Test
McAfee Data Loss Prevention
Best Practices Guide
White Paper | September 2007
www.mcafee.com
Table of Contents
Objective . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . 3 Background . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 McAfee Solution Services Methodology . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3 The Data Security Program . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Strategize: Discovery and RiskAssessment . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Plan: Data Classification and Policy Architecture . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. 5 Design, Implement, Operate, and Optimize: DLP Solution Integration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8 Summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .. . . . . . . . . . . . . . . . . 12 About McAfee, Inc . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12
White Paper | September 2007
www.mcafee.com
Best Practices Guide
ObjectiveAll companies risk the loss of sensitive data as confidential or proprietary information escapes through unauthorized channels. Data losses translate to billions in dollar losses every year, in the form of damaged brand equity, fines for regulatory violations, and opportunity costs resulting from stolen intellectual property. Given the high stakes involved, enterprises must implement strong andwell-designed safeguards for sensitive data.
This guide provides a road map for creating an effective enterprise data loss prevention (DLP) program . It outlines the necessary steps for managing data usage, from initial risk assessment and planning, to data classification and policy architecture, to deployment and maintenance of automated loss prevention tools . The guide incorporates proven bestpractices to deliver not only a comprehensive technical solution, but also a best-of-breed enterprise data loss prevention model . DLP solutions work in this space, safeguarding data where other security solutions have proven ineffective . McAfee® Solution Services and McAfee SecurityAlliance™ expand the classic security approach with a program focused on DLP . By transferring their knowledge inthis document, these teams aim to guide organizations to scope a proper DLP solution in advance, execute plans smoothly, and maintain momentum as needs evolve .
Background
Protecting sensitive information from unauthorized disclosure has become a major concern for companies worldwide . High-profile cases have highlighted the critical need to protect core assets, intellectual property, and...
Regístrate para leer el documento completo.