Data Loss Prevention

Data Loss Prevention

Data loss prevention is a security solution that identifies and helps prevent unsafe or inappropriate sharing, transfer, or use of sensitive data. It can help TU Dublin monitor and protect sensitive information across on-premises systems, cloud-based locations, and endpoint devices. It also helps us achieve compliance with regulations such as General Data Protection Regulation (GDPR).

How does DLP work?

Data loss prevention is a combination of people, processes, and technology that works to detect and prevent the leakage of sensitive data. DLP uses things like antivirus software, AI, and machine learning to detect suspicious activities by comparing content to TU Dublin’s DLP policy, which defines how we label, share, and protects data without exposing it to unauthorized users.

Benefits of a DLP solution

Maintain regulatory compliance

Every organization must adhere to data protection standards, laws, and regulations like GDRP. DLP gives us the reporting capabilities needed to complete compliance audits.

Detect and block suspicious activity

DLP can be used to scan all data flowing through our network and block it from leaving the by email or other means.

Monitor data access and usage

To keep threats at bay, we need to monitor who has access to what and what they’re doing with that access. This helps prevent breaches and fraud by managing the digital identities of employees, vendors, contractors, and partners across our network, apps, and devices.

What should I expect see and do

Data Loss Prevention rules in place

Initially we are implementing 2 rules at first an 'Internal' rule and a 'confidential' rule. 

• Internal Rule: This rule checks if the email or its attachments have been labelled as Internal and is being sent to an external recipient. If the rule is true, sending the email is blocked until the recipient is removed or you click the override button to confirm you have permission to send the information to this recipient.
• Confidential Rule: This rule checks if the email or its attachments have been labelled as Confidential and is being sent to any recipient. If the rule is true, sending the email is blocked until the recipient is removed or you click the override button to confirm you have permission to send the information to this recipient.

Policy tip

When you send an email labeled as 'Internal' or 'Confidential' and the DLP rule is matched, a Policy Tip will be triggered. This serves as a precaution to ensure sensitive information is safeguarded and only shared with authorized individuals. This Policy Tip is a brief message that explains the reason for this alert. For further information, please select 'Show Details'.

Show details

You will now receive additional details explaining why this message has appeared. If an error has occurred, you have the option to remove the intended recipient. Additionally, an 'Override' option is available should you need to bypass this message.

Override

The 'Override' feature serves as a confirmation that you have reviewed the recipient list and verified that it is secure to proceed with sending the email. This option acts as a safeguard, ensuring that each email reaches only the intended recipients and prevents accidental sharing of sensitive information. It's a crucial step in maintaining email communication security within an organization.

Undo 

Once you've chosen the 'Override' option, you have the ability to reverse the action if an error occurs. Simply click the Undo button. 

Block sending

If you attempt to send an email to a recipient without first overriding the policy or removing the recipient, you will receive a notification indicating that the email has been blocked from being sent.

FAQ