Data Loss Prevention Solution
Safeguarding data within the government with Data Loss Prevention (DLP)
-
DLP is a government data security solution that monitors and controls data transfers on government-issued devices to prevent leaks.
-
Protects sensitive government data from accidental or malicious leaks.
-
Activated for email, document printing, web uploads, and data transfers to external devices.
-
Prompts users for confirmation before potentially risky data transfers.
About data loss prevention
Data loss prevention refers to a set of technologies and processes designed to detect and prevent sensitive data from leaving an organisation's control. It encompasses measures to identify, monitor, and protect data in use, in motion, and at rest.
The risks associated with data loss are significant in today's digital landscape, including financial losses, reputational damage, and legal penalties. Adding to these concerns, Singapore's recent data reflects the growing urgency for robust protection: in Q4 of 2024 alone, the nation recorded 191,390 data breaches. As a vital aspect of cybersecurity in Singapore, vulnerabilities in cloud computing security further complicate matters, as sensitive data stored in cloud environments can be susceptible to unauthorised access.
Recognising data as a critical asset for Singapore's Smart Nation initiative, data loss prevention is paramount. To uphold a trusted digital ecosystem, the government must implement robust measures safeguarding citizen and business data. Effective data loss protection solutions are therefore essential for maintaining public trust and ensuring the integrity of digital services. As such, strong data loss prevention has become crucial for national security and economic stability.
GovTech’s data loss prevention solution
When transacting with the government's digital services, the public trusts us with their personal information and expects that we will use their data responsibly. Any unauthorised use or disclosure of data can cause them damage. The public confidence that we work so hard to build will also be eroded in a heartbeat.
Prevention is better than cure, it is often said. That is why GovTech has created Data Loss Prevention (DLP), a product that harnesses technical and process controls to detect anomalous activities such as unexpected downloads of massive data to personal devices. Such activities are indicators of malicious intent.
Integrated with the Digital Workplace, DLP has been introduced progressively since May 2022 to enhance the existing data security measures in all government-issued laptops.
Real-life sample / case studies
GovTech’s DLP solution encompasses three key areas: Email DLP, Endpoint DLP, and Proxy DLP. These components work in tandem to provide comprehensive data leakage protection.
In each scenario, DLP will inspect the documents or text being transmitted, and will then determine if an alert or action is required, based on the data classification and information security of the files or text you are working on. This process helps mitigate potential risks to data leak protection tools and strategies. To illustrate how DLP functions in practice, consider the following common user interactions and system responses:
Alert
When the system identifies classified or sensitive information, like an email containing a document marked "Restricted," an alert appears. This notification serves as a prompt, informing the user of the potential risk involved. The action proceeds without further intervention, allowing the user to continue while remaining mindful of the data's sensitivity. It's a subtle yet crucial reminder to exercise caution when handling protected information.
Affirm
If the system detects potentially sensitive data, especially in situations where classification is unclear, it will request user affirmation. For instance, when uploading a file without a specified classification to the government cloud website, a prompt will appear. Users must then confirm their authorisation by clicking "Okay" or halt the transmission by clicking "Cancel." This step ensures that sensitive data is shared exclusively with authorised parties, maintaining stringent data access control.
Block
In cases where the system identifies classified or sensitive data that violates established DLP rules, such as an email containing a "Secret" attachment directed to external recipients, the action is automatically blocked. A notification will then inform the user of the blocked action. By clicking "Close," the user acknowledges the notification. This prevents the unauthorised transmission of highly sensitive information, safeguarding it from potential exposure.
Other scenarios
Beyond these scenarios, Data Loss Prevention proactively monitors various other data transfer activities to ensure ongoing security.
|
Type of Alert |
Scenario |
|---|---|
|
Alert |
Sending emails to external recipients containing unprotected* attachment
|
|
Sending emails to internal recipients containing unprotected* attachment
|
|
|
Uploading files to the internet containing unprotected* attachment
|
|
|
Uploading files to the government cloud, e.g., GCC-PROD containing:
|
|
|
Copying files to portable storage media or printing files containing:
|
|
|
Affirm |
Sending emails to external recipients containing unprotected* attachment
|
|
Sending emails to internal recipients containing unprotected* attachment
|
|
|
Uploading files to government cloud (website) containing:
|
|
|
Block |
Sending emails to external recipients containing unprotected* attachment
|
|
Uploading files to the internet containing:
|
|
|
Uploading files to the government cloud, e.g., GCC-PROD containing:
|
How to use DLP?
DLP comes pre-installed on all government-issued devices as part of the Digital Workplace, ensuring seamless and immediate protection. When a potential data transfer triggers DLP rules, a prompt will appear, requiring users to confirm their intent. This prompt will clearly outline the detected risk and provide options to either authorise or cancel the action. If a data leak is detected, the system will automatically block the transfer and generate an alert, notifying both the user and relevant security personnel.
For any queries or support, users can contact us.
Interested to find out more about DLP?
GovTech's Data Loss Prevention solution is a crucial component of our commitment to safeguarding sensitive data and maintaining public trust. By implementing robust data loss protection solutions, we ensure that government digital services remain secure and reliable.
For further information or to explore how DLP can enhance your organisation's data security, please email us at info@tech.gov.sg.
Frequently Asked Questions About Data Loss Prevention (DLP)
How does this solution help with Cloud data loss prevention?
This solution extends data loss prevention capabilities to cloud environments by monitoring and controlling data movement within and outside cloud applications. It helps prevent unauthorised access and data exfiltration, ensuring that sensitive information remains protected in such scenarios.
What types of data are protected using DLP?
DLP protects a wide range of sensitive data, including personal identifiable information (PII), financial data, intellectual property, and classified government information. It uses content inspection and contextual analysis to identify and protect sensitive data across various formats and locations.
What data leakage protection tools are included in this DLP solution?
This DLP solution incorporates a suite of data leak protection tools, including Email DLP. Endpoint DLP, and Network DLP. These tools work in concert to monitor and control data movement across devices, networks, and cloud applications, providing comprehensive protection against data leaks.
What should I do if legitimate file transfers are being blocked?
If legitimate file transfers are being blocked, users should first verify the file's classification and ensure it complies with security policies. If the transfer is still blocked, they should contact the GovTech service desk, providing details of the file and the intended recipient, for further assistance.
