3.13: Deploy a Data Loss Prevention Solution
CSF v1.1 References:
PF v1.0 References:
Threats Addressed:
Group:
Incorporates the following controls from the previous version: 13.3: Monitor and Block Unauthorized Network Traffic, 14.5: Utilize an Active Discovery Tool to Identify Sensitive Data, 14.7: Enforce Access Control to Data Through Automated Tools.
Control Statement
Implement an automated tool, such as a host-based Data Loss Prevention (DLP) tool to identify all sensitive data stored, processed, or transmitted through enterprise assets, including those located onsite or at a remote service provider, and update the enterprise's sensitive data inventory.
[csf.tools Note: For more information on the Critical Security Controls, visit the Center for Internet Security.]