Top 166 Data Loss Prevention Criteria for Ready Action

What is involved in Data Loss Prevention

Find out what the related areas are that Data Loss Prevention connects with, associates with, correlates with or affects, and which require thought, deliberation, analysis, review and discussion. This unique checklist stands out in a sense that it is not per-se designed to give answers, but to engage the reader and lay out a Data Loss Prevention thinking-frame.

How far is your company on its Data Loss Prevention journey?

Take this short survey to gauge your organization’s progress toward Data Loss Prevention leadership. Learn your strongest and weakest areas, and what you can do now to create a strategy that delivers results.

To address the criteria in this checklist for your organization, extensive selected resources are provided for sources of further research and information.

Start the Checklist

Below you will find a quick checklist designed to help you think about which Data Loss Prevention related domains to cover and 166 essential critical questions to check off in that domain.

The following domains are covered:

Data Loss Prevention, Data loss prevention software, Antivirus software, Bayesian analysis, Browser security, Chinese wall, Client–server model, Comparison of computer viruses, Computer and network surveillance, Computer virus, Computer worm, Data leak, Data loss, Data retention, Defensive computing, False positives and false negatives, Form grabbing, Information security, Instant Messaging, Internet bot, Internet café, Internet security, Intrusion detection system, Intrusion prevention system, Keystroke logging, Linux malware, Machine learning, Macro virus, Metadata removal tool, Mobile malware, Mobile security, Network security, Palm OS viruses, Privacy-invasive software, Regular expression, Rogue security software, Timeline of computer viruses and worms, Trojan horse, User activity monitoring, Web threat:

Data Loss Prevention Critical Criteria:

Deliberate over Data Loss Prevention adoptions and stake your claim.

– Does the tool in use have the ability to integrate with Active Directory or sync directory on a scheduled basis, or do look-ups within a multi-domain forest in the sub-100-millisecond range?

– Does the tool in use allow the ability to use Smart number identifiers (e.g., the ability to recognize that 999 99 9999 is not a valid Social Security number)?

– Are there audit areas that are candidates for elimination or reduced audit coverage to accommodate strained budgets?

– Does the tool we use have a quarantine that includes the ability to redact and/or highlight sensitive information?

– Does the tool we use provide the ability to print an easy-to-read policy summary for audit purposes?

– What is a standard data flow, and what should be the source and destination of the identified data?

– Is the use of CCM destined to become an important and requisite audit methodology best practice?

– Will the Deployment be applied to all of the traffic of data in use, or in motion, or at rest?

– Do you know where your organizational data comes from, where it is stored, and how it is used?

– What are the risks associated with third party processing that are of most concern?

– Do we ask the question, What could go wrong and what is the worst that can happen?

– Is there a policy in place for passwords (e.g., changing, documenting, etc.)?

– Are there effective automation solutions available to help with this?

– What are the best open source solutions for data loss prevention?

– What do we hope to achieve with a DLP deployment?

– Where does your sensitive data reside?

– What can you do to prevent data loss?

– What sensitive data do you hold?

– Why Bother With A DP SLA?

– Where is the data?

Data loss prevention software Critical Criteria:

Deliberate Data loss prevention software tactics and correct Data loss prevention software management by competencies.

– What are all of our Data Loss Prevention domains and what do they do?

– Does our organization need more Data Loss Prevention education?

– Are there Data Loss Prevention Models?

Antivirus software Critical Criteria:

Read up on Antivirus software risks and spearhead techniques for implementing Antivirus software.

– At what point will vulnerability assessments be performed once Data Loss Prevention is put into production (e.g., ongoing Risk Management after implementation)?

– Do you monitor the effectiveness of your Data Loss Prevention activities?

Bayesian analysis Critical Criteria:

Track Bayesian analysis adoptions and cater for concise Bayesian analysis education.

– Record-keeping requirements flow from the records needed as inputs, outputs, controls and for transformation of a Data Loss Prevention process. ask yourself: are the records needed as inputs to the Data Loss Prevention process available?

