|Long description||DLP-system (Data Leak Prevention) is a specialized software that protects the organization from data leaks. This technology is not only the ability to block the transfer of confidential information through various channels, but also a tool for monitoring the daily work of employees, which allows you to find security weaknesses before the incident.|
Often, companies pay more attention to external threats: spam and phishing attacks, viruses (Trojan software, worms), website spoofing, spyware and adware, and social engineering. But in fact, internal threats can cause a company much more serious damage than intruders from the outside.
In principle, any employee of the company can be a potential insider and put information security at risk. No one is safe from malicious intent or simple mistakes: from the lowest-level employee to top managers.
The operating principle of the DLP system is simple, and consists of analysis of all information: outgoing, incoming, and circulating within the company. Using algorithms, the system identifies the type of information, whether it is critical, and if it goes where it is not supposed to go, the system blocks the transmission and/or notifies the responsible employee about it.
The basis of DLP is a set of rules. They can be of any complexity and relate to various aspects of the work. If someone violates them, the responsible person(s) receive a notification.
IT Partner responsibilities #
- Together with the client, determine the types of data and resources that need to be included in the policy, as well as the parameters of the policy itself
- Create the statement of work describing DLP configuration requirements
- Configure the necessary policies according to the document
Client responsibilities #
- Coordinate Client resources and staff schedules
- Provide a dedicated point of contact responsible for working with IT Partner
- Report requirements for DLP settings and participate in the preparation of the statement of work for DLP settings
- Coordinate any outside vendor resources and schedules
- Configure all network equipment, such as load balancers, routers, firewalls, and switches
- Review and approve engagement deliverables in a timely manner
Additional cost items not provided by the project #
Upon completion of the project, we will provide a project closeout report. This document will indicate the final project status including acceptance criteria matching, outstanding issues, and the final budget. If you require more extensive documentation, it can be provided for an additional fee.
Office 365 subscription with one of the following services:
The plan may vary depending on your needs.
- Kickoff meeting
- Preliminary data collection
- Statement of work preparation and approval
- Creation of policies and their application
- Verification and fixing issues
Success Criteria #
- The statement of work describing the requirements for DLP settings is prepared
- DLP policies are configured according to the statement of work