A company can buy every top-of-the-line security product known to man, but it won't make a difference for data loss prevention (DLP) unless end users are educated on their own role. Technology is indeed critical to DLP, but security experts say user awareness is key to keeping sensitive data safe from online predators.
"DLP is a process first. The technology is simply an enabler for the automation of the process," said Rick Lawhorn, a Richmond, Virginia-based chief security officer. "The process needs to include education and awareness training and cover human resources, records management and compliance. The objective is to continuously train data owners and data custodians (the employees) on the company policies to reduce instances of non-compliance."