Netskope wurde im Gartner Magic Quadrant für Security Service Edge 2022 als führendes Unternehmen ausgezeichnet. Report abrufen.

  • Produkte

    Netskope-Produkte basieren auf der Netskope Security Cloud.

  • Plattform

    Unübertroffene Transparenz und Daten- und Bedrohungsschutz in Echtzeit in der weltweit größten privaten Sicherheits-Cloud.

Netskope wurde 2022 zum Marktführer im Gartner Magic Quadrant™ for SSE Report ernannt

Report abrufen Netskope Produktübersicht
Netskope führend bei SSE in Gartner MQ 2022

Netskope bietet einen modernen Cloud-Security-Stack mit vereinheitlichten Funktionen für Daten- und Bedrohungsschutz sowie sicherem privaten Zugriff.

Erkunden Sie unsere Plattform
Städtische Metropole aus der Vogelperspektive

Steigen Sie auf marktführende Cloud-Security Service mit minimaler Latenz und hoher Zuverlässigkeit um.

Mehr Informationen
Beleuchtete Schnellstraße mit Serpentinen durch die Berge

Verhindern Sie Bedrohungen, die häufig anderen Sicherheitslösungen entgehen, mithilfe eines SSE-Frameworks mit single-pass Architektur

Mehr Informationen
Gewitter über einem Großstadtgebiet

Zero-Trust-Lösungen für SSE- und SASE-Deployments

Mehr Informationen
Bootsfahrt auf dem offenen Meer

Netskope ermöglicht einen sicheren, cloudintelligenten und schnellen Weg zur Einführung von Cloud-Diensten, Apps und Public-Cloud-Infrastrukturen.

Mehr Informationen
Windkraftanlagen entlang einer Klippe
  • Customer Success

    Sichern Sie Ihren Weg zur digitalen Transformation und holen Sie das Beste aus Ihren Cloud-, Web- und privaten Anwendungen heraus.

  • Kunden-Support

    Proaktiver Support und Engagement zur Optimierung Ihrer Netskope-Umgebung und zur Beschleunigung Ihres Erfolgs.

  • Schulung und Zertifizierung

    Netskope-Schulungen helfen Ihnen ein Experte für Cloud-Sicherheit zu werden.

Vertrauen Sie darauf, dass Netskope Sie bei dem Schutz vor neuen Bedrohungen, neuer Risiken und technologischer Veränderungen unterstützt. Ebenso bei organisatorischen sowie Compliance Anforderungen.

Mehr Informationen
Lächelnde Frau mit Brille schaut aus dem Fenster

Wir verfügen weltweit über qualifizierte Ingenieure mit unterschiedlichem Hintergrund in den Bereichen Cloud-Sicherheit, Netzwerke, Virtualisierung, Inhaltsbereitstellung und Softwareentwicklung, die bereit sind, Ihnen zeitnahe und qualitativ hochwertige technische Unterstützung zu bieten.

Mehr Informationen Support Portal
Bärtiger Mann mit Headset arbeitet am Computer

Mit Netskope-Schulungen können Sie Ihre digitale Transformation absichern und das Beste aus Ihrer Cloud, dem Web und Ihren privaten Anwendungen machen.

Mehr Informationen
Gruppe junger Berufstätiger bei der Arbeit
  • Ressourcen

    Erfahren Sie mehr darüber, wie Netskope Ihnen helfen kann, Ihre Reise in die Cloud zu sichern.

  • Blog

    Erfahren Sie, wie Netskope die Sicherheits- und Netzwerktransformation durch Security Service Edge (SSE) ermöglicht.

  • Veranstaltungen& Workshops

    Bleiben Sie den neuesten Sicherheitstrends immer einen Schritt voraus und tauschen Sie sich mit Gleichgesinnten aus

  • Security Defined

    Finden Sie alles was Sie wissen müssen in unserer Cybersicherheits-Enzyklopädie.

