Information Leakage Prevention
Information Leakage Prevention is a data loss prevention software. The software detects and prevents potential data breaches or data exfiltration transfers by monitoring, detecting and blocking sensitive data in use (endpoint actions), in motion (network traffic) and at rest (data storage).
It is a marketing (information security) term.
Data loss and data leakage
The terms “data loss” and “data leak” are related and often used interchangeably. Data loss incidents become data leak incidents when media containing confidential information is lost and subsequently captured by an unauthorized person. However, a data leak is possible without losing the data on the originating site.
The technological means of handling Information Leakage Prevention can be divided into categories:
Types of Information Leakage Prevention
Network technology (Data in Motion) is usually installed at network exit points near the perimeter. To identify data as confidential, it initiates analysis of traffic on the network that is sent in violation of information security policies. Multiple security control points can report activity to be analyzed by a central management server.
Endpoint systems (data in use) run on internal work servers or end-user workstations. Like network-based systems, endpoint-based technology can address both internal and external communications. It can therefore be used to control the flow of information between groups or types of users. You can also control email and instant messaging communications before they reach the corporate archive so that a blocked communication (i.e., one that was never sent and therefore not subject to retention rules) is not identified in a subsequent legal discovery situation.
Endpoint systems have the advantage of monitoring and controlling access to physical devices (e.g., mobile devices with data storage capabilities). In some cases, they can access information before it is encrypted. Endpoint systems as Information Leakage Prevention also have access to information required for contextual classification. For example, the source that generates content. Some endpoint-based systems provide application controls to block attempted transmissions of sensitive information and provide immediate user feedback. They must be installed on every workstation in the network, not used on mobile devices.
Other types include:
- The identification of the data
- Data leakage attempts
- Archived data
- Used data
- Data in Motion
Do you have any more questions?