5 Reasons you don’t need a DLP Solution

by Nick Evans | Dec 01, 2022 | Articles

You need to protect your data. Obvious! But with data growing day by day, it is difficult to know where it is, especially when you have a range of different applications and collaboration tools (like Atlassian and Office 365) used across the business and data being shared by users. What if it is leaked? You also need to be able to track the personal and sensitive data your organisation has so that you can quickly fulfil DSARs when they come in to avoid fines.  Your consumers are also becoming savvier and demanding about protecting their data. 65% of them say they want to get a better picture of the data you are gathering on them and 84% say they might stop doing business with you if you can’t show their data is being adequately protected!  Additionally, the UK government is currently discussing a new bill to change data protection regulations.  How do you prepare for the changes that might bring? Then, behind the scenes cybercriminals are ramping up their efforts, so there are potential external breaches to contend with, as well as internal threats to your data.

For small and medium businesses, keeping a track of sensitive data and protecting it is a real challenge, and you are probably looking at data loss prevention (DLP) solutions to help you manage and eliminate the manual process ensuring you are fully covered for potential risks to your business.  However, what you will probably find is a choice of expensive “all bells and whistles” enterprise DLP solutions versus piecemeal DLP tools that cannot cover the whole gamut of applications you have. 

The good news is that there are complementary solutions to help you understand what sensitive data you have and where it is so that you can apply the right data protection policies.  Data Discovery tools are available alongside DLP solutions and we will take a look at both to determine which might be the best path to take in different scenarios.

DLP solutions and Data Discovery tools seemingly solve the same problems.  So, what’s the difference, and what are the disadvantages of data loss prevention versus using data discovery tools?

What is Data Discovery?

Data discovery tools enable you to quickly discover sensitive data and confidential information across your business, eliminating the need for lengthy manual data searches.

Automatically scanning for data at rest, data discovery tools help you understand your data risk profile. After understanding the data that you have, you can then classify the data and set up policies and an action plan to enforce specific actions on these different types. For example, you can determine whether the data needs to be protected or removed securely.

Ideally, data discovery tools enable you to find data wherever it resides – on-premise, in the cloud – on different endpoints, servers and network file shares – in structured and unstructured data in collaborative workplace solutions, such as Microsoft 365, Google Workspace, Atlassian, Alfresco and so on.

What is DLP?

The term, data loss prevention (DLP), sometimes referred to as data loss protection refers to processes and tools used to secure sensitive data by detecting data and preventing loss of data through misuse and data breaches. 

Data loss prevention solutions classify data and are able to monitor data at rest and dynamically as it moves across the company network, identifying data policy violations, then remediating with alerts, blocking, quarantining and other protective measures.

Objectives of Data Discovery and DLP Solutions

From a high level, the objectives of data discovery and DLP solutions look pretty much the same.

Both solutions:

  • Give visibility of data to understand the data you have, removing the need for manual searches;
  • Assist in making sure that any sensitive data is properly protected. (PII, GDPR, PCI, PHI, etc) and meets compliance/data privacy regulations;
  • Ensure that intellectual property is protected.

However, despite similarities in their objectives, there are differences between DLP solutions and data discovery tools and where you might want to use them.  But in other scenarios, you might want to use them both in tandem. 

Some key differences (and similarities) between DLP solutions and Data Discovery Tools

Data Discovery – Any data protection project needs to start with data discovery.  You can’t determine how to keep your information safe, without knowing what sensitive information you have and where it resides. 

  • Data discovery tools provide visibility of data across an organisation while data is at rest, whether that data is on-premise, in the cloud, or structured/unstructured data. Analysing data at rest is often all you need in a lot of use cases (which we’ll explore later).
  • DLP solutions discover data at rest, but also data in motion and in transit to ensure that data is transmitted safely across the company network. DLP solutions can also carry out contextual analysis and remediation, providing controls, for example, for stopping staff from printing, reading or copying any data from a USB device.

Data discovery tools are an effective way of carrying out the discovery stage quickly in the early project stages.  Once you have identified the information you have it is ready to be classified into different categories, e.g. confidential, regulatory (GDPR, PCI, etc) or public, and create a data classification policy.  

Data classification (which covers classification labelling, tagging and content analysis) is used in both data discovery tools and DLP solutions.  Both need classification to be effective at what they do.

