Data loss prevention (DLP) tools enable organizations to implement controls on who can act on data, in what ways, based not only on file or resource-level access controls, but on awareness and classification the substance of the data as well.
DLP software platforms often consist of a variety of components notably including endpoint controls that enable policy to be set around the means by which data is transmitted or shared—file copy and send operations, clipboard copy and paste, email and other communications channels, and storage devices, among other things.
From an integrated perspective, data loss prevention also includes considerations around physical and building security, policy and procedure, and other factors that help to protect organizations' most sensitive and confidential data.
As cloud computing grows, data loss prevention is also evolving to include controls and policy to manage how data moves through and between cloud systems, in many cases never traversing local endpoints or local networks at all.
