AVAILABILITY

CONFIDENTIALITY

7

Implementing an effective governance process

is a key part of any DlP strategy, as any

governance body responsible for compliance

will also be responsible for ensuring data

confidentiality. A single governance solution

also simplifies setting organization wide

information management policies that can

be enforced across business processes.

It s important to remember that any solution

needs to be as simple to use as possible,

and preferably automatic, as only a small

proportion of the user base will be technically

aware. The lessons of many failed CRM and

ERP deployments are important, as any solution

deployed must avoid adding complexity to

existing business processes. The result should

be a DlP solution that s easy to deploy and

manage, easy to use and makes it easier to

comply with policy.

Cornerstones of Compliance

key features of any solution should be role-

based access control, effective encryption

and a well-defined audit trail. The combination

of these features will help maintain the

confidentiality of data especially when

implemented as part of an information-centric

security solution. They also form the foundation

of any DlP service, helping build a mix

of solutions that assist in controlling the

organization s overall compliance and risk

management. It s important to remember

that along with governance, risk management

and regulatory compliance, these tools are

more than just another set of technologies:

they re essential business requirements.

CORNERSTONES OF COMPLIANCE