Data loss prevention vs. data loss protection, and why it matters


Jaymes Davis

Jaymes Davis

Mar 11, 2021

·

4 min read time

Data loss prevention vs. data loss protection, and why it matters

The terms “data loss prevention” and “data loss protection” are often bandied about interchangeably – and, in many cases, with good reason. After all, they both help organizations keep sensitive data and intellectual property (IP) secure. They can both be facilitated by technology. And, yes, they both use the same acronym.

But despite these similarities these two terms actually have quite distinct meanings. On one hand, data loss prevention typically focuses on the “detection and prevention of sensitive data exfiltration” – guarding against data loss via lost laptops or hackers. Data loss protection, however, is about protecting sensitive data as it flows between different organizations and systems of record such as enterprise resource planning (ERP) software, customer relationship management software (CRM), human resources platforms, and other corporate or cloud systems.

Data loss prevention tools include email scanning software, which automatically checks outbound email content for potential PII data such as Social Security or credit card numbers; firewalls; and antivirus software.

Data loss prevention: It’s simply not enough

While these tools serve an important purpose, they don’t fully protect against accidental or malicious data loss or leakage. Users can, for example, still download sensitive documents to their local (even personal) computer or mobile device. Employees can also leave your organization with that data still on their computer. That’s a major blind spot when it comes to safeguarding company IP and other sensitive information.

Data loss protection – also known as data leakage protection – shines a light on this blind spot through tools and processes that safeguard your data from almost any eventuality.

Traditional data loss prevention has exclusively focused on “stopping the bad thing from happening,” according to Code42 Information Security Director Michelle Killian. Data loss protection takes this concept several steps further by providing full visibility into all of an organization’s data, including where it lives, who it’s shared with, who has access to it, and how that data moves between organizations and systems.

Think of it this way: Data loss prevention tools are like those grocery shopping carts designed to lock wheels if they pass a certain threshold. While they do a great job deterring theft by keeping the shopping cart on the premises, they’re not so great at stopping potential thieves from putting items under their coats and running!

Achieving data loss prevention AND protection

Tehama’s next-generation enterprise DaaS platform offers data loss prevention and data loss protection capabilities all in one platform. Tehama’s proprietary File Vault is an ultra-secure avenue for data asset collaboration that provides strict yet customizable download controls (it can be accessed via Tehama rooms and desktops, or Tehama’s Web UI).

The File Vault provides a way to securely upload files between a user’s local machine and an organization’s network, move files and folders between virtual desktops, or view all uploaded files (including their size, status, and time of last modification) to the Tehama system.

But the sweet spot, from a data protection perspective, is that admins can easily configure their File Vault to block users from downloading files to their computer or anywhere else – making data leakage by employees or partners a thing of the past. All files uploaded into the File Vault are automatically scanned for malware and other malicious content using Tehama’s built-in antivirus tools and anti-malware protection.

Because a company’s data and IP never leave their Tehama Room, there’s also no risk of data breaches via lost or stolen endpoints. And the virtual nature of Tehama enterprise DaaS means there’s no more shipping of laptops cross-country, reducing risk even further (lost devices were responsible for 41 percent of data breaches between 2005 and 2015, according to Gartner).

Other out-of-the-box data loss protection and data loss prevention tools included in Tehama enterprise DaaS include:

  • A Zero Trust access model: The Tehama platform automatically applies multi-factor authentication (MFA) with SAML/SCIM integration, segregated network access, and the principle of least privilege
  • Strict policy controls: Policies enforce users to meet certain entry requirements before accessing a desktop or room, to ensure only trusted and approved members have access
  • Secure enterprise gateway: This Tehama gateway establishes a secure channel between a Tehama Room and your organization’s private network, securely connecting users with corporate data.

Choose a DaaS provider that will safeguard your data

Instead of implementing DaaS and then stacking data prevention and data protection software on top, it’s far more effective (and easier on the wallet) to select a DaaS provider with all these capabilities built right into the platform. Many DaaS providers require additional DLP tools to secure your endpoints – but with Tehama these tools come out of the box, ready to secure your data from Day One, along with strong compliance and down-to-the-keystroke activity recording for robust data loss protection.

Get Tehama insights sent straight to your inbox!

See How Your Enterprise Can Securely Enable Hybrid Teams

Get a Demo

Shape line

Read More

Driving Better Business Outcomes with SASE

Driving Better Business Outcomes with SASE

The ‘13 Trust Principles’ of SASE enable organizations to improve their cybersecurity postures , but going it alone means taking on all the risk. Why DIY, when you leverage Tehama’s standard of service to expertly mitigate the security gaps created by distributed, cloud-enabled work environments. In the wake of the ongoing global health crisis and the rise of remote work, businesses have learned that the key to productivity and business continuity lies in the ability to provide workers with a secure connection to their offices, their cloud-based applications and the internet. At the same time, the rapidly evolving threat landscape…
Openness is not a threat: How credit unions can embrace new IT models securely and with confidence

Openness is not a threat: How credit unions can embrace new IT models securely and with confidence

With the shift to remote and hybrid work, financial institutions are struggling to empower offsite productivity while keeping sensitive financial data and transactions secure. Credit unions especially are feeling the pressure due to the age of their IT systems, the need to support new partner-driven business models, and a patchwork of virtual desktop (VDI) solutions. They’re all asking the same question: “What’s the best way for us to securely enable remote and hybrid workflows?” Credit unions are well aware their IT systems are due for updating. The frailties of legacy technology are public knowledge. In Spring 2021, Cision reported that…
#10yearchallenge: Why the 2020s will be the decade of user migration to the cloud

#10yearchallenge: Why the 2020s will be the decade of user migration to the cloud

The end of any decade is always a unique time – a time to not only think back on the highs and lows of the past few years, but to also gaze with anticipation on what the next 10 might bring. The past decade, for example, brought us ubiquitous social media, #10yearchallenges, binge watching, and large-scale cloud adoption among individuals, companies and other organizations. Now that the 2010s are now squarely in the rear view mirror, though, it’s time to get ready for the 2020s: the decade of secure and compliant cloud virtual desktop infrastructure (VDI). That may seem a…
/wp-content/uploads/2021/08/subscribe-background.jpg
#011627
Subscribe Here!
Get Tehama insights sent straight to your inbox!
By submitting this form, I consent to receive e‑newsletters, helpful information and promotional messages and can withdraw consent at anytime.
Subscribe Here!

Get Tehama insights sent straight to your inbox!

Loading