DLP

What is DLP?

DLP (Data Loss Prevention / Data Leak Prevention) is a set of technologies and processes designed to detect and prevent unauthorised leakage of confidential data from an organisation. DLP systems monitor data in three states: at rest (on disks and in databases), in motion (transmitted over the network) and in use (processed on endpoints).

DLP operates based on data classification and policies. The system identifies sensitive data using patterns (credit card numbers, national ID numbers, medical records), classification labels (e.g. Microsoft Information Protection labels) or contextual analysis. When it detects an attempt to send such data through an unauthorised channel - email, USB drive, cloud service, instant messenger - it can block the transfer, encrypt the data or notify an administrator.

Modern DLP solutions integrate with cloud platforms (Microsoft 365, Google Workspace), email gateways, web proxies and endpoint agents, creating a consistent protection system regardless of data location.

Why does it matter?

A confidential data leak can result in regulatory fines (GDPR provides for fines of up to 4% of annual turnover), loss of competitive advantage and reputational damage. DLP helps organisations meet requirements for protecting personal data and trade secrets. It is particularly important in regulated industries - financial, healthcare and legal.

Related topics

• IAM
• CASB
• Zero Trust