– How do you incorporate cycle time, productivity, cost control, and other efficiency and effectiveness factors into these Data Loss Prevention processes?

– What are current Data Loss Prevention Paradigms?

Browser security Critical Criteria:

Learn from Browser security goals and track iterative Browser security results.

– To what extent does management recognize Data Loss Prevention as a tool to increase the results?

– What are the Key enablers to make this Data Loss Prevention move?

– Are there Data Loss Prevention problems defined?

Chinese wall Critical Criteria:

Bootstrap Chinese wall visions and develop and take control of the Chinese wall initiative.

– What about Data Loss Prevention Analysis of results?

– How do we maintain Data Loss Preventions Integrity?

– How do we Lead with Data Loss Prevention in Mind?

Client–server model Critical Criteria:

Deliberate over Client–server model goals and find the ideas you already have.

– Does Data Loss Prevention include applications and information with regulatory compliance significance (or other contractual conditions that must be formally complied with) in a new or unique manner for which no approved security requirements, templates or design models exist?

– How do you determine the key elements that affect Data Loss Prevention workforce satisfaction? how are these elements determined for different workforce groups and segments?

– Is Data Loss Prevention Required?

Comparison of computer viruses Critical Criteria:

Look at Comparison of computer viruses leadership and slay a dragon.

– What are the success criteria that will indicate that Data Loss Prevention objectives have been met and the benefits delivered?

– What vendors make products that address the Data Loss Prevention needs?

– Does the Data Loss Prevention task fit the clients priorities?

Computer and network surveillance Critical Criteria:

Have a session on Computer and network surveillance decisions and use obstacles to break out of ruts.

– Who will be responsible for deciding whether Data Loss Prevention goes ahead or not after the initial investigations?

– Are there recognized Data Loss Prevention problems?

Computer virus Critical Criteria:

Jump start Computer virus governance and balance specific methods for improving Computer virus results.

– What are our needs in relation to Data Loss Prevention skills, labor, equipment, and markets?

– Can Management personnel recognize the monetary benefit of Data Loss Prevention?

– Are accountability and ownership for Data Loss Prevention clearly defined?

Computer worm Critical Criteria:

Exchange ideas about Computer worm issues and explore and align the progress in Computer worm.

– What are the usability implications of Data Loss Prevention actions?

– How do we go about Securing Data Loss Prevention?

Data leak Critical Criteria:

Confer over Data leak visions and drive action.

– If our GDPR management is conducted by an external company; who would be fined in the event of a personal data leak? Is the responsibility born by us; or can it be contractually transferred to the provider?

– What are our best practices for minimizing Data Loss Prevention project risk, while demonstrating incremental value and quick wins throughout the Data Loss Prevention project lifecycle?

– Is a technical solution for data loss prevention -i.e., systems designed to automatically monitor for data leakage -considered essential to enterprise risk management?

– What are your key performance measures or indicators and in-process measures for the control and improvement of your Data Loss Prevention processes?

– What other jobs or tasks affect the performance of the steps in the Data Loss Prevention process?

– How will our organization address the key risk areas of security, resilience and data leakage?

– Is our organization covered against data leakage, loss and rogue employees?

Data loss Critical Criteria:

Test Data loss leadership and develop and take control of the Data loss initiative.

– How is the complex digital supply chain -where multiple downstream providers provide services for each other and data residence and transmission points are increasingly obscure -being dealt with from an audit perspective?

– Are there any other areas of CCM that could be used for more effective audits and timely identification of aberrant activities -e.g., monitoring IT controls?

– Do you have a policy in place to deal with data being lost or stolen (e.g., who needs to be notified, what steps need to be taken to mitigate damages)?

– Can you afford the exposure created by the inadvertent loss of data resulting in fraudulent use of secretive, sensitive and personal data?

– Does the tool we use provide the ability to combine multiple Boolean operators and regular expressions into policies?

