Data Loss Prevention (DLP) technologies identify, monitor, and protect sensitive data to prevent unauthorized disclosure. DLP inspects data at rest (storage), in motion (network traffic), and in use (endpoints) to detect policy violations. When sensitive data like credit card numbers or source code moves outside approved channels, DLP can alert, block, or encrypt.
DLP solutions use content inspection (pattern matching, keywords), context analysis (who, where, when), and machine learning to identify sensitive information. Effective DLP requires clear data classification policies that define what’s sensitive and how it should be handled.
CISSP Relevance
Domain 2 (Asset Security) covers DLP as a control for protecting sensitive data. Understand DLP deployment points (network, endpoint, cloud), detection methods, and integration with data classification. Know that DLP effectiveness depends on accurate classification and well-defined policies.
NIST discusses data protection in SP 800-171 Protecting Controlled Unclassified Information.
Related terms: Data Classification, Encryption