Data Loss Prevention (DLP)

Data loss prevention is a technique that is usually applied to ensure that the end users cannot access sensitive information that might be vital to the company. Data loss prevention method presumes that the management and the employees can protect information that might negatively affect the organization in case it is disclosed to third parties. The method usually includes all stakeholders in the organization to guarantee that the strategic plan is practical and workable for the company.

Technology 1. Blockchain is the type of technology which is digitalized and decentralized in transactions that are cryptocurrency related. The blockchain tends to record the operations in a chronological order making it easier to access and understand by the users. The technology also permits keeping a track record of the transactions. Additionally, it helps the organization to maintain a centralized track record of the cryptocurrency transactions (Pilkington, 2016). The technology interconnects all the computers present in the company. The blockchain technology ensures only the employees can access the transactional data of the firm (Pilkington, 2016). Moreover, the technology allows automatic downloading of the transactions that take place in the organization.

Technology 2. Data masking is the technology that creates mimics: a similar but fake version of the company’s information. The technique usually aims at protecting real information of the organization. Data masking is generally essential for testing of software and training the users of the software (Ahuja et al., 2016). The primary purpose of the software technology is protecting real data by providing a substitute.

Technology 3. Tokenization is another type of data protection. It implies substitution of data that is considered to be sensitive to the organizations, and replacing the raw data with the non-sensitive data. The renewed non-sensitive information is usually known as the token (Protegrity Tokenization, 2011).

Internal and External Factors Identified During SWOT Analysis

The internal factors identified during SWOT analysis include employees’ training, cost of installation, virus, and maintenance of the data loss technologies. On the other hand, the external factors for data loss involve competitors, consumers, and governmental regulations.

How They Influence the Operation and Maintenance of the Network

The company plans to recruit highly skilled labor to maintain the data loss technologies that are to be implemented. The management will also train the employees on the best methods of using the software to ensure the implementation is in line with the organizational goals (Bailey et al., 2015). The data loss technologies should comply with set governmental regulations to ensure there is no breach of law. These technologies will safeguard the information of the consumers from data loss.

What Can Be Done to Overcome These Factors?

The company needs to evaluate existent regulations to ensure that the data loss technologies comply with set standards and policies. In addition, the organization needs to create a workable system to allow frequent tracking of the data loss prevention technologies to eliminate any threats. The organization also needs an antivirus to remove the viruses that may impact installed data loss software.

Strengths, Weaknesses, Opportunities, and Threats (SWOT) Analysis

Blockchain Technology

SWOT Analysis for Technology 1

Strengths

Blockchain technology will enable the organization to protect the transactional information.

Ensures efficient operation

Facilitate easier sharing of information

It eliminates central authority that has full access of the data (Niranjanamurthy, Nithya and Jagannatha, 2018)

Weaknesses

Blockchain technology does not guarantee the protection of customers from other competitors.

Blockchain technology is relatively slow in its usage.

Blockchain technology may prove to be expensive for the company.

Remains constant while the business environment is changing fast.

Opportunities

Blockchain technology is essential for the organization planning to invest in cryptocurrency.

Can easily be accepted since the world is becoming digital

Users have the opportunity to control their data

They ensure that Big Data can easily be analyzed

Threats

The possibility of the employees’ lack of knowledge about proper use of the blockchain technology.

Might have scalability issues

Changing environment

Invention of quantum computers that can easily descript data

Data Masking

SWOT Analysis for Technology 2

Strengths

Data masking protects real information of the organization by mimicking the actual data.

Can work in diverse environment

Once sensitive information is identified it is fully protected within the lifecycle

The system can be reused. Reusability requires the script to be rewritten from scratch (An Oracle, 2013)

Weaknesses

Data masking may not eradicate all the information that is vital for the company.

Masked data might expose the organizational information.

Users of the software technology may fail to comply with the standards.

Changing the value of an information considered sensitive might result to the system considering the information not sensitive

Opportunities

Data masking is usually essential in the storage of corporate information from potential threats.

Can easily be upgraded to cover more information

The large database stored can easily help the company to improve its activities

It is very flexible and thus has flexible solutions

Threats

The exposure of corporate information to the competitors in the market.

Auditing the sensitive information is a great challenge

Sensitive information change over time

Might be difficult to maintain

Tokenization

SWOT Analysis for Technology 3

Strengths

Tokenization ensures the protection of internal data.

Tokenization ensures that retailers comply with various governmental regulations.

Tokenization is easily integrated with other technologies in the company.

