Ten Commandments: Prevention of Data Loss

It is hardly a month going without by data being lost is reported in the press or other communicating media. It has been asked many times “How do you prevent data loss?” But, as yet, it does not seem to have been properly answered by the concerned body. Unsurprisingly the answer is simple and free. Encryption. Which is the process of converting the readable information into unreadable text, that can be stored/transported safely, but can only be read by somebody with the correct key or password. Cryptography is the practice and study of hiding information. It varies in level of complexity from the Caesar Cipher to Quantum Encryption – but all of this is entirely irrelevant because encryption is now simple. Easy to use, off the shelf, products are available that will ensure that data is encrypted up to government standards. The issue of protecting data from internal theft is more complicated, and encryption alone will not assist with this. Data Loss Prevention (DLP), technologies, policies, and systems need to be installed and enforced, though this is highly unlikely to ever be 100% successful, it can radically reduce the probability of an incident occurring. Protecting data at its source is a fundamental first step that can significantly reduce the risk of loss and misuse. This paper describes the various approaches to data protection.