Data Leakage Prevention (DLP)

High profile security breaches have created intense publicity and significant regulatory actions against the organisations responsible. The serious impact of these breaches is prompting organizations to take immediate measures to understand the sensitive information they hold, how it is controlled and how to prevent it from being leaked.

Challenges

• Complex organisations storing  large volumes of data across multiple systems in numerous locations
• Increased use of third parties to store and process data
• Changing staff perception and raising awareness
• No awareness of internal data flows, what is sensitive and what should be protected
• Lack of clarity on who has access to data, which applications process it and what controls protect it

Deloitte approach

The key to achieving the desired level of security is through a multi-layered approach that builds an IT security conscious culture within all areas of the organization: governance, people, process, technology. Our approach first looks at understanding the critical information your organization processes, where it comes from, how it is stored and sent. Following this we undertake a controls review to assess who has access to it, which applications process it and what controls are in place.

Why Deloitte?

• Our Cyber Risk professionals have a wealth of knowledge and experience of performing customer information flow analysis and controls reviews.
• Our experience covers the breadth of issues faced by organisations including understanding where their customer information is, performing detailed security assessments, reviewing third party controls, understanding the regulatory environment and getting to the bottom of cultural issues that could impact business processes.
• We understand both the detail of the issues an organisation faces, and step back and provide realistic recommendations for improvement.