It assures the customers of the safety of the information that they provide (Robinson, 2018).

Weaknesses

The presence of cryptocurrency reversals in the market due to the use of tokens.

The lack of adequate skills to utilize the tokenization system by the retailers.

It is challenging to install.

Common standard of tokenization (Kovacs, 2018)

Opportunities

Ensures that the organization should be able to maintain its competitiveness in the organization.

The increasing mode of mobile payment result to demand for tokenization.

It ensures real time screening to help minimize fraud (Robinson, 2018).

Helps in securing payment information.

Threats

The usage of tokens proved to be troublesome to the majority of merchants.

A client who wish to return goods and does not have transaction ID might have hard time especially when they detail had ben tokenized.

A fraud with the transaction ID can easily get hold of goods.

Lack of consistent terminologies (Kovacs, 2018).

Step 5: Address Integration and Implementation Issues.

Implementation of the data loss prevention procedure usually requires the firm to have a well-structured framework. The management of the company needs to train the employees on the application of data loss prevention technologies. Training will ensure the employees are conversant with the techniques thus enabling the organization attain its goals.

Step 7. Plan People, Process, and Data Governance Issues

Governance, Risk, and Compliance (GRC) Issues

The Government Risk and Compliance framework entails the organization involving corporate governance to ensure the success of the data loss protection program that is to be implemented. The Government Risk and Compliance creates an umbrella structured body that forms and integrates three elements to guarantee that the company achieves its organizational goals. The GRC will ensure that the data loss strategy complies with set policies of the market.

Governance. The corporate governance set by the company will ensure the organization will integrate blockchain technology, tokenization, and data masking with existing techniques that have been used previously. Implementation of new technologies will have to follow solid strategic plan to guarantee it is well managed. The management of the company will have to train the employees on the use of new technologies. Proper governance will ensure brand loyalty among the consumers as they will be sure that their information is protected from suspicious activities and competitors.

Risk. Implementation of new technologies that protect organizational data will face multiple threats. The technologies that are to be introduced by the organization will require highly skilled staff to utilize the data loss strategic plan (Bailey et al., 2015). Technologies such as the blockchain will entail the employees having a broad knowledge in the field. Every technique use leads to threats that may affect the implementation of the new data protection project.

The cases of consumers’ personal data loss are countless. Data prevention technologies may not provide security for the protection of the consumer’s data. The technologies also might face the risk of low-quality protection of data by the company. The company might also face threats relating to leak of information through internal employees. The management of the company needs to ensure that the employees sign a legal binding document that will protect the data from outsiders.

Compliance. Regarding compliance, the organization needs to follow regulations such as General Data Protection Regulation, Health Insurance Portability, International Traffic in Arms Portability, and Payment Card Industry Data Security. International Traffic in Arms regulations restricts transactions involving defense and military information equipment. General data protection regulations strengthen data protection and collection. Payment card industry data security ensures the protection of token cards or payment cards to protect users’ data and monetary transactions.

References

Ahuja, R. P. S., Jha, B., Maini, N., Patel, S., Jain, A. R., Hegde, D. K., ... & Pawar, A. V. (2016). U.S. Patent No. 9,430,564. Washington, DC: U.S. Patent and Trademark Office.

An Oracle White Paper. (2013). Data Masking Best Practice. Oracle Database

Bailey, B. T., Romer, J., Doyle, C., Gifford, J., & Zibart, K. (2015). U.S. Patent No. 8,943,574. Washington, DC: U.S. Patent and Trademark Office.

Kovacs, E. (2018). Tokenization: Benefits and Challenges for Securing Transaction Data | SecurityWeek.Com. Retrieved from https://www.securityweek.com/tokenization-benefits-and-challenges-securing-transaction-data

Niranjanamurthy, M., Nithya, B. and Jagannatha, S. (2018). Analysis of Blockchain technology: pros, cons and SWOT. Cluster Computing.

Pilkington, M. (2016). 11 Blockchain technology: Principles and applications. Research Handbook on Digital Transformations, 225.

Protegrity Tokenization - Securing Sensitive Data for PCI. (2011) HIPAA and Other Data Security Initiatives.

Robison, T. (2018). What is Tokenization and Why Should Businesses Be Using It? | Liaison Technologies. Retrieved from https://www.liaison.com/blog/2017/09/05/tokenization-businesses-using/

Yli-Huumo, J., Ko, D., Choi, S., Park, S., & Smolander, K. (2016). Where is current research on blockchain technology?—a Systematic review. PloS oOne, 11(10), e0163477.