Data Loss Prevention

 View Only

  • 1.  DLP Incident handling methods

    Posted Mar 10, 2013 01:38 PM

    Dear All,

    please tell me how we can work on incidents that are genrated on DLP and what are the method to handle dlp incidents ?



  • 2.  RE: DLP Incident handling methods
    Best Answer

    Posted Mar 10, 2013 01:44 PM

    Hi Rajat,

    As I am worked for almost 2 yrs for incident management for symantec DLP . I can guide u better.

    First u need to design the incident handling and escalation workflow. U can automate the esacalation workflow and start working on it.

    U need to assess the incident on daily basis and escalate the incident to the supervisor of user for investigation, Once investigation done and if req keep HR in loop to appropriate actions.

    Please refere some below guide

    http://www.symantec.com/business/support/index?page=content&id=HOWTO82595

    https://www-secure.symantec.com/connect/articles/dlp-policy-implementation-approach

    https://www-secure.symantec.com/connect/forums/dlp-false-positve-incident



  • 3.  RE: DLP Incident handling methods

    Trusted Advisor
    Posted Mar 11, 2013 04:36 AM

    Hi rajat,

     Dont forget to take into account that you may need some seggregation in who is allowed to see what type of incident and that if your working for multinational, end user country has also to be taken into account to ensure you are compliant with local regluations and laws.

     

     regards



  • 4.  RE: DLP Incident handling methods

    Posted Mar 12, 2013 04:21 AM

    It depends on what is the incident workflow to handle and escalate the incident. What are the team are includede in this process like HR and ISG team,legal etc...

     



  • 5.  RE: DLP Incident handling methods

    Posted Mar 13, 2013 05:49 AM

    Thanks all, it was very helpful.