4.1 KiB
8.12 Data leakage prevention
| Control type | Information security properties | Cybersecurity concepts | Operational capabilities | Security domains |
|---|---|---|---|---|
| #Preventive #Detective | #Confidentiality | #Protect #Detect | #Information_protection | #Protection #Defence |
Control Data leakage prevention measures should be applied to systems, networks and any other devices that process, store or transmit sensitive information.
Purpose To detect and prevent the unauthorized disclosure and extraction of information by individuals or systems.
Guidance The organization should consider the following to reduce the risk of data leakage:
a) identifying and classifying information to protect against leakage (e.g. personal information, pricing models and product designs); b) monitoring channels of data leakage (e.g. email, file transfers, mobile devices and portable storage devices); c) acting to prevent information from leaking (e.g. quarantine emails containing sensitive information).
Data leakage prevention tools should be used to:
a) identify and monitor sensitive information at risk of unauthorized disclosure (e.g. in unstructured data on a user’s system); b) detect the disclosure of sensitive information (e.g. when information is uploaded to untrusted third-party cloud services or sent via email); c) block user actions or network transmissions that expose sensitive information (e.g. preventing the copying of database entries into a spreadsheet).
The organization should determine if it is necessary to restrict a user’s ability to copy and paste or upload data to services, devices and storage media outside of the organization. If that is the case, the organization should implement technology such as data leakage prevention tools or the configuration of existing tools that allow users to view and manipulate data held remotely but prevent copy and paste outside of the organization’s control.
If data export is required, the data owner should be allowed to approve the export and hold users accountable for their actions.
Taking screenshots or photographs of the screen should be addressed through terms and conditions of use, training and auditing.
Where data is backed up, care should be taken to ensure sensitive information is protected using measures such as encryption, access control and physical protection of the storage media holding the backup.
Data leakage prevention should also be considered to protect against the intelligence actions of an adversary from obtaining confidential or secret information (geopolitical, human, financial, commercial, scientific or any other) which can be of interest for espionage or can be critical for the community. The data le akage prevention actions should be oriented to confuse the adversary’s decisions for example by replacing authentic information with false information, either as an independent action or as response to the adversary’s intelligence actions. Examples of these kinds of actions are reverse social engineering or the use of honeypots to attract attackers.
Other information Data leakage prevention tools are designed to identify data, monitor data usage and movement, and take actions to prevent data from leaking (e.g. alerting users to their risky behaviour and blocking the transfer of data to portable storage devices).
Data leakage prevention inherently involves monitoring personnel’s communications and online activities, and by extension external party messages, which raises legal concerns that should be considered prior to deploying data leakage prevention tools. There is a variety of legislation relating to privacy, data protection, employment, interception of data and telecommunications that is applicable to monitoring and data processing in the context of data leakage prevention.
Data leakage prevention can be supported by standard security controls, such as topic-specific policies on access control and secure document management (see >5.12 and >5.15>).