IT-14 – Data Loss Prevention (DLP)

What is this control really about?

This control is about ensuring that your organization has implemented a process to make sure that employees are not sending sensitive information outside of the organization.There is no mandatory requirement on the type of DLP used (network DLP, endpoint DLP or cloud DLP), the auditor just wants to see the configuration settings for the one you have,

Available tools in the marketplace

The following listing is “crowdsourced” from our customer base or from external research. TrustCloud does not personally recommend any of the tools below, because we haven’t personally used them. 

Available templates

• N/A no templates available for this control

What is required to implement this control?

You will need to install a tool and provide configuration settings of the tool to pass this control.

Use these best practices when configuring the tool:

• Identify and control sensitive data – it’s important to know what critical information you want to control and wish to not have to leave your organization.
• Know where the data resides
• Set conditions for accessing the data and who can access it
• Set the actions to take in case of a security issue

What evidence is the auditor looking for?

• DLP configurations settings showing the policies enables
• DLP actions to take when something occurs
• A recent example of DLP alert

An example of what an artifact can look like

1- DLP configurations settings showing the policies enables

source

2- DLP actions to take when something occurs

source

3- A recent example of DLP alert

source