Data Loss Prevention (DLP)

Protecting sensitive information has never been more important than today, especially with a recent continuous growth of the cyber security threat and landscape. Data Leakage Prevention (DLP) technology has emerged as a critical tool against cybercrime, DLP also helps to protect sensitive information, such as personal sensitive data, and confidential business information, from falling into the wrong hands.

Additionally, data leakage can also lead to various operational disruptions and unfavorable consequences. Hence, by managing a proper mechanism of data leakage prevention, organizations can avoid these disruptions, proactively mitigate these risks, minimize the impact of any potential data breaches and maintain business continuity.

What is DLP?

DLP is the practice of detecting and preventing data breaches, data leakage, exfiltration, or unwanted destruction of sensitive data. Organizations use DLP to protect and secure their data and comply with regulations.

The DLP term refers to defending organizations against data loss prevention. Data loss prevention focuses on preventing illicit transfer of data outside organizational boundaries.

Organizations typically use DLP to:

• Protect Personally Identifiable Information (PII)
• Protect Intellectual Property which is critical for the organization
• Achieve data transfer visibility within the organizations
• Prevent data leakage due to unauthorized access, or accidental exposure
• Monitor, detect and prevent data breaches

Why Email DLP?

Email is one of the methods of communication used in most organizations, but it is also a prevalent target for data breaches. By implementing Email DLP, organizations can reduce the likelihood of sensitive data being mistakenly or intentionally transmitted through email, which can prevent data breaches, and harm to their reputation.

How does email DLP work?

The blue color is the sender which sends an email to the red color as recipient. Email DLP policy will scan outgoing emails in real time using predefined or matching rules based on all rules that are created by admin such as ID Card number or Family Card number, the scanning process typically involves content analysis, keyword matching, and pattern recognition at the header, body, and attachment. The DLP enforces rules to prevent the transmission of sensitive information, it would be a quarantined email containing certain keywords and phrase emails being sent to unauthorized recipients. If the rules match, the DLP will generate an alert or notification to the sender informing them of this quarantine and what action to be taken.

Steps to Configure Email DLP in Google Workspace

1. Google Email DLP rule-sets are configured under the menu of “configure compliance features”. As of now, we apply Content compliance for any email sent out to outside organization.

2. The DLP is configured based on the Organization Units (OU) as the following picture

3. Content compliance rules are based on predefined sets of words, phrases, text patterns, or numerical patterns. The setup can cover a simple content match, advanced content match, and metadata match.

4. The common analysis technique that includes a Regular Expressions in DLP, involving an engine analyzing content for specific rules using Regex such as 16-digit National Identity Card (NIC) or 16-digit Family Card numbers.

5. When a message matches a content compliance rule, you can specify one of these actions:

• Reject the message
• Quarantine the message
• Deliver the message with modifications

6. For the current implementation, we choose the action to quarantine the message, if there are any rules that match with the category of compliance then the email will be quarantined.

7. We also can sort the list based on status to check what we have done for allowing the email.

8. To allow the email to pass through, clarification from the sender along with the valid rationale is needed. Below is an example of a quarantined message or email.

Conclusion

As one of the most common methods in exchanging information, email needs to be protected from potential data leakage. Therefore, email DLP together with a continuous enhancement of cyber security posture play an imperative role in protecting sensitive information towards data loss that may bring to a significant financial loss, reputational damage, and even legal liabilities impacts to any organizations.

Implementing email DLP and enhancing cybersecurity posture can help organizations protect their valuable data from unauthorized access, abuse, or accidental exposure, ensuring that they continue to operate safely and securely.

Join us

Scalability, reliability and maintainability are the three pillars that govern what we build at Halodoc Tech. We are actively looking for engineers at all levels and if solving hard problems with challenging requirements is your forte, please reach out to us with your resumé at careers.india@halodoc.com.

About Halodoc

Halodoc is the number 1 all around Healthcare application in Indonesia. Our mission is to simplify and bring quality healthcare across Indonesia, from Sabang to Merauke. We connect 20,000+ doctors with patients in need through our Tele-consultation service. We partner with 3500+ pharmacies in 100+ cities to bring medicine to your doorstep. We've also partnered with Indonesia's largest lab provider to provide lab home services, and to top it off we have recently launched a premium appointment service that partners with 500+ hospitals that allow patients to book a doctor appointment inside our application. We are extremely fortunate to be trusted by our investors, such as the Bill & Melinda Gates Foundation, Singtel, UOB Ventures, Allianz, GoJek, Astra, Temasek and many more. We recently closed our Series C round and In total have raised around USD 180 million for our mission. Our team works tirelessly to make sure that we create the best healthcare solution personalized for all of our patient's needs, and are continuously on a path to simplify healthcare for Indonesia.