Skip to content

Page070

Data Loss Prevention

As prominent and high-volume data breaches continue unabated, the desire for solutions designed to address data loss has grown. Data Loss Prevention (DLP) are a class of solutions that are tasked specifically with trying to detect or, preferably, prevent data from leaving an organization in an unauthorized manner. The approaches to DLP vary greatly. One common approach employs network-oriented tools that attempt to detect and/or prevent sensitive data being exfiltrated in cleartext. This approach does little to address the potential for data exfiltration over an encrypted channel. Often, dealing with the potential for encrypted exfiltration requires endpoint solutions to provide visibility prior to encryption.

Digital Rights Management

Digital Rights Management (DRM) is designed to restrict the use of copyrighted materials and other forms of intellectual property. DRM techniques include encryption (providing both confidentiality and non-repudiation via digital signatures), watermarking, product keys (or dongles) to unlock software, region locking, etc.

Watermarks may be visible or invisible. Fig. 3.1 shows a visible watermark in a previous electronic edition of the CISSPĀ® Study Guide. Invisible watermarks often use steganography to hide data. One goal of watermarks is to identify the purchaser of intellectual property that has been improperly shared. Note that we will discuss encryption, digital signatures, steganography (and more) in Chapter 4, Domain 3: Security Architecture and Engineering.

Fig. 3.1

DRM has been controversial because it is often used to restrict the rights of legitimate owners. Examples include Always-on DRM (also called persistent online activation: software that requires an Internet connection in order to function), electronic books that prevent printing or copy-pasting, IP-based geolocation (blocking access to online services from specific regions of the world), software copy protection (preventing purchasers from backing up their own software), region locking DVDs (preventing a DVD bought in one area of the world from being played in others), etc.