Data Loss Prevention

  • Private Community
 View Only

  • 1.  Deploying DLP in several countries - Trans-border Issues

    Posted Oct 12, 2016 09:05 PM

    We are deploying DLP in several countries where to company has branches.The countries are all in the Americas.

    1) Are there any issues to consider regarding trans border crossing for emails/data. For instance if the email server (Exchange) is in the US and mail is routed to that server, would we need to get seperate SMTP prevent server for each location.

    2) would we need to have DLP servers in the foreign countries? which one?

    3) What are the OTHER issues to consider? Any advice you can give would be helpful.

    Thank you,

    ZFouch

     



  • 2.  RE: Deploying DLP in several countries - Trans-border Issues
    Best Answer

    Trusted Advisor
    Posted Oct 13, 2016 01:49 AM

    hello,

     There is several point to be checked :

    - Privacy : Depending on country where you deploy DLP, you may have different degree of privacy allowed to end users. So you may have different pre requisite before being allowed to start running DLP on their email.

    - Incident management : If in your activity there is some specific regulations, there may be some constraints related to that and they could be different depending on countries where you want to deploy DLP. This could lead to some specific way to manage DLP incident and some request for some seggregation of duties in the tool by defining new/specifc roles.

    - Policies : For some statement as above, you may need to put some specific policies in place on some population or not allowed to apply some policies on some other population.

    - As you wrote in your question, you need to take care about transborder issues as you will transfer data, and there may be some personal data in messages.

     

     All these constraints must be validated by your company legal and compliance teams because this could lead to some major issue for the company. So i am a little bias on theses points as i used to deploy some DLp in europe where transborder DLP could become a nightmare.

     

    Regards.



  • 3.  RE: Deploying DLP in several countries - Trans-border Issues

    Posted Oct 13, 2016 03:55 AM

    Hello,

     

    In order to be compliant with those Countries you should confirm the data privacy and data protection laws and regulations.

    That can be easily achieved in a webpage like:  https://www.dlapiperdataprotection.com/

     

    BR,



  • 4.  RE: Deploying DLP in several countries - Trans-border Issues

    Posted Oct 13, 2016 04:45 PM

    Thank you FICHET Stéphane and Morgado.

    Quite helpful.

     



  • 5.  RE: Deploying DLP in several countries - Trans-border Issues

    Posted Oct 14, 2016 12:26 PM

    Bottom line - Your legal team should be a stakeholder for all policies.