Has your organization implemented controls to prevent and detect data leaks across systems, networks, and endpoints?
Explanation
Data leak prevention (DLP) controls are essential for protecting sensitive information from unauthorized access or exfiltration. These controls typically include monitoring data in motion (network traffic), data at rest (stored data), and data in use (endpoint activities), with capabilities to block suspicious transfers or alert security teams.
Evidence could include documentation of implemented DLP solutions, screenshots of DLP policy configurations, data classification schemes, logs showing blocked data exfiltration attempts, or reports from DLP monitoring systems that demonstrate active protection against data leaks.
Context
- Function
- PR: PROTECT
- Category
- PR.DS: Data Security
- Sub-Category
- Protections against data leaks are implemented
Related questions
- Does your organization implement cryptographic controls (encryption, digital signatures, hashing) to protect the confidentiality and integrity of stored data across all relevant storage systems?
- Is full disk encryption implemented on all user endpoints (laptops, desktops, mobile devices) that store company data?
- Does your organization validate digital signatures to verify the integrity and authenticity of software before installation or use?
- Does your organization have a policy and technical controls to restrict the use of removable media devices?
- Does your organization physically secure all removable media containing unencrypted sensitive information?
- Does your organization implement cryptographic controls to protect the confidentiality and integrity of network communications?

