Benefits of Automatic Policy Generation
Policies are the core of Data Leak Prevention systems. Unfortunately, one of the weaknesses of all major DLP systems is the manual nature of policy creation. It requires that the person creating policy understands every kind of content and every possible type of misuse so that a policy can be applied for every data security scenario. Manual policy development is not flexible enough to cover new situations and is too time consuming to keep current.
Wouldn’t it be great if you didn’t have to manually construct every single detail for your DLP security policies? Wouldn’t life be better if you didn’t have to figure out how every individual piece of sensitive content should be treated?
What would that look like?
For a start, information classification will have to be automated. That would save a huge amount of time for policy creation. The system would be able to automatically calculate what was sensitive information and what was not. You would not have to tag or fingerprint every confidential piece of information. Policies would be able to access automatically classified information and make more accurate decisions on what to control.
Put that on the list as a must have.
Then what? What else can be automated? How about user permissions? The system will have to be able to figure out who could have access to what. The system would be able to automatically understand who were the privileged users and who were not.
Another step to save time in policy management.
So, if you now can automatically classify data and user access, you are ready to automatically generate policy. So how would that work? Policy is created from rules. Rules say things like: A can do B, but not C. So every user will need to have a policy for every kind of content they can transmit, plus every possible transmission type. That is a lot of policies to create and store.
But what if policy could be automatically generated and applied when it was needed? What if the policy application function was automated to compare automatically classified content with user permissions and then apply rules? It would be much faster and much more accurate.
GhangorCloud Information Security Enforcer automatic policy generation works by correlating Actors, Operations and Information to create an applicable policy for every individual transmission on the network. This delivers much greater efficiency than the legacy method of manual policy construction. And it saves a huge amount of time for the IT department.