Big Data Governance

Group Assignment Presentation

GROUP 10:
•Bornface Chinyuku C1110757R
•Farayi Karadzandima C23156797U
•Norman Goko C23175602E
•Bradwell Noah Katiyo C23157012X
•Millicent Chekeche C23157444W
•Chiedza Muchenje C23157529H
•Obias V Runesu C23156792V
•Paulla K Mudondo C23156786V
 Data Loss
Prevention
(DLP)
• Implementing DLP solutions to prevent the
unauthorized transfer or leakage of
sensitive data.
• Ensuring that DLP solutions are compatible
with the unique characteristics of big data
systems.
 • Refers to a set of strategies and technologies
implemented to prevent the unauthorized
transfer, leakage, or loss of sensitive data
within an organization.
What is Data • Encompasses the tools and policies used to
Loss prevent sensitive data from leaving an
organization. It involves monitoring and
Prevention controlling data in motion, at rest, and in
use. Effective DLP solutions help mitigate the
risk of data breaches and unauthorized
access.
 • The primary goal of DLP is to secure sensitive data from being
exposed to unauthorized individuals or entities, both
internally and externally.

• Preventing Unauthorized Data Transfer: - DLP solutions

monitor data movement across networks, endpoints, and
cloud services. - Policies are enforced to block or restrict data
transfer based on predefined rules.

• Detecting Insider Threats: - DLP tools analyze user behavior

Purpose of DLP to identify anomalies. - Insider threats (For example,

employees intentionally leaking data) are detected and
mitigated.

• Securing Data at Rest, in Transit, and in Use: - Encryption,

access controls, and monitoring ensure data security. - DLP
covers data across its lifecycle.

• This includes preventing accidental or intentional data leaks,

ensuring compliance with data protection regulations, and
safeguarding intellectual property.
Other
benefits of
DLP
Implementation of DLP solutions
01 02
DLP solutions typically These can include data
involve a combination of classification, encryption,
technologies, policies, access controls, user
and procedures. monitoring, content
filtering, and data
discovery mechanisms.
03
By implementing these
solutions, organizations
can better detect,
monitor, and protect their
sensitive data.
Implementation of DLP solutions
Data Discovery and
Classification
Understand your data: -
Identify sensitive data (For
example, financial records,
trade secrets).
Classify data based on
sensitivity (For example.,
public, internal, confidential)
Tools: - Automated
scanners, manual tagging, and
metadata analysis
Policy Creation and Endpoint Protection Network Monitoring Cloud DLP
Enforcement
Define DLP policies: - Specify Install DLP agents on Inspect network traffic: - Extend DLP to cloud
what actions are allowed or endpoints (laptops, desktops, Email, web traffic, cloud environments (For example.,
blocked. mobile devices). services. AWS, Azure, GCP).
Consider context (user, Monitor data movement and Apply policies: - Block Secure data stored in cloud
location, device). enforce policies. sensitive data uploads. services. - Monitor cloud
Examples: - Block email Prevent data leaks via Detect data exfiltration activity and enforce policies.
attachments containing credit removable media attempts
card numbers.
Monitor file transfers to USB
drives.
Alert on unusual data access
patterns
Sensitive data identification
• DLP solutions rely on the identification and classification of sensitive data.
• This involves defining what types of data are considered sensitive within the organization
and establishing policies to ensure their protection.
• Sensitive data can include personally identifiable information (PII), financial records,
intellectual property, trade secrets, and confidential business information.
• Sensitive data is confidential and only accessible to authorized users with proper
permission, privileges, or clearance to view it.
Monitoring • DLP solutions employ various monitoring
techniques to identify potential data
breaches or policy violations.
and detection • This can include real-time monitoring of
network traffic, endpoint activities, email
communications, and data transfers.
• DLP systems use predefined rules, machine
learning, and behavioral analysis to detect
anomalies and patterns that indicate
unauthorized access or data leakage.
 • When a potential data breach or policy
violation is detected, DLP solutions trigger
appropriate response mechanisms.
• These may involve sending alerts to security
Response personnel, blocking or quarantining data
and transfers, encrypting sensitive information,
or applying access controls to limit
mitigation unauthorized access.
• The goal is to minimize the impact and
prevent further data loss.
 Implementing Data Loss Prevention (DLP) on data at rest involves protecting
sensitive information stored in databases, file systems, data lakes, and other
storage repositories.
• Identify Sensitive Data

