Often, companies pay more attention to external threats: spam and phishing attacks, viruses (Trojan software, worms), website spoofing, spyware and adware, and social engineering. But in fact, internal threats can cause a company much more serious damage than intruders from the outside.
In principle, any employee of the company can be a potential insider and put information security at risk. No one is safe from malicious intent or simple mistakes: from the lowest-level employee to top managers.
The operating principle of the DLP system is simple, and consists of analysis of all information: outgoing, incoming, and circulating within the company. Using algorithms, the system identifies the type of information, whether it is critical, and if it goes where it is not supposed to go, the system blocks the transmission and/or notifies the responsible employee about it.
The basis of DLP is a set of rules. They can be of any complexity and relate to various aspects of the work. If someone violates them, the responsible person(s) receive a notification.
IT Partner responsibilities #
- Together with the client, determine the types of data and resources that need to be included in the policy, as well as the parameters of the policy itself
- Create the statement of work describing DLP configuration requirements
- Configure the necessary policies according to the document
Client responsibilities #
- Coordinate Client resources and staff schedules
- Provide a dedicated point of contact responsible for working with IT Partner
- Report requirements for DLP settings and participate in the preparation of the statement of work for DLP settings
- Coordinate any outside vendor resources and schedules
- Configure all network equipment, such as load balancers, routers, firewalls, and switches
- Review and approve engagement deliverables in a timely manner
Additional cost items not provided by the project #
Upon completion of the project, we will provide a project closeout report. This document will indicate the final project status including acceptance criteria matching, outstanding issues, and the final budget. If you require more extensive documentation, it can be provided for an additional fee.
Prerequisites #
Microsoft 365 subscription with one of the following services:
-Exchange Online
-Sharepoint Online
-Microsoft Teams
Plan #
The plan may vary depending on your needs.
- Kickoff meeting
- Preliminary data collection
- Statement of work preparation and approval
- Creation of policies and their application
- Verification and fixing issues
Success Criteria #
- The statement of work describing the requirements for DLP settings is prepared
- DLP policies are configured according to the statement of work
Share
Related services
IT Infrastructure Monitoring and Support
IT systems monitoring is an integral part of enterprise information infrastructure managing, which consists of constant control and periodic analysis of IT infrastructure components by tracking the dynamics of changes occurring with them. The key objective of IT monitoring systems is to obtain, store, and analyze information about the state of the controlled elements of the company IT structure. A special program allows you to quickly respond to problems in the work of IT services, as well as effectively prevent malfunctions.
Rapid Start: Remote Work
Let us give your employees the tools, resources, and solutions they need to be as productive, creative, and secure as possible when working from any location and on any device.