Security Visionaries Podcast

Episode 11: Empowering People for a Secure Future

Podcast abspielen
Dunkelhäutiger Mann in einer Webkonferenz

Lesen Sie die neuesten Informationen darüber, wie Netskope die Zero Trust- und SASE-Reise durch Security Service Edge (SSE) -Funktionen ermöglichen kann.

Den Blog lesen
Sonnenaufgang und bewölkter Himmel

SASE-Week

Netskope hilft Ihnen dabei, Ihre Reise zu beginnen und herauszufinden, wo Sicherheit, Netzwerk und Zero Trust in die SASE-Welt passen.

Mehr Informationen
SASE-Week

Was ist Security Service Edge?

Entdecken Sie die Sicherheitselemente von SASE, die Zukunft des Netzwerks und der Security in der Cloud.

Mehr Informationen
Kreisverkehr mit vier Straßen
  • Unternehmen

    Wir helfen Ihnen, den Herausforderungen der Cloud-, Daten- und Netzwerksicherheit einen Schritt voraus zu sein.

  • Warum Netskope?

    Cloud-Transformation und hybrides Arbeiten haben die Art und Weise verändert, wie Sicherheit umgesetzt werden muss.

  • Unternehmensführung

    Unser Führungsteam ist fest entschlossen, alles zu tun, was nötig ist, damit unsere Kunden erfolgreich sind.

  • Partner

    Unsere Partnerschaften helfen Ihnen, Ihren Weg in die Cloud zu sichern.

Netskope ermöglicht das "neue" Arbeiten

Finde mehr heraus
Kurvige Straße durch ein Waldgebiet

Netskope definiert Cloud-, Daten- und Netzwerksicherheit neu, um Unternehmen dabei zu unterstützen, Zero-Trust-Prinzipien zum Schutz von Daten anzuwenden.

Mehr Informationen
Serpentinenstraße auf einer Klippe

Denker, Architekten, Träumer, Innovatoren. Gemeinsam liefern wir hochmoderne Cloud-Sicherheitslösungen, die unseren Kunden helfen, ihre Daten und Mitarbeiter zu schützen.

Lernen Sie unser Team kennen
Gruppe von Wanderern erklimmt einen verschneiten Berg

Die partnerorientierte Markteinführungsstrategie von Netskope ermöglicht es unseren Partnern, ihr Wachstum und ihre Rentabilität zu maximieren und gleichzeitig die Unternehmenssicherheit an neue Anforderungen anzupassen.

Mehr Informationen
Gruppe junger, lächelnder Berufstätiger mit unterschiedlicher Herkunft
Security Defined Cybersecurity Encyclopedia Was ist DLP? Verhinderung von Datenverlust

Data Loss Prevention (DLP)

7 min read

Was ist Data Loss Prevention (DLP)?

The definition of Data Loss Prevention encompasses a set of practices and tools meant to prevent data leakage (also known as data exfiltration) by intentional and unintentional misuse. These practices and tools include encryption, detection, preventative measures, educational pop ups (for unintentional movements), and even machine learning to assess user risk scores. Over time, DLP has evolved into the realm of data protection and has become a premier feature of data protection deployment.

For the sake of simplicity, we’re going to use the acronym “DLP” throughout this guide to refer to all of these measures, unless stated otherwise.

DLP Bedeutung

 

The Need for Data Loss Prevention

Losing data is bad for business. It erodes confidence in your brand and can result in financial losses from lawsuits, regulatory non-compliance fines, and exposure of intellectual property. Let’s dig a little deeper into the requirements that drive the need for DLP.

 

1. Compliance with industry and government regulations

Many industries, including healthcare, government contractors, and financial institutions are required by law to safeguard sensitive personal data. These regulations include:

  • HIPAA (Health Insurance Portability and Accountability Act)
  • GDPR (General Data Protection Regulation)
  • PCI DSS (Payment Card Information Data Security Standard)
  • CCPA (California Consumer Privacy Act)
  • PIPEDA (Personal Information Protection and Electronic Documents Act)

Common to all the regulations is the stipulation that sensitive data must be kept in a secure location and isolated from unauthorized users. Companies must have DLP strategies and tools in place, which prevent unintentional or malicious access to, and exfiltration from, the isolated data store.