Data at Rest • Data Discovery and Classification

• Data Encryption
• Access Controls
• Data Masking
• Data Lifecycle Management
• Data Loss Prevention Policies
• Data Auditing and Monitoring
• Data Loss Incident Response
• Employee Training and Awareness
By following these steps and implementing robust controls, organizations can
effectively protect sensitive data at rest and mitigate the risk of data breaches and
compliance violations. Regularly assess and improve data protection measures to
stay ahead of evolving threats and regulatory requirements.
Data in Motion
Implementing Data Loss Prevention (DLP) on data in motion involves safeguarding sensitive information as it moves across networks, between systems, or to external entities. Here's a guide
on how to implement DLP on data in motion:

• Identify Sensitive Data

• Data Discovery and Classification

• Encryption

• Data Loss Prevention Policies

• Network Monitoring and Filtering

• Email Security

• Secure File Transfer

• Endpoint Security

• User Training and Awareness

• Regular Monitoring and Incident Response

• By following these steps and implementing robust controls, organizations can effectively protect sensitive data in motion and mitigate the risk of data breaches, unauthorized access, or
compliance violations. Regularly assess and update data protection measures to address emerging threats and regulatory requirements.
Data in Use

Implementing Data Loss Prevention (DLP) on data in use involves protecting sensitive information while it is being accessed, processed, or manipulated by users or applications. Here is a guide on how to implement
DLP on data in use:

• Identify Sensitive Data

• Data Discovery and Classification

• User and Application Monitoring

• Endpoint Security

• Application Controls

• Encryption and Tokenization

• Data Access Controls

• Data Masking

• Behavior Analytics and Anomaly Detection

• User Training and Awareness

• By following these steps and implementing robust controls, organizations can effectively protect sensitive data while it is in use and mitigate the risk of data breaches, unauthorized access, or compliance
violations. Regularly assess and update data protection measures to address emerging threats and regulatory requirements.
 • Data Loss Prevention (DLP) is a game-changer for businesses
struggling with the ever-changing world of compliance. Here's
how DLP helps:
• Compliance Across Industries: No matter your industry, there
are regulations to follow. DLP helps you meet these
DLP in requirements by protecting sensitive data, from financial
information to patient records.
Compliance • National and International Standards: Frameworks like

and NIST and GDPR have strict data protection measures. DLP
helps by identifying, monitoring, and securing sensitive data,
aligning with these standards.
Regulatory • Real-world Examples:

Frameworks • Payment Card Industry (PCI DSS): DLP protects credit card
data, preventing unauthorized access and breaches, a key
requirement for PCI DSS compliance.
• Healthcare (HIPAA): DLP safeguards patient health
information, ensuring compliance with HIPAA regulations.
 • Financial Services (SOX & GLBA): DLP helps protect financial
data, prevent fraud, and ensure accurate reporting, vital for SOX and
GLBA compliance.
• California Consumer Privacy Act (CCPA): DLP controls the flow
of personal information, preventing unauthorized sharing and ensuring
DLP in CCPA compliance.
• Benefits Beyond Compliance:
Compliance • Reduced Risk of Data Breaches: DLP helps prevent data loss,

and
reducing the risk of costly breaches and potential fines.
• Stronger Security Posture: DLP strengthens your overall security,

Regulatory demonstrating a proactive approach to data protection.

• Improved Brand Reputation: Data breaches can damage trust. DLP

Frameworks helps mitigate this risk.

