Is there any DLP tool with default policies to comply with south african laws and regulations on PII ?
1 Answer
Speak to a legal professional.
If you are liable for cases of loss of PII, you need to ensure that you have covered off the legal requirements in other areas of your business, such as having a risk register, having a sensible (and legally conforming) incident response plan, etc. - these are not trivial tasks and need to be tailored to local laws as well as your individual risk profile.
As for a technical answer, we don't provide product recommendations here (and I couldn't give one even if I wanted to), but data loss prevention solutions are largely useless against all but accidental loss. Having tested an array of them in realistic (i.e. production) scenarios, I can tell you that any trivial form of obfuscation or encryption defeats them without alert. It is simply not feasible to identify purposeful exfiltration of data from a business network at any reasonable scale in real time, even with years of training data. Many enterprise-grade solutions fail to catch even ludicrously obvious exfiltration attempts, such as uploading a passworded 7z archive to a common file sharing site.
My advice is to put your budget and effort into more concrete security controls, such as access control and auditing on sensitive data, 2FA, etc. rather than attempting to catch incidents at the network egress point with a questionable (and often laughably expensive) DLP solution.
answered May 11, 2017 at 10:53