– Are the files employees work on outside of the office transferred into the office system on a regular basis?

– Are there automated audit tools being used to determine the effectiveness of data loss prevention programs?

– Does our security program adequately protected against opportunistic and targeted attackers?

– Does our tool have the ability to integrate with Digital Rights Management Client & Server?

– Do all computers have up-to-date anti-spam protection?

– Downtime and Data Loss: How much Can You Afford?

– Do you store a copy of backed up data off-site?

– What is the retention period of the data?

– Do any copies need to be off-site?

– What is your most important data?

– Who is the System Administrator?

– Why Data Loss Prevention?

Data retention Critical Criteria:

Reconstruct Data retention results and report on setting up Data retention without losing ground.

– Traditional data protection principles include fair and lawful data processing; data collection for specified, explicit, and legitimate purposes; accurate and kept up-to-date data; data retention for no longer than necessary. Are additional principles and requirements necessary for IoT applications?

– In a project to restructure Data Loss Prevention outcomes, which stakeholders would you involve?

– Think of your Data Loss Prevention project. what are the main functions?

Defensive computing Critical Criteria:

Consider Defensive computing governance and define what do we need to start doing with Defensive computing.

– Consider your own Data Loss Prevention project. what types of organizational problems do you think might be causing or affecting your problem, based on the work done so far?

– What tools and technologies are needed for a custom Data Loss Prevention project?

False positives and false negatives Critical Criteria:

Check False positives and false negatives risks and interpret which customers can’t participate in False positives and false negatives because they lack skills.

– Think about the kind of project structure that would be appropriate for your Data Loss Prevention project. should it be formal and complex, or can it be less formal and relatively simple?

– Have all basic functions of Data Loss Prevention been defined?

Form grabbing Critical Criteria:

Map Form grabbing tasks and diversify disclosure of information – dealing with confidential Form grabbing information.

– What will be the consequences to the business (financial, reputation etc) if Data Loss Prevention does not go ahead or fails to deliver the objectives?

– Is there a Data Loss Prevention Communication plan covering who needs to get what information when?

Information security Critical Criteria:

Apply Information security adoptions and maintain Information security for success.

– Is the software and application development process based on an industry best practice and is information security included throughout the software development life cycle (sdlc) process?

– Are information security policies, including policies for access control, application and system development, operational, network and physical security, formally documented?

– Are Human Resources subject to screening, and do they have terms and conditions of employment defining their information security responsibilities?

– Are information security events and weaknesses associated with information systems communicated in a manner to allow timely corrective action to be taken?

– If a survey was done with asking organizations; Is there a line between your information technology department and your information security department?

– Do we have an official information security architecture, based on our Risk Management analysis and information security strategy?

– Is the documented Information Security Mgmt System (ISMS) established, implemented, operated, monitored, reviewed, maintained and improved?

– Do suitable policies for the information security exist for all critical assets of the value added chain (degree of completeness)?

– Are information security roles and responsibilities coordinated and aligned with internal roles and external partners?

– Is there an up-to-date information security awareness and training program in place for all system users?

– Is there a consistent and effective approach applied to the mgmt of information security events?

– What best describes the authorization process in information security?

– Does mgmt establish roles and responsibilities for information security?

– Is an organizational information security policy established?

– What are our Data Loss Prevention Processes?

– What is information security?

Instant Messaging Critical Criteria:

Design Instant Messaging visions and point out Instant Messaging tensions in leadership.

– Are you looking for a vendor to provide instant messaging built into the solution so users of the system can instant message each other?

– What is our formula for success in Data Loss Prevention ?

– What will drive Data Loss Prevention change?

Internet bot Critical Criteria:

Grade Internet bot adoptions and create Internet bot explanations for all managers.

– Are there any disadvantages to implementing Data Loss Prevention? There might be some that are less obvious?

– Are we making progress? and are we making progress as Data Loss Prevention leaders?

