Maturing Data Loss Prevention policies to minimize false positives

Maturity doesn't happen by accident.  The best way to establish an effective cadence is to deliberately and relentlessly plan for one.

A healthcare organization in Minneapolis invested in a Data Loss Prevention solution but only gained visibility into its environment by monitoring data in motion.  At the recommendation of Symantec, the organization contacted ITS for assistance.

The primary objectives they sought to achieve were policy maturity and a reduction in the number of false positives.  After consulting with ITS, they also decided to implement prevention modules for data in motion, as well as DLP functionality for the endpoints in their environment.

After several successful projects, false positives have now been virtually eliminted as a problem.  In addition, the organization has implemented additional enterprise coverage, and has designed a new incident escalation/management process to accommodate a new DLP team.

Establishing an ongoing maturity cadence is one of our 7 Doctrines of Productive IT Management.