 

2. Protecting proprietary information

Proprietary information refers to any confidential data or knowledge about the organization and its business structure and operations, or about its clients, customers, partners, or affiliates. Examples of proprietary information include:

  • Interne Projektpläne
  • Geschützter Code
  • Patentinformationen
  • E-Mail-Kommunikation
  • Unternehmensdokumente
  • Interne Prozesse

While some hackers steal information from organizations and government agencies just to see if they can, most do it for the financial benefit of selling or exposing that information. Today, many ransomware attackers not only encrypt the victim’s data and demand money for unlocking it, but also exfiltrate some of the data and demand payment for not releasing it to the public.

Data loss prevention software and strategies help keep your intellectual property safe, not only from outside attacks and exfiltration, but also from unintentional data leaks caused by your own employees. The careless sharing of confidential data and information over unsecured media and public cloud accounts can cause just as much damage as malicious acts of information espionage.


Weißbuch: Bewertung der Auswirkungen von Datenverlust


 

How Does Data Loss Prevention Work?

There are several methods of DLP security, which are implemented through best practices and software tools. The best data loss prevention strategies include a variety of approaches to cover all of the potential breach vectors.

 

The 5 types of data loss prevention

 

1. Data Identification: This is the process by which organizations identify sensitive information within their digital environment, whether it resides within emails, cloud storage applications, collaboration applications, or elsewhere.

2. Data Leak Identification: This is an automated process for detecting and identifying misappropriated data, whether it was exfiltrated or misplaced within an organization’s infrastructure.

3. Data-in-Motion DLP: When data is in transit between locations, DLP network security employs a variety of security measures to ensure that the data arrives untouched at its destination.

4. Data-at-Rest DLP: This type of protection covers data that is not currently in transit and is typically stored in some kind of database or file sharing system. It utilizes several methods to ensure safe storage of data locally and in the cloud, from endpoint protection to encryption to prevent any unauthorized use of data.

5. Data-in-Use DLP: Data that is currently in use by those within an organization must be protected from any type of potentially harmful interaction with the data, such as altering, screen-capturing, cut/copy/paste, printing, or moving information. In this context, DLP is meant to prevent any unauthorized interactions or movements of data, as well as take note of any suspicious patterns.


Weißbuch: Protecting Data Using Machine Learning
eBook: Die wichtigsten Fragen an Ihren DLP-Anbieter für die Cloud


 

Data Loss Prevention Best Practices

1. Educate your employees

One of the most effective best practices for preventing data loss starts with training your employees everything they should and shouldn’t do when handling your organization’s precious data. Employee DLP education should include safe practices for transferring, viewing, and storing data. For maximum effect, training should be sponsored at the executive level and should be repeated at regular intervals to reinforce and update best-practice behavior.

 

2. Establish data handling policies

A key component of DLP best practices, data handling policies include:

  • Where data can be stored
  • How data is to be transferred
  • Who can view certain types of data
  • What types of data you are allowed to store
  • Und viele andere

Since these policies drive all other data handling behaviors and assessments, they should be established at your earliest opportunity. They should also be updated regularly to reflect changes in the organization, the industry, and in regulations. Once data handling policies are in place, you can move onto more technical remedies and best practices to ensure your data remains where it ought to be.

 

3. Create a data classification system

The key to creating data loss prevention policies is to start with a data classification system. This taxonomy will provide a reference for talking about the stringency and methods of protection needed for different types of data. Common classifications include personally identifiable information (PII), financial information, public data, and intellectual property. There are many others. A unique set of protection protocols can be established for each classification.