– How do we keep improving Data Loss Prevention?

Internet café Critical Criteria:

Powwow over Internet café adoptions and be persistent.

– What are the key elements of your Data Loss Prevention performance improvement system, including your evaluation, organizational learning, and innovation processes?

– What may be the consequences for the performance of an organization if all stakeholders are not consulted regarding Data Loss Prevention?

Internet security Critical Criteria:

Scan Internet security tasks and check on ways to get started with Internet security.

– Is the Data Loss Prevention organization completing tasks effectively and efficiently?

– What are internal and external Data Loss Prevention relations?

Intrusion detection system Critical Criteria:

Focus on Intrusion detection system risks and optimize Intrusion detection system leadership as a key to advancement.

– Can intrusion detection systems be configured to ignore activity that is generated by authorized scanner operation?

– What is a limitation of a server-based intrusion detection system (ids)?

– How can you measure Data Loss Prevention in a systematic way?

Intrusion prevention system Critical Criteria:

Refer to Intrusion prevention system governance and shift your focus.

– Are security alerts from the intrusion detection or intrusion prevention system (ids/ips) continuously monitored, and are the latest ids/ips signatures installed?

– Is a intrusion detection or intrusion prevention system used on the network?

– How do we manage Data Loss Prevention Knowledge Management (KM)?

Keystroke logging Critical Criteria:

Review Keystroke logging results and look for lots of ideas.

– Will new equipment/products be required to facilitate Data Loss Prevention delivery for example is new software needed?

– Is there any existing Data Loss Prevention governance structure?

Linux malware Critical Criteria:

Reconstruct Linux malware projects and summarize a clear Linux malware focus.

Machine learning Critical Criteria:

Look at Machine learning tactics and explain and analyze the challenges of Machine learning.

– Think about the people you identified for your Data Loss Prevention project and the project responsibilities you would assign to them. what kind of training do you think they would need to perform these responsibilities effectively?

– What are the long-term implications of other disruptive technologies (e.g., machine learning, robotics, data analytics) converging with blockchain development?

– What potential environmental factors impact the Data Loss Prevention effort?

Macro virus Critical Criteria:

Have a session on Macro virus decisions and ask what if.

– what is the best design framework for Data Loss Prevention organization now that, in a post industrial-age if the top-down, command and control model is no longer relevant?

– What new services of functionality will be implemented next with Data Loss Prevention ?

– What is the purpose of Data Loss Prevention in relation to the mission?

Metadata removal tool Critical Criteria:

Learn from Metadata removal tool tactics and oversee implementation of Metadata removal tool.

– What are the barriers to increased Data Loss Prevention production?

– Is Supporting Data Loss Prevention documentation required?

Mobile malware Critical Criteria:

Guide Mobile malware outcomes and diversify by understanding risks and leveraging Mobile malware.

– Is Data Loss Prevention Realistic, or are you setting yourself up for failure?

Mobile security Critical Criteria:

Merge Mobile security leadership and observe effective Mobile security.

– Are there any easy-to-implement alternatives to Data Loss Prevention? Sometimes other solutions are available that do not require the cost implications of a full-blown project?

– Think about the functions involved in your Data Loss Prevention project. what processes flow from these functions?

Network security Critical Criteria:

Communicate about Network security decisions and assess and formulate effective operational and Network security strategies.

– Do we Make sure to ask about our vendors customer satisfaction rating and references in our particular industry. If the vendor does not know its own rating, it may be a red flag that youre dealing with a company that does not put Customer Service at the forefront. How would a company know what to improve if it had no idea what areas customers felt were lacking?

– Are the disaster recovery plan (DRP) and the business contingency plan (BCP) tested annually?

– How will you measure your Data Loss Prevention effectiveness?

Palm OS viruses Critical Criteria:

Refer to Palm OS viruses risks and tour deciding if Palm OS viruses progress is made.

– How can we incorporate support to ensure safe and effective use of Data Loss Prevention into the services that we provide?

