Glossary term

DLP

Also: Data Loss Prevention, Data Leakage Prevention

Software category for detecting and preventing unauthorised data outflow. Operates on endpoints, network and cloud. Classifies content (regex, fingerprinting, ML) and enforces policies.

Three domains: endpoint DLP (e.g. Microsoft Purview, Forcepoint, Trellix), network DLP (Forcepoint, Symantec/Broadcom, Check Point), cloud DLP/CASB (Netskope, Zscaler, Microsoft Defender for Cloud Apps).

Practical issues: classification accuracy, false positives, employee acceptance, EU labour-law (co-determination under BetrVG, DPIA needed). Pure pattern-matching DLP is often not enough; modern approaches use label-based or context-based classification.

Audit cases: NIS2 Art. 21 (supply-chain security, cyber hygiene), GDPR Art. 32 (TOMs), BAIT BTO 5 (information security). DLP is often part of an insider-threat programme.

Related terms

CASB

Security layer between users and SaaS providing visibility (shadow IT discovery), data protection (D…

SSPM

Software category for reviewing SaaS configurations (Microsoft 365, Salesforce, Google Workspace, Sl…

Supply Chain Risk

Risks from the software and hardware supply chain: compromised open-source packages, build-pipeline …

Dealbreaker

A hard requirement that immediately disqualifies an option if not met, independent of weighted scori…

Decision memo

A short structured document that captures why a decision was made, the options considered, the crite…

Defensible record

A single versioned artefact that captures a decision in enough structure, with enough evidence and s…

DMARC / DKIM / SPF

Three standards that together authenticate email senders and impede spoofing. SPF authenticates the …

DORA

EU regulation on digital operational resilience in the financial sector. Directly applicable since 1…

← All terms Book a demo →