One Way To Prevent Your Data From Being Exfiltrated

Download Sample M365 Risk Assessment
Akins IT • December 26, 2019

Usually, when the topic of network security arises, it tends to revolve around the strategy of securing the environment from external attacks. This involves not just securing your network perimeter with a firewall, but also email security, endpoint protection, and end user awareness.

These are all important facets to your overall security posture; but another layer to include in this picture that will ensure that you’re approaching security as holistically as possible, is to ensure that your data is protected from being exfiltrated.


DATA EXFILTRATION


Data exfiltration is the unauthorized copying, transfer or retrieval of data from a computer or server. Although it’s a common practice to ensure that infiltration is mitigated by deploying security solutions (i.e. AV, IPS, Email Security), many forget to ensure that their existing data is protected from being transferred to unauthorized locations.

How can you ensure that sensitive data such as social security and credit card numbers aren’t being transferred beyond the boundaries of your network? Or that important documents intended for internal use only, continue to remain internal and are never shared to external sources? Data Loss Prevention (DLP) is one of the solutions available to make this possible.


DATA LOSS PREVENTION (DLP)


Although there are multiple solutions available for DLP to be implemented, it is worth noting that this feature is available on some NG {Next Generation) Firewalls. The FortiGate security appliance, for example, does provide DLP as an included feature that can be enabled. This is configurable as a security profile which can be applied on a per firewall policy basis. DLP monitors a set of network protocols along with configurable rules to ensure that files and embedded content leaving the network adheres to company policy. Additional features, such as, file share fingerprinting and message archiving can also be enabled to enhance the functionality of DLP.

It is also important to note that in order for DLP to work at its highest level of accuracy, SSH deep packet inspection must be enabled.

CONTACT US TO LEARN MORE ABOUT THIS TOPIC OR TO SCHEDULE A CALL

Improve Productivity with Copilot and Akins IT

By Shawn Akins December 13, 2024
Unleashing Productivity: Maximizing Potential with Copilot for Microsoft 365 and Akins IT

Collaborate Securely with Akins IT

By Shawn Akins November 25, 2024
Security Insights

Navigating the End of the Microsoft Enterprise Agreement: What It Means for Our Customers

By Shawn Akins November 13, 2024
One of the most impactful changes is the upcoming end of the Microsoft Enterprise Agreement (EA) framework, set to take effect on January 1, 2025.
More Posts