Data leakage protection (or data loss prevention) is a process that involves numerous methods that prevent loss of data. A data leakage protection tool can be a hardware or software tool that can protect every type of data that is in use, in rest or in motion, on a computer network. It can also conduct intense content inspection with the help of a centralized management framework.
The tool can conduct a contextual security analysis of transaction that includes detecting attributes of:
Originator
Destination
Data object
Medium
Timing
Remember, a leakage prevention tool aims to diagnose and prevent unauthorized access to data.
Data Leakage Protection Common Tools
Basic tools that are widely used in computer networks for secured data transmission are as follows:
Firewall: A security device that acts as a barrier between two networks. It is configured to accept or deny network access requests. It can also encrypt or decrypt network traffic between different security domains. These are widely used in hardware or software, depending upon its type, to protect intranets and internet data from unauthorized access. All the data flowing through the network has to meet specific security criteria to be approved and authenticated by the firewall.
Routers: Two or more routers in a computer network can be configured to use session encryption. Many users who have access to resources can see the data flowing on the Internet. Routers promote protected connectivity between two sites, making the routes secured.
Virtual Private Networks: It is a computer network that aims to provide secured access to a private network for remote offices or individual users using Internet or other public telecommunication infrastructure. This happens through an additional logical layer that forms on the existing larger network.
Network Tap: This enables network administrators to access data that passes through a computer network. Computer networks are based on the technologies including Ethernet, 802.11 and FDDI. It is vital to monitor the data using a third party device, such as a network tap.
A network tap features minimum three ports and can be used for:
VoIP recording
RMON probes
network intrusion detection systems
packet sniffers
network probes
A network tap does not affect the flow of data or any other device attached in the network.