One Way To Prevent Your Data From Being Exfiltrated

Akins IT • December 26, 2019
GET MICROSOFT VIRTUAL DESKTOP FOR YOUR BUSINESS

Usually, when the topic of network security arises, it tends to revolve around the strategy of securing the environment from external attacks. This involves not just securing your network perimeter with a firewall, but also email security, endpoint protection, and end user awareness.

These are all important facets to your overall security posture; but another layer to include in this picture that will ensure that you’re approaching security as holistically as possible, is to ensure that your data is protected from being exfiltrated.


DATA EXFILTRATION


Data exfiltration is the unauthorized copying, transfer or retrieval of data from a computer or server. Although it’s a common practice to ensure that infiltration is mitigated by deploying security solutions (i.e. AV, IPS, Email Security), many forget to ensure that their existing data is protected from being transferred to unauthorized locations.

How can you ensure that sensitive data such as social security and credit card numbers aren’t being transferred beyond the boundaries of your network? Or that important documents intended for internal use only, continue to remain internal and are never shared to external sources? Data Loss Prevention (DLP) is one of the solutions available to make this possible.


DATA LOSS PREVENTION (DLP)


Although there are multiple solutions available for DLP to be implemented, it is worth noting that this feature is available on some NG {Next Generation) Firewalls. The FortiGate security appliance, for example, does provide DLP as an included feature that can be enabled. This is configurable as a security profile which can be applied on a per firewall policy basis. DLP monitors a set of network protocols along with configurable rules to ensure that files and embedded content leaving the network adheres to company policy. Additional features, such as, file share fingerprinting and message archiving can also be enabled to enhance the functionality of DLP.

It is also important to note that in order for DLP to work at its highest level of accuracy, SSH deep packet inspection must be enabled.

CONTACT US TO LEARN MORE ABOUT THIS TOPIC OR TO SCHEDULE A CALL
Data security needs layers of protection throughout its lifecycle. Akins IT and Microsoft Purview

Why MFA Alone Isn't Enough: Enhancing Security with Microsoft Conditional Access

By Shawn Akins May 15, 2025
Strengthening Your Security Posture with Dynamic Access Control

Alternatives to VMware: Cost-Effective Virtualization Solutions for Your Business

By Shawn Akins May 15, 2025
Discover Affordable and Reliable Virtualization Platforms

Comparing Mimecast Email Security vs M365 Email Security: A Comprehensive Guide

By Shawn Akins May 13, 2025
Discover the Key Differences Between Mimecast and M365 Email Security Solutions and Learn Why Akins IT is Your Trusted Partner for Email Protection
More Posts