(Week 3 of 4)
by Michael McKinzie, CISSP
Last week we talked about data classification and policies and restrictions. My conclusion is it is very difficult for organizations to fully implement a broad restriction of access to personal use sites such as social networking sites, webmail, blogs, YouTube etc. Although, many tools exist to help enforce [...]

So where do we practically begin? Does the organization know what their sensitive data is/classified, where it resides, how it travels through business processes, how it is shared and used? Some of these questions are easy to answer but some might be difficult. Who owns the data? If a user accesses his or her personal email account, or another personal use site, is any information or data downloaded belong to the organization?

Introduction and practical approach to Data Loss Prevention for Enterprises, small and medium sized business. Forum to discuss DLP and data loss prevention programs.