DLPの製品の基本の基本。なかなか参考になる。

One of the most common definitions for the term DLP (Data Loss Prevention or Data Leakage Prevention) is “systems that identify, monitor, and protect data through deep content inspection, contextual security analysis of transaction (attributes of originator, data object, medium, timing and recipient/destination and so on) and with a centralized management framework.”
Purpose of this article
Organizations are interested to protect their sensitive data, and DLP provides them with the framework to do that. So far no news… However, the DLP world is a bit more complicated than that and the purpose of this article is to highlight few basic domains and areas that are worth thinking about when considering DLP solutions.
Common Data Locations and States
Data in motion Any data that is moving through the network to destinations outside the local / corporate LAN via the Internet
Data at rest Data that resides in files systems, databases and other storage methods
Data at the endpoint Data at the endpoints of the network (e.g. data on USB devices, external drives, MP3 players, laptops, and other highly-mobile devices)

DLP – SecuriTeam Blogs