By Drew Fox Jordan • April 6, 2021

    Why Traditional Rule-Based Data Security Needs to Expand

    Data Loss Prevention (DLP) is a vital part of security frameworks across the nonprofit industry, from healthcare to higher education, to mission-based nonprofits. However, with so many different DLP solutions on the market, choosing the right one for your organization can be a tall task. That choice can be even more difficult if you don't understand the proper application of the software and how it will keep your organization's data safe.

    Why Traditional Rule-Based Data Security Needs to Expand
    There are three main types of DLP, including network, endpoint, and email. We have covered email DLP in the past, but it is important to understand what the proper application of email DLP can offer and why is it so important to know which DLP system to apply.

    Importantly, there are two types of threats DLP must account for:

    • Accidental Data Loss: To err is human. For example, an employee might fat-finger an email and send it to the wrong person. While unintentional, this mistake could and has led to a costly data breach. DLP solutions need to be able to flag the email as misdirected before it’s sent, either by warning the individual or automatically quarantining or blocking it.
    • Malicious Exfiltration: Whether it’s a disgruntled employee or someone hoping to take donor data to a new job, some employees do, unfortunately, have malicious intent. DLP solutions need to be able to identify data exfiltration attempts over email before they happen in order to prevent breaches.

    On a basic level, the bulk of DLP solutions operate via rule-based policies, using "if/then" statements to lock down data after it’s been classified. For example, if you want to ensure your fundraisers don't share sensitive donor data, you could create a rule on email: “If an outbound email to a party outside of the organization contains the word ‘social security number’, then block it.”

    You could also create a more broad rule. For example, if you wanted to prevent accidental data loss of company information, you might forbid employees to send emails to their personal email accounts. To enforce this, you might block all emails from an official company account to freemail accounts like @gmail.com or @outlook.com.

    Of course, these rules need to be set up separately for each organization where a DLP system is implemented. Various factors can influence these rules, including the type of data being protected, workflows, and existing policies, procedures, and tools. This will help you recognize potential “borders” that sensitive data shouldn’t cross. Unfortunately, DLP – especially rule-based DLP – can be a blunt instrument. Rules simply don’t reflect the limitless nuances of human behavior.

    While IT and security teams could work tirelessly to properly deploy and maintain rule-based DLP solutions to detect potential threats and limit the exposure of sensitive data, there’s a better, smarter way.

    Human Layer Security.

    Instead of rules, Gravyty’s DLP solution uses contextual machine learning models to understand human behavior and communication at nonprofits to ensure a fully personalized data security solution. Gravyty Guard uses artificial intelligence to recognize what looks suspicious; similar to what a human cybersecurity expert could do. However, unlike humans, it can do this thousands of times per second without missing key information or getting tired.

    No matter if your biggest concern is data exfiltration or accidental data loss and you’re looking for a solution that won't get in the way of your employees trying to do their jobs, Gravyty Guard may be right for you. Take our free 15-minute vulnerability check today and learn how Human Layer Security can benefit your organization.

    Posts by Topic

    see all