• DLP is a versatile tool that helps businesses navigate the complex
landscape of data protection regulations. By protecting sensitive data,
you can ensure compliance, reduce security risks, and build trust with
stakeholders.
Compatibility
of DLP
solutions with It is essential to consider the unique
the unique characteristics of these systems, such as their
characteristics scale, complexity, and distributed nature.
of big data
systems
Scalability
DLP solutions should be able to handle the large volumes of data
typically processed in big data systems. This may involve leveraging
distributed architectures, parallel processing, and efficient data
indexing techniques.
 DLP solutions need to integrate
seamlessly with big data platforms
to monitor and analyze data flows.
This may require integration with
data ingestion pipelines, stream
Data ingestion processing frameworks, or data
lakes.
and processing
 DLP solutions should provide
mechanisms to classify and analyze
data in a distributed and parallel
Data manner. This could involve
leveraging distributed machine
classification learning algorithms or utilizing
and analysis scalable data processing frameworks
like Apache Spark.
 DLP solutions should be capable of
monitoring data in real-time within
big data systems. This can involve
integrating with streaming
platforms like Apache Kafka or
Real-time utilizing complex event processing
techniques.
monitoring
Compliance and audit

DLP solutions need to provide

mechanisms for auditing and
ensuring compliance with data
protection regulations in the
context of big data systems. This
may involve tracking data
lineage, maintaining audit logs,
and providing reporting
capabilities.
Challenges of DLP - Big Data
Systems Compatibility

• Big data platforms (Hadoop, Spark, etc.)

handle massive volumes of data
• DLP solutions must adapt
• Scalability: Handle large datasets
efficiently
• Integration: Work seamlessly with big
data tools
• Real-time processing: Analyze data
streams without latency
Challenges of DLP - Balancing
Security and Usability
• DLP policies should not hinder
legitimate business processes
• Fine-tune policies to minimize
false positives
• Educate users about data handling
best practices
 We discovered raw data from the advertisement we were working on was released on a
website, and we terminated the vendor. We also created tight regulations against such
actions, such as penalizing third parties if data leaks occur on their end. – CEO of a Swiss
Advertising agency

A former employee had previously leaked sensitive data to another company that works in
the same domain. Remedial actions were promptly taken to close the leakage channel and
for prevention purposes, the common database of documents and information are now
increasingly secured and monitored. – CRO of a US Consumer electronics company

We received a massive round of funding from a very high-profile investor. This was going
to be a major media push for us as it was a huge endorsement of our business model by
one of the most influential people in the industry. We had only just started to work on the
press release, when I got a call from a business reporter wanting to break the story. It

Data Loss turned out that it was a board member who had leaked the story to boost their own
profile. – PR Manager of a UK Entertainment company

Examples A hacker gained access to our servers and pulled out customer information and some
confidential documents, which was both monetary and reputational loss to us. We
discover the leak a few months later and must alter several of our plans. Finally, we
strengthened our security system and filled all possible gaps on the server. – COO of a UK
Automotive company

There was an incident when the hackers took advantage of a third-party tool we
employed for customer segmentation and cultural understanding due to which our
majority of critical information was exposed. – Director of a UK Public relations agency

We had a loss of data due to employee negligence as multiple highly important client
documents were transferred to the wrong recipient outside of our organization which
resulted in strained client relations. Moving forward we have limited the control of data
sharing to the management level to control data breach. – Chief Operating Officer of a
US Public relations agency
 • Implementing DLP solutions is crucial for preventing
data breaches and protecting sensitive information.
When implementing DLP in big data systems, it is
important to consider scalability, data processing,
real-time monitoring, compliance, and audit
requirements specific to these environments.
• By combining robust DLP tools with user education
Conclusion and proactive monitoring, organizations can
mitigate the risk of data breaches and protect their
valuable information assets.
• DLP is a critical component of modern
cybersecurity.- By implementing robust DLP
solutions and ensuring compatibility with big data
systems, organizations can protect their sensitive
data effectively.
THE END