Enhancing our Data Loss Prevention program
Our expanded information security solution monitors and protects sensitive information, while respecting data privacy regulations around the world.
In a time of rising security risks, we face the daily challenge of protecting sensitive data across our enterprise.
From our client-supplied data and corporate intellectual property to personally identifiable information (PII), we process vast amounts of sensitive information every day. Which is why we initiated a Data Loss Prevention (DLP) program more than a decade ago to protect against unintended data disclosures, identify when people are processing proprietary data and to ensure we’re protecting our client-sensitive data.
Initially, the DLP program was passive, monitoring outbound movement of limited PII data and reacting to alerts. It has since been built out and enhanced to proactively prevent incidents and monitor data activity across almost half a million end points in a global network spanning more than 50 countries.
To maintain safety and security, we’re continuously enhancing our DLP tools and processes to protect data, while respecting data privacy regulations around the world.
Our Information Security team collaborated with our internal IT team to transform and build out the Data Loss Prevention program capabilities.
This combined Accenture team faced significant technical challenges and they worked with third-party experts to define the architecture for the DLP solution, including the technical infrastructure and the required network and server configurations.
With the architecture, network and server configurations in place, the team then worked with legal advisors to ensure that the enhanced DLP solution would meet governmental, regulatory and data privacy standards around the globe.
As the new security enhancements were implemented, the Accenture team was constantly reviewing the process changes, and intervening and investigating when necessary, to ensure business operations weren’t disrupted and all data privacy standards were being met.
The Accenture team built out the DLP capabilities to monitor and protect sensitive data, while respecting data privacy regulations around the world.
Some of the security enhancements include:
Partnering with the business to deploy focused DLP policies, establishing what is a risky data transfer versus a service requirement we provide to a client.
Deploying a DLP agent on user laptops that monitors the flow of data and reports DLP events centrally to the Accenture Security Operations Center (ASOC).
Implementing an email DLP capability to mitigate the risks of data loss via email; the system protects both managed and unmanaged endpoints, including mobile devices.
Flagging and blocking identified client-sensitive data or intellectual property transferred outside authorized locations, including files sent to personal Gmail accounts or external devices.
Using technology that allows for local data control to manage specific business unit or engagement data flows.
Our Data Loss Prevention capabilities now provide greater security with increasing ease. We have built tools and processes that balance protecting enterprise and client data with respecting the privacy of our employees.
The flexibility of our enhanced DLP program enables Information Security personnel to ensure policy and contract compliance. It allows for the easy creation of policies that address specific contractual obligations.
With our enhanced DLP program, we have successfully extended data protection to our clients, and we are proactively preventing incidents—reducing risk for our clients and across our entire enterprise.