For modern enterprises, the task of protecting confidential information is crucial. According to expert assessments, the primary threat to information security comes from insiders - the company's own employees who inappropriately use confidential work-related information, and in most cases, this is unintentional. Sending the company's emails and documents to external mailboxes, publishing internal information on forums, transferring documents using various communication programs, printing on printers, and saving to mobile storage, as well as disseminating information through FTP protocols and many other possibilities, all lead to the complication of controlling the transmission and processing of confidential data. In such conditions, controlling all possible data leak channels without special tools is practically impossible.

To ensure monitoring and, if necessary, prevent the leakage of confidential information, a Data Loss Prevention (DLP) solution is applied. It allows for protecting corporate information from leaks from the information system and minimizing risks to the business.

We offer:

Design and implementation of DLP systems. Implementing a DLP system enables the automation of corporate data management, determination of which corporate data is confidential, organization of information regarding the movement of corporate data, access control for users, storage locations, and data transmission channels, and the establishment of processes to comply with security policies and industry standards.

The implementation of the DLP system includes two approaches:

HostDLP. The first approach is client-based and involves installing agents on the customer's information assets, including a server with configured search rules, classification, and acceptable data processing scenarios. The client device module, or agent, is designed to control data storage, encryption, data movement, including printing and copying, for both entire documents and their parts.

Agents are installed on corporate assets (workstations and servers) and allow real-time tracking and blocking of user actions related to confidential corporate data. All attempts of unauthorized actions are logged and transmitted to the management system for analysis by security administrators. When a computer is disconnected from the corporate network, the module continues to work autonomously in accordance with configured policies. Upon reconnection to the network, the management system sends a report on all unauthorized incidents.

NetworkDLP. The second approach is based on network tools and includes the following modules:

  • The network module tracks the transmission of information through gateways. Typically, a company uses two gateways: for web and email.
  • The Storage and Data Center (SХД) analysis module regularly scans information on database servers, portals, document management systems, and file servers. During scanning, compliance with the policy of storing confidential data is determined.
  • The perimeter protection module analyzes all outgoing traffic from the company. It evaluates email communication, data transmission using various protocols, and allows analyzing all information that bypasses the gateways established in the network.

Each of the DLP implementations includes a management system that consolidates information from all DLP modules, analyzes system performance and load, manages its functionality, and enables the generation of reports on the movement of corporate data and tracking unauthorized document access.

It is possible to implement a DLP system that includes both hostDLP and networkDLP from a single manufacturer with a unified management console, allowing you to combine the capabilities of different implementations to maximize the protection of confidential data from leaks.

DLP solutions from SNT Ukraine are based on products and technologies from manufacturers such as Digital Guardian, Wallix, McAfee, Safetica.