Data Loss Prevention – A Strategic Approach

In our previous article we introduced the of Data Loss Prevention. We elaborated on how it is a set of strategies, tools, and practices designed to prevent the unauthorized or accidental disclosure of sensitive information or data from an organization.

Today, we will look at DLP from a strategic point of view. The DLP strategy outlines what, where, and how to protect the data and will give guidance on how to put the solution into practice.

  1. Crown Jewels – Taking the Top Down approach, identify the “Crown Jewels” – the most important data or code or Intellectual Property that needs to be protected.
  2. Research on Vendors – Assessing your own needs, look into what is the service level agreement you are aiming at? There will be multiple vendors providing different suite of products and services. You need to evaluate and figure out the most optimum service provider for your organisation’s unique needs.
  3. Incident Response and Remediation -Incident Response / Incident Management is something that should always be a part of the DLP Plan. Questions like What if and What to do should be considered right from the planning level.
  4. Crawl, Walk, Run – Instead of targeting the whole system at once (which might overwhelm the system in itself); aim to smaller deployments at a manageable pace. This increases the likelihood of success, reduces downtime in the system and paves the path for a more robust and successful DLP implementation  in future.
  5. Proof of Concept Test – The goal here is to replicate functionality and test the feature sets. This is comparable to being a pilot. Also the time to look for issues with the triage process.
  6. DLP Stakeholders – Make sure all relevant parties are aware of the program’s status. All the stakeholders, including the Executive Leadership and important Business Unit executives need to be timely updated and aware of the program.This ensures that the investment’s quality is performing at its best.

For your own System Integration, Migration & Implementation Services, Enterprise IT Support, Passive IT Solutions, Cyber Security & Technology Consulting,  reach out to us at or contact us on