Different types of DLP solutions are available for different scenarios and applications.  Gartner divides them into the following different categories under the data loss prevention banner:

  • Enterprise DLP solutions – providing centralised reporting and data policy management. Policies and alerts can be defined across endpoints, network, and the cloud, and remediation applied.
  • Integrated DLP solutions – for specific applications, such as securing email, securing web gateways and endpoints (servers, laptops, mobile phones, etc.). These solutions need to be integrated manually with other DLP solutions.
  • Cloud-focused DLP solutions – these solutions address cloud DLP use cases ensuring SaaS application and public cloud data security. Often provided by cloud service providers, they are suitable for companies with a cloud-first strategy.

A couple of key disadvantages of data loss prevention solutions are that they can either be all-encompassing expensive enterprise solutions, out of the reach of the budget of smaller organisations – or they are targeted at specific areas and applications, which means that they are not ideal when you have many different applications and data repositories across your organisation.

5 use cases where DLP solutions are not the right choice

Data discovery tools and DLP solutions are complementary and can work hand in hand as part of your overall data protection strategy.  Or, there may be instances where a data discovery tool is all you need.  Here are a few situations where you might want to consider data discovery tools over DLP solutions.

1. Understanding whether the data you have (and any data going forward) meets data governance and regulatory compliance requirements. Data discovery is the essential first step – you can’t protect what you can’t find.

Data discovery tools provide:

  • Classification labels and tagging
  • Visibility – Enabling you to understand the value of your data
  • Storage management and digital transformation  – for example, you can consolidate, delete or move your data to the cloud.
  • Cost reduction (but watch out for cloud retrieval costs!)
  • Audit and reporting for regulatory compliance – including GDPR, CCPA, HIPPA, SOX, PCI-DSS, etc

2. Gaining data visibility on-premise and in the cloud. Data discovery gives visibility of data across your entire digital estate –  where your DLP solutions can’t go, a data discovery tool can.  As mentioned previously, many DLP solutions are specific to a particular application or cloud solution (BOX, Google or AWS) and do not provide the functionality to scan other solutions. This creates a problem when you have numerous different types of applications across the business, for example, you might use the Atlassian suite of solutions together with Google Workspace, and other data in the cloud and on-premise which are not all accessible by using one of the DLP solutions.  

3. Handling DSARs – If you are a smaller organisation and need a cost-effective way of responding to Data Subject Access Requests (DSARs), DLP solutions are not the way to go if you don’t already have a solution.  The number of DSARs is on the rise and responding to a request within 30 days for UK GDPR can be time-consuming and resource-hungry, especially if you have large amounts of data in different databases, collaboration software, file servers and cloud storage.  A data discovery tool will allow you to do this quickly and simply. Personal data can then be extracted and forwarded to the requester or deleted for right-to-be-forgotten requests.

4. Analysing data at rest. For data in motion (USB, Printing, copy and app controls, etc) and data in transit (Web, TCP, email and SMTP) DLP solutions come into their own. If you are looking to protect and understand data at rest, whether on-premise or in the cloud, a data discovery solution is best.

5. Quickly understand your risk profile.  Data discovery provides a fast and simple solution that allows you to understand your current risk profile, i.e. where your sensitive data and confidential information resides. Unlike a complex and resource-intensive DLP project, a data discovery solution can be up and running in a matter of minutes allowing you to ensure regulatory compliance, locate and extract data ahead of cloud migration and respond to DSARs.  Typically, setting up the tool can be done in about 30 minutes, and depending on what you are looking to scan, a couple of end-points can be scanned in minutes and if you have a number of targets, such as Atlassian plus Microsoft Office 365, you should be done in an hour or two.

Data Discovery Tools and DLP Solutions – working together to protect your sensitive data

Data discovery tools and DLP solutions are complementary and work together to protect a company’s sensitive data from external and internal threats.  But, if you are looking for any of the five outcomes listed above, then we would advise looking at a data discovery solution in the first instance. Pick a solution that is fit for purpose and reflects your requirements. Making the wrong decision could mean you find yourself deploying a more complex solution than you actually need, pulling in extra resources and budget. Understand what you are looking to achieve and which solution can best meet those needs.

If a tool to help you discover Sensitive Data is what you are looking for, set up your 30-day free trial, here and let us know how we can help you.