1. Data Identification: This is the process by which organizations identify sensitive information within their digital environment, whether it resides within emails, cloud storage applications, collaboration applications, or elsewhere.
2. Data Leak Identification: This is an automated process for detecting and identifying misappropriated data, whether it was exfiltrated or misplaced within an organization’s infrastructure.
3. Data-in-Motion DLP: When data is in transit between locations, DLP network security employs a variety of security measures to ensure that the data arrives untouched at its destination.
4. Data-at-Rest DLP: This type of protection covers data that is not currently in transit and is typically stored in some kind of database or file sharing system. It utilizes several methods to ensure safe storage of data locally and in the cloud, from endpoint protection to encryption to prevent any unauthorized use of data.
5. Data-in-Use DLP: Data that is currently in use by those within an organization must be protected from any type of potentially harmful interaction with the data, such as altering, screen-capturing, cut/copy/paste, printing, or moving information. In this context, DLP is meant to prevent any unauthorized interactions or movements of data, as well as take note of any suspicious patterns.
White Paper: Protecting Data Using Machine Learning
Datasheet: Top Questions to Ask Your Cloud DLP Vendor