Symantec DLP and ICA

Keeping data under lock and key defeats the purpose of digital business. Workers need to work with data, even sensitive data, and sometimes move it outside an organization. For example, a hospital administrator might need to send an insurance company HIPAA-protected information from a patient’s health record. However, that administrator would not need to save the data to a removable USB drive. Symantec DLP stands guard by automatically discovering sensitive data, enforcing protective measures such as encryption and DRM, and preventing it from leaving the enterprise in unwanted or noncompliant ways.                

Symantec DLP doesn’t stop there. It enables you to surveil behaviors relating to suspicious user-installed applications and prevent exfiltration of sensitive data. Symantec DLP also is configured to identify GDPR-protected information, enabling you to track its use and location, and regulate its flow. And it integrates with encryption and cloud-access security broker (CASB) technologies to protect email, removable media, individual files and data in the cloud.

Working hand-in-hand with DLP, Symantec Information-Centric Analytics (ICA) implements UEBA, providing AI-and ML-enabled insight into user behavior. Every employee has a normal behavior pattern, which ICA observes, records, and compares to that of employees with similar responsibilities. When an employee’s behavior, or usage of an employee’s system, departs from the normal pattern – a 3AM download of sensitive data, for example — ICA takes note, assigning a risk score and reporting to an organization’s security operations center (SOC).