For example, if data is tagged so that it is only able to be sent to a specific domain name, and someone attempts to send it somewhere else, they can be alerted to a potential policy violation (creating real-time awareness of policy), or be prevented from sending it. A digital data tag might also contain the name of the department or roles that are authorized to receive the information, which can then be enforced via the DLP policy.
Organizations can get more value out of existing data loss prevention with the use of metadata tags. They provide an added level of automated data intelligence, so files can be viewed as they move from one location to the next without the burden of having to physically recreate an audit trail. In addition, digital data tags offer an added level of data protection, helping organizations to get a better handle on how they’re moving sensitive data and put policies in place that will flag malicious actions.
This process can also help fix problems at the business process level by attaching information about how a file is to be used directly to the file, and by using the DLP system to enforce a policy that ensures the data is used for its intended purpose. By illuminating the process with a digital—rather than a manual—paper trail, you will save resources and minimize risk.
Michael Gabriel is director of the data protection practice at Integralis, which sells managed security services.