed tomorrow.
Step 3: Recommendations
We will provide both a written recommendation report as well as a comprehensive presentation of our findings and recommendations, which will address the following:
- Starting a preconfigured policy template that can help you detect specific types of sensitive information such as PCI-DSS data, Gramm-Leach-Bliley act data, or even locale-specific personally identifiable information (PII)
- Testing the effectiveness of your DLP policies before fully enforcing them
- Incorporating your own custom DLP policy templates and sensitive information types
- Detecting sensitive information in message attachments, body text, or subject lines as well as file share and network drives
- Adding policy tips, which can help contextually educate your end users by displaying a policy tip in Outlook etc.
- Looking at the different DLP reports in the Office 365 admin center to drive compliance adoption in the organization.
Step 4: Implementation
Working alongside your team, we will focus on implementing the agreed up solutions while making sure that we address the business requirements, technology enhancements and operational changes that must take place.
Step 5: Ongoing Life Cycle Support
Two times a year, we will touch base with your team to assure that we are achieving the goals that have been set. We will also make sure that the DLP policies are not so constrictive that it affects business and insure that we can meet any audit requirements.
Adopting this kind of comprehensive DLP strategy will offer many benefits to your company, including education for your team regarding security and data loss, better positioning for compliance audits, and prevention of leaks of any valuable corporate data.