DLP Tools, from Policing to Understanding User Vulnerabilities

Yazan Almasri MSc, CISSP, PMP, ITIL

Information Security Director, Aramex International

WHY DLP?

Data

Apps

Host

Network

PhysicalSecurity in

Dep

th

Data Leak P

reventio

n

Deployment

Endpoint

Descriptive Data Matching

Tuning Period

Detection only

• Regex

• False Positives

• Performance

• Privacy*

• Encryption

• Investigation

Challenges

*International DLP Related Privacy Laws - Google Maps

… an eye opener Awareness Problems

Unauthorized Apps

Unauthorized Access

Questioning Access Models

Departing Employees

Understand The Business

Open Access to Shares

Incident Response

PCI Compliance

Password Sharing

Success Factors

Success Factors

Trust

Management

Policy

AwarenessHR Support

Legal Team

Classification

Questions