Building a New MSSP, Overcoming the DLP Blame Game

Do you know where your data lives? Chances are, if you’re like most organizations, you (sorta) know where it lives: databases, file repositories, office workstations, managed mobile devices and unmanaged BYOD devices, home-based laptops, removable devices, cloud services, POS terminals, kiosks, and everywhere in-between. Data is stored (and exposed) in a dizzying array of ways. Consider an employee saving files to a personal smartphone or cloud-based data collaboration app, emailing customer lists from a corporate to a personal email account, or transferring sensitive documents to a personal tablet, USB drive, or synced data repository for telework access. Can you reasonably monitor and protect across all of those channels?

And, while your beleaguered security staff can handle a modest number of data loss incidents in a timely manner, at what point does incident investigation and response overwhelm your resources? Where is the break point between a smart use of resources, and waging a losing war? Do you want your team to excel at DLP incident response, or high-value security analysis and remediation?

By partnering with a dedicated, service-level-committed, third-party managed security services provider like infoLock Technologies, your security team can focus on core competencies, strategic initiatives, and leave the heavy lifting to trained, dedicated professionals. It’s a model that promises the best of all worlds.

Managing the Overwhelming

If managing your complete DLP incident response in-house seems overwhelming, it’s because for many organizations, it is. A 2014 Trustwave report indicates that 82% of IT professionals currently partner with or have plans to partner with a managed security service provider (MSSP) to monitor and respond to security incidents. Historically, this has meant monitoring primarily perimeter-based cyber threat data from firewalls and next-generation firewalll devices (NGFWs), Intrusion Prevention Systems (IPSs), Virtual Private Networks (VPNs), AV applications, and the like. However, in the modern cloud-enabled enterprise, the list must include advanced threat protection, privacy- and compliance-driven initiatives, data governance tools, data classification solutions, data loss prevention applications, and related security operations.

It’s enough to make most security professionals work on their deep breathing exercises.

Talking a Great Game

Too often organizations are promised the world – and delivered far less – by their MSSPs. Too often MSSPs offer costly, under-performing commoditized services that fail to truly support customer security programs and goals. Too often MSSPs employ under-skilled responders and analysts, who communicate poorly, and don’t proactively improve service quality and efficiency. Too often MSSPs are plagued by high staff turnover and low morale. Too often MSSPs dump their response efforts at your door, and promptly leave, without analyzing what it all means for you.

A New Model for DLP Managed Services

We believe the new model for quality-focused MSSPs must focus on service that truly optimizes technology investments and supports organizational realities. That’s why we built infoLock Technologies to deliver DLP managed services differently and strive to be the managed services partner our customers have been hoping for:

Dedicated experts who know your business: Above all else, your managed security services partner must know you, your business, your complexities, constraints, goals, priorities, and personnel. At infoLock Technologies, Our teams are completely dedicated to specific customers, know the ins and outs of your environment, and truly act as an extension of your IT security department. They bring an in-depth knowledge of your critical data – but, more importantly, of the context for and impact from that data’s use and protection. It’s not enough to respond to an incident; you must understand its consequences.

Proven DLP technology expertise: Inefficient DLP systems churn out thousands of incidents per day. Inefficient DLP incident responders address those incidents in the order received. Inefficient MSSPs reward those analysts for the sheer numbers of incidents reviewed. Our approach, and custom-built technologies, place intelligence above volume, insight above effort.

We work to optimize your DLP environment, for sophisticated correlation, meaningful analytics, and deep pattern matching, to prioritize incidents for review and investigation. As both developers and resellers of DLP technologies, we intelligently design DLP systems based on customer-specific needs, from the ground up. There is no “one size fits all.” The resulting outcome is optimized, insightful, and efficient resolution of specific security incidents, with recognition of their larger security and privacy implications. We deliver actionable, prioritized security recommendations – not just a list of incidents requiring your review.

Continual optimization of technology and resources: Our team continually fine-tunes and optimizes your system, reducing false-positives and incident “noise.” It’s a process that never ends, because your business isn’t static. This provides a clean, high-definition view of what’s occurring in your business, across data loss, data governance, and data protection vectors.

The Keys to Unlocking DLP’s Promise

Partnering with infoLock Technologies, a recognized DLP expert and managed security services provider, drastically reduces the drag on your in-house staff. Partnering with infoLock Technologies provides a force-multiplying, robust DLP incident response structure, allowing you to reallocate precious in-house resources toward high-value, strategic initiatives and activities.

Partnering with infoLock Technologies means benefitting from our new model for high-quality, deeply insightful, and fully engaged managed security services.

We believe it’s what you’ve deserved all along.

Sean Steele is Co-Founder, Managing Partner, Technology & Professional Services at Infolock.

The Four Do’s of DLPNEXT >