Data Loss Prevention
Data loss prevention is increasingly taking centre stage in data security due to vast amounts of data created, generated and collected by institutions. Most decisions made in organizations are data-driven; therefore, data is the 21st century oil and must be protected from loss through digital attacks and data breaches. Data loss prevention (DLP) is a set of tools and processes used to ensure that sensitive data is not lost or misused. Its primary aim is to prevent end-users from accidentally or maliciously sharing data that could put them or their organizations at risk. For learning institutions, DLP is used to comply with various laws on the protection of student data. DLP protects data such as personally identifiable information, intellectual property such as training content and other educational content, and student information such as contact information, health information. Learning institutions must also protect their financial data such as fee payments, grants received from governments and payroll information.
In summary, organizations and individuals use DLP to:
- Protect Personally Identifiable Information (PII) and comply with relevant regulations
- Protect Intellectual Property critical for the organization and for the individual
- Secure data on remote cloud systems
Some causes of data loss include:
- Insider threats: An insider such as an employee who abuses their right of access to move data outside the organization
- Digital attackers: Malicious attackers target sensitive data to sell it, tarnish an organization’s brand image, or blackmail.
- Negligent exposure: People with access to the data can accidentally share confidential information
- Missing devices: Stolen or missing devices that store confidential data. Missing devices contribute to 42% of data breaches globally, as shown in Figure 1.
- Accidental deletion of data
- Corruption of files due to operating system errors.
The figure above shows the various contributors to security and data breaches with the biggest being missing devices and negligence by employees.
Data Loss Prevention Techniques
Data loss can be implemented through various solutions tailored to data protection. These solutions are suitable for institutions. However, enterprise solutions are not ideal for individuals because they can be quite costly. What simple techniques can an individual use to prevent data loss?
Limit the use of portable devices
Most data loss prevention strategies focus on preventing data leakages from the school’s network over the internet, but neglect one of the biggest challenges to any DLP strategy; portable devices. Missing devices account for 42% of data losses; therefore, it is important to limit the use of portable devices in the learning institution. Portable devices are easily lost; hence they are a great weakness in any institutions. An institution can completely disallow them or use only organization issued portable USBs. These USBs should allow automatic encryption to protect any sensitive data that is stored in them.
Individuals should also purchase USBs with such features, or ensure they use tools like BitLocker to encrypt the contents of their portable devices.
Partitions
Another technique used to prevent data loss is the use of partitions. A partition is a logical division of a hard drive. The most common criteria for creating partitions is to have one for the operating system and another for data. By utilizing partitions, you prevent errors in one partition from affecting data in the other partitions and causing data loss. To effectively use partitions, the best time to partition hard drives is before the installation of the operating system. Remember to back up data before using partitioning software, as mistakes could lead to data loss. Some data partitioning software include EaseUS, MiniTool partition wizard and GParted
To create, resize or delete partitions, follow the steps detailed in this article
All external hard drives should also be partitioned to prevent data losses in case one partition fails…
Back-Up
Even after implementing various data loss prevention methods, data loss is still probable. It is important to back up any important data so that in case of any loss, you can restore this data from the backup location. You can use external drives or the cloud to store backups. Most used cloud services include Google Drive, One Drive and Dropbox. Due to the large volumes of data, it is crucial to manage the storage space in the cloud drives available to us as individuals. It is advised that automatic backing up be disabled so that one can decide on the specific data they want to back up.
As earlier mentioned, data can also be lost through accidental deletion. To prevent such loss:
- Always maintain a regular backup of essential data such as performance grades, class plans, research
- Organize files into folders depending on the importance. For example, one can have a folder with student grades and another with research. This limits data loss in case one folder gets corrupted or is accidentally deleted.
- Do not save important data in frequently used partitions or locations to avoid accidental deletion. For example, the Documents folder and the Desktop are frequently used; therefore they are not a good place to store any important data
- Verify the Recycle Bin before emptying.
Additionally, to prevent data loss through corruption, implement the following guidelines:
- Have anti-virus software installed as some malware may cause corruption of files
- Do not interrupt any data transfers as this could lead to corruption of the files being transferred
- Use the recommended procedure to terminate any applications that access data
- Safely removing external storage devices like hard drives and flash drives
- Follow proper shutdown procedures
In conclusion, data losses can be devastating for both organizations and individuals with effects such as financial losses, damage to brand reputation and privacy infringement. However, most data losses can be prevented through caution and use of the mentioned preventive measures.