|
|
Monitoring and Analysis of Users Using DLP System
László, Peter ; Janoušek, Vladimír (referee) ; Drozd, Michal (advisor)
The purpose of this work is presenting Data Loss Prevention systems, describing each element of it and writing down advantages and disadvantages of these systems. This document contains required knowledge about filter drivers and I/O request packets. According to this knowledge it is possible to design a user application, which based on the principles of Data Loss Prevention systems is able to prevent sensitive data from leaks. Created application is a mini-filter driver, which allows tracking operations of marked files with monitoring and filtering IRP packets. This document also contains detailed desing, implementation, testing and reviewing of created program.
|
|
|
Monitoring and Analysis of Users Using DLP System
Pandoščák, Michal ; Hanáček, Petr (referee) ; Drozd, Michal (advisor)
The purpose of this masters thesis is to study issues of monitoring and analysis of users using DLP (Data Loss Prevention) system, the definition of internal and external attacks, the description of the main parts of the DLP system, managing of politic, monitoring user activities and classifying the data content. This paper explains the difference between contextual and content analysis and describes their techniques. It shows the fundamentals of network and endpoint monitoring and describes the process and users activities which may cause a data leakage. Lastly, we have developed endpoint protection agent who serves to the monitoring activities at a terminal station.
|
|
| |
|
|
Data Loss Prevention
Čermák, Tomáš ; Pavlíček, Luboš (advisor) ; Kališ, Martin (referee)
The aim of this thesis is to provide basic information from the field of the data loss prevention. In theoretical part, fundamental principles and options of DLP will be described, including reasons why use this type of protection. Next, in practical part, will be described establishment and testing of selected functions provided by open-source DLP solutions. There are just few comprehensive materials regarding the DLP in Czech language, so this thesis should be used for acquiring basic information for this technology field.
|
|
|
Design of conception of data loss prevention
Brejla, Tomáš ; Střížová, Vlasta (advisor) ; Sejk, Vratislav (referee)
This work deals with the making of conception of implementation of processes and software tools designed to ensure sensitive data leakage prevention from the organization infrastructure. The structure consists of three key parts. The first one describes theoretical basis of the work. It explains what is the data loss prevention, what it comes from, why it is necessary to deal with it and what its goals are. It also describes how this fits into the whole area of corporate ICT security environment. There are defined all the risks associated with leakage of sensitive data and there are also defined possible solutions and problems that are associated with these solutions. The first part also analyzes the current state of data loss prevention in organizations. They are divided according to their size and for each group there is a list of the most common weaknesses and risks. It is evaluated how the organizations currently solve prevention of data loss and how they cover this issue from both a procedural point of view and in terms of software tools. The second part focuses directly on the software tools. It is characterized the principle of operation of these systems and it is explained their network architecture. There are described and evaluated current trends in the development of the data loss prevention tools and it is outlined possible further development. They are divided into different categories depending on what features they offer and how these categories cover the needs of organizations. At the end of the second part there are compared the software solutions from leading vendors in the market against actual experience, focusing on their strengths and weaknesses. The third part presents the core content. IT joins two previous sections and the result is the creation of the overall concept of the implementation of data loss prevention with focus on breakdown by several different levels -- processes, time and size of the company. At the beginning of this third section it is described what precedes the implementation of data loss prevention, and what the organizations should be careful of. It is defined by how and what the organizations should set their own expectations for the project could be manageable. The main point is the creation of a procedure of data loss prevention implementation by creating a strategy, choice of solutions, to the implementation of this solution and related processes. The end of the third part deals with the legal and personnel issues which are with the implementation of DLP very closely related. There are made recommendations based on analysis of the law standards and these recommendations are added to the framework approach of HR staff. At the very end there are named benefits of implementing data loss prevention, and the created concept is summarized as a list of best practices.
|
guest ::