– How to deal with Data Loss Prevention Changes?

Privacy-invasive software Critical Criteria:

Categorize Privacy-invasive software risks and oversee Privacy-invasive software management by competencies.

– What are the top 3 things at the forefront of our Data Loss Prevention agendas for the next 3 years?

– Risk factors: what are the characteristics of Data Loss Prevention that make it risky?

– Does Data Loss Prevention appropriately measure and monitor risk?

Regular expression Critical Criteria:

Learn from Regular expression management and summarize a clear Regular expression focus.

– What sources do you use to gather information for a Data Loss Prevention study?

– How does the organization define, manage, and improve its Data Loss Prevention processes?

Rogue security software Critical Criteria:

Merge Rogue security software engagements and devote time assessing Rogue security software and its risk.

– How do we Identify specific Data Loss Prevention investment and emerging trends?

Timeline of computer viruses and worms Critical Criteria:

Mix Timeline of computer viruses and worms failures and work towards be a leading Timeline of computer viruses and worms expert.

– Who sets the Data Loss Prevention standards?

– Why should we adopt a Data Loss Prevention framework?

Trojan horse Critical Criteria:

Meet over Trojan horse leadership and budget for Trojan horse challenges.

– How will you know that the Data Loss Prevention project has been successful?

User activity monitoring Critical Criteria:

Confer re User activity monitoring tasks and triple focus on important concepts of User activity monitoring relationship management.

– Meeting the challenge: are missed Data Loss Prevention opportunities costing us money?

– Is the scope of Data Loss Prevention defined?

Web threat Critical Criteria:

Shape Web threat outcomes and mentor Web threat customer orientation.

– Who will be responsible for documenting the Data Loss Prevention requirements in detail?


This quick readiness checklist is a selected resource to help you move forward. Learn more about how to achieve comprehensive insights with the Data Loss Prevention Self Assessment:

Author: Gerard Blokdijk

CEO at The Art of Service |

Gerard is the CEO at The Art of Service. He has been providing information technology insights, talks, tools and products to organizations in a wide range of industries for over 25 years. Gerard is a widely recognized and respected information expert. Gerard founded The Art of Service consulting business in 2000. Gerard has authored numerous published books to date.

External links:

To address the criteria in this checklist, these selected resources are provided for sources of further research and information:

Data Loss Prevention External links:

[PDF]Data Loss Prevention – WatchGuard

Data loss prevention software
http://Data loss prevention solution is a system that is designed to detect potential data breach / data ex-filtration transmissions and prevent them by monitoring, detecting and blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage).

[PDF]Data Loss Prevention – NIST

Data loss prevention software External links:

Data loss prevention software
http://Data loss prevention solution is a system that is designed to detect potential data breach / data ex-filtration transmissions and prevent them by monitoring, detecting and blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage).

Data Loss Prevention Software from Virtru – Data Loss Prevention Software – …

Antivirus software External links:

Spybot – Search & Destroy Anti-malware & Antivirus Software

Consumer antivirus software providers for Windows

Norton Security Deluxe – Antivirus Software | Norton

Bayesian analysis External links:

Bayesian analysis. (eJournal / eMagazine, 2006) …

Bayesian Analysis — from Wolfram MathWorld

Bayesian analysis | statistics |

Browser security External links:

[PDF]NAIC/NIPR Browser Security Upgrade

TFCU – Browser Security

Chrome Browser Security – Chrome for Businesses

Chinese wall External links:

The Chinese Wall Protects Against Conflicts Of Interest

What is an Chinese Wall? – SecuritiesCE

Chinese Wall Panels | eBay

Comparison of computer viruses External links:

Comparison of computer viruses – of computer viruses

Computer and network surveillance External links:

Computer and network surveillance | The Meaning

Computer and network surveillance – The Art of Service

Computer and network surveillance!! – YouTube

Computer virus External links:

