Preventative controls for addressing data loss issues are generally in the form of monitoring activities and appropriate actions. For each of the data states, various types of controls are required to ensure security.
Data breach or loss can happen in any of the three states, that is, data in motion, data at rest, or data in use. Controls to prevent data loss can be either preventative or detective. Preventative controls include access restrictions based on the classification of the data. However, a 100% preventative environment is not feasible as the information technology components are heterogeneous in nature. Since different products and technologies from different vendors are used, a uniform policy to prevent data breach may be difficult to implement.
Data loss is an incident. An attempt, whether malicious or inadvertent, to steal data or cause data to be exposed should be identified through proper incident management controls and appropriate actions have to be taken based...