Many years ago, I remember watching a clip on TV about someone inventing a toilet that once locked, would not open unless it senses that someone has used the washbasin first. Interesting and to some extent sickening – just makes you wonder, was it invented as a precaution or a necessity?
There probably aren’t many people out their, who have to be forced to wash their hands after the toilet but considering the stakes – the precaution was worth it.
Putting this in corporate information security perspective, most of our rules have less to do with legislation and more with common sense. Moreover a policy that isn’t implemented tends to remain more of an advice – which tends to be generally disregarded.
Data Loss Prevention (DLP) is a preventative technology, if you’d call it that, I consider it more of an amalgamation of existing little utilities packaged into an integrated software allowing centralized policy control and more importantly policy enforcing.
If you’re fed up being the Dutch uncle on information security issues that is once something appalling has occurred (people usually start seeking an advice once they’ve done the irrevocable). Maybe it’s now time for less advising and more enforcing of things, maybe its time for Data Loss Prevention (DLP).