Title: Computer Virus – Internet Speculative Fiction Database

Computer Virus – ABC News

[PPT]Computer Virus – University of Nebraska–Lincoln

Computer worm External links:

Most Popular “Computer Worm” Titles – IMDb

Computer worm Facts for Kids |

Computer worm – Conservapedia

Data leak External links:

Data Leak – FREE download Data Leak

Data loss External links:

How to: New DLP (data loss prevention) policy template

Technical Overview of DLP (data loss prevention) in Exchange

Data Loss Prevention & Protection | Symantec

Data retention External links:

[PDF]Data Retention and Destruction Policy

Data Retention – AbeBooks

[DOC]Data Retention Policy –

Defensive computing External links:

Defensive computing – O’Reilly Media

False positives and false negatives External links:

False Positives and False Negatives – Math is Fun

Medical False Positives and False Negatives – …

Information security External links:


Managed Security Services | Information Security Solutions

Federal Information Security Management Act of 2002 – NIST

Instant Messaging External links:

CME Pivot Instant Messaging Platform – CME Group

ICE Instant Messaging

Internet bot External links:

Internet Bot | Know Your Meme

What is an Internet Bot? – Definition from Techopedia

7 Answers – How to create an Internet bot – Quora

Internet café External links:

Internet café busted for gambling |

Internet security External links:

Antivirus and Internet Security Protection from Trend Micro

Antivirus Software, Internet Security, Spyware and …

Internet Security | Home Network Protection | Avast

Intrusion detection system External links:

Intrusion Detection Systems – CERIAS

[PDF]Section 9. Intrusion Detection Systems

Intrusion prevention system External links:

Wireless Intrusion Prevention System (WIPS) | …

How does an Intrusion Prevention System (IPS) work? – …

Cisco Next-Generation Intrusion Prevention System …

Keystroke logging External links:

What is Keystroke Logging (Keylogger)? Webopedia …

Keystroke Logging Banner – CERT

Keystroke Logging – LifeLock

Linux malware External links:

Linux Malware Targets IoT Devices | IoT Security Headlines

Machine learning External links:

Appen: high-quality training data for machine learning

Machine Learning Server Overview –

What is machine learning? – Definition from

Macro virus External links:

What to do if your Word for Mac has a macro virus

Advisories : Melissa Macro Virus – SecureRoot

What is Macro Viruses –

Metadata removal tool External links:

BatchPurifier LITE – Free Metadata Removal Tool

Mobile security External links:

Mobile Security | Education Center | BB&T Bank

ADP Mobile Security

Mobile Protection, Enterprise Mobile Security – Skycure

Network security External links:

NIKSUN – Network Security and Performance

IANS – Institute for Applied Network Security

Firewall Management Software | Network Security …

Palm OS viruses External links:

Palm OS viruses – OS viruses

Palm OS viruses – Infogalactic: the planetary knowledge core

Palm OS virusesの意味・使い方 – 英和辞典 Weblio辞書

Privacy-invasive software External links:

PIS – Privacy-Invasive Software | AcronymFinder


CiteSeerX — Privacy-Invasive Software in File-Sharing …

Regular expression External links:

RegexMagic: Regular Expression Generator

Regular Expression Matching – LeetCode

Easy Regular Expression Builder – RegexBuddy

Timeline of computer viruses and worms External links:

Timeline of computer viruses and worms –

Timeline of computer viruses and worms – OF COMPUTER VIRUSES AND WORMS/en-en

Timeline of computer viruses and worms – Revolvy of computer viruses and worms

Trojan horse External links:

Trojan horse | Story & Facts |

User activity monitoring External links:

User Activity Monitoring Software Overview | TrustRadius

Enable User Activity Monitoring from Top to Bottom

User Activity Monitoring and Employee Monitoring …

Web threat External links:

Security Intelligence Research – Web Threat Analysis

6.8 Web Threat Protection Flashcards | Quizlet

RSA Web Threat Detection Product Versions | RSA Link