 

4. Monitor sensitive data

Successful data protection requires the ability to monitor your sensitive data. Data loss prevention software typically includes capabilities for monitoring all aspects of data use and storage, including:

  • Zugriff für Benutzer
  • Zugriff auf Geräte
  • Zugriff auf die Anwendung
  • Arten von Bedrohungen
  • Geografische Standorte
  • Zugriffszeit
  • Datenkontext

As part of the monitoring process, DLP software sends alerts to relevant personnel when data is used, moved, deleted, or altered in an unauthorized manner.

 

5. Implement a DLP software that accommodates shadow IT

It can be complicated enough to protect the data used by your known inventory of applications. But you also need to account for data accessed by shadow IT. This is the growing trove of software-as-a-service (SaaS) applications that employees subscribe to independently, without approval from the IT department—and often without its knowledge.

Even if employees are thoroughly trained in DLP best practices, it is hard for them to accurately assess the safety of these cloud-based applications. Under most SaaS models, the SaaS provider is responsible for the applications themselves, but users are responsible for the data that the application uses. Users, who are focused on achieving business objectives, are not in a position to protect data from attacks that may come through a compromised SaaS application. It is up to you to hold the line on data leakage and misuse. That’s why you need a DLP software solution that is able to recognize shadow IT and prevent users from accessing data or moving data to these applications, until you can bring them out of the shadows and into the fold of secure IT operations.

 

6. Set up different levels of authorization and access

This best practice goes hand-in-hand with data classification, as the combination of these two will allow you to grant access to data only to those who have clearance to that information. Your DLP software should also incorporate certain zero trust data protection policies that don’t inherently grant trust to any users while consistently verifying identities and clearance.

 

7. Adopt companion tools of DLP

DLP doesn’t live in a vacuum. The entire concept of DLP relies on an ecosystem of tools that work together to provide insights, plans of action, and active protections of your data. These tools include secure web gateways, cloud access security brokers, email security, and zero trust infrastructures.


Datenblatt: Netskope Data Loss Prevention


 

Was ist Endpoint DLP?

Endpoint DLP is a form of endpoint security that takes all of the principal features of data loss prevention and applies them to all endpoints that have access to networks, cloud infrastructure, and sensitive data. But before we take a deep dive into this concept, what is an endpoint?

An endpoint is any physical device that is able to send, receive, and interpret data from a network, including:

  • Laptops
  • Smartphones
  • Servers
  • Tablets
  • Internet of Things (IoT) devices

Endpoint data loss prevention is made to protect data that is accessed by any and all of these endpoint devices.

How does endpoint DLP work?

Endpoint DLP solutions protect data by providing visibility and protection capabilities on devices. By monitoring data-at-rest, data-in-motion, and data-in-use, endpoint DLP is able to intervene when certain behaviors violate policies set by security administrators, such as:

  • Unauthorized movement of protected data
  • Exfiltration of protected data
  • Deletion of protected data

Once the endpoint DLP agent detects and responds to the violation, administrators are notified and the incident is analyzed for the sake of future mitigation efforts. This continuous monitoring and behavior analysis also allows for contextualized intervention so as not to impede legitimate work functions.

Ressourcen

Netskope Data Loss Prevention (DLP)

Netskope Data Loss Prevention (DLP)

Demo-Email DLP

Demo - Email DLP

Bewertung der Auswirkungen von Datenverlust

Bewertung der Auswirkungen von Datenverlust

Die wichtigsten Fragen an Ihren DLP-Anbieter für die Cloud

Die wichtigsten Fragen an Ihren DLP-Anbieter für die Cloud

Anleitung zur Einführung von SASE

Anleitung zur Einführung von SASE

Demo - Stop sensitive data exposure in the cloud

Demo - Stop sensitive data exposure in the cloud

Protecting Data Using Machine Learning

Protecting Data Using Machine Learning

Die 6 wichtigsten Fragen, die Sie Ihrem Cloud-DLP-Anbieter stellen sollten — Microsoft 365 Edition

Die 6 wichtigsten Fragen an Ihren DLP-Anbieter für die Cloud

Subscribe to the
Threat Labs Report

Get the monthly Threat Lab Report as soon as it’s released.