Does anyone has any success at setting up DLP (data loss prevention) to guard against source code leak thru email, file-share, etc?

Security & GRC
560 viewscircle icon1 Upvotecircle icon2 Comments
Sort by:
Senior Information Security Manager in Software5 years ago

DLP is best suited to identify structured data, such as credit cards numbers for PCI, social security numbers, etc. Source code often lacks that strict structure.  DLP is often turned off due to so many false positives.

 

Here’s a video where Malcolm Harkins says DLP just works to identify internal people who make accidental mistakes.

 

https://cyber.minereye.com/click.track?CID=432902&AFID=434290&ADID=2431883&SID=

Group IT Manager in Travel and Hospitality5 years ago

Integrate it with endpoint security. We use bitdefender

Lightbulb on1

Content you might like

How long does your organization retain original systems logs used to filter SOX-related actions into a system that requires review of the logs and retains the filtered logs for seven years? Does your organization consider those original system logs records subject to record retention requirements, or supporting information used to create the SOX records?

90 Days14%

365 Days36%

3 years33%

5 years7%

7 years10%

Other (share in the comments)

View Results

To what extent are organisations actually realizing measurable value from AI-enabled capabilities in GRC platforms, and to what degree is embedded AI now viewed as a core, expected feature in GRC tool selection rather than a nice-to-have add-on?

Are you concerned about network security for your remote workers?

Not concerned at all8%

Slightly concerned51%

Moderately concerned25%

Significantly concerned12%

It’s our top priority1%

View Results

Do you need a single platform for financial data privacy, analysis, and anonymization?

Are you still relying on written AI policies, or do you have visibility into how AI is actually being used across your organization?