ADVANCED CYBERSECURITY TRAINING FOR TEACHERS (ACTT)

DATA LOSS PREVENTION

Data loss prevention is increasingly taking centre stage in data security due to vast amounts of data
created, generated and collected by institutions. Most decisions made in organizations are data-driven;
therefore, data is the 21st century oil and must be protected from loss through digital attacks and data
breaches. Data loss prevention (DLP) is a set of tools and processes used to ensure that sensitive data is
not lost or misused. Its primary aim is to prevent end-users from accidentally or maliciously sharing data
that could put them or their organizations at risk. For learning institutions, DLP is used to comply with
various laws on the protection of student data. DLP protects data such as personally identifiable
information, intellectual property such as training content and other educational content, and student
information such as contact information, health information. Learning institutions must also protect their
financial data such as fee payments, grants received from governments and payroll information.

In summary, organizations and individuals use DLP to:

● Protect Personally Identifiable Information (PII) and comply with relevant regulations
● Protect Intellectual Property critical for the organization and for the individual
● Secure data on remote cloud systems
Some causes of data loss include:
● Insider threats: An insider such as an employee who abuses their right of access to move data
outside the organization
● Digital attackers: Malicious attackers target sensitive data to sell it, tarnish an organization's brand
image, or blackmail.
● Negligent exposure: People with access to the data can accidentally share confidential
information
● Missing devices: Stolen or missing devices that store confidential data. Missing devices contribute
to 42% of data breaches globally, as shown in Figure 1.
● Accidental deletion of data
● Corruption of files due to operating system errors.

Page 1 of 4
ADVANCED CYBERSECURITY TRAINING FOR TEACHERS (ACTT)

Figure 1 Data Loss Causes from Cipher

The figure above shows the various contributors to security and data breaches with the biggest being
missing devices and negligence by employees.
Data Loss Prevention Techniques
Data loss can be implemented through various solutions tailored to data protection. These solutions are
suitable for institutions. However, enterprise solutions are not ideal for individuals because they can be
quite costly. What simple techniques can an individual use to prevent data loss?

Limit the use of portable devices

Most data loss prevention strategies focus on preventing data leakages from the school’s network over
the internet, but neglect one of the biggest challenges to any DLP strategy; portable devices. Missing
devices account for 42% of data losses; therefore, it is important to limit the use of portable devices in
the learning institution. Portable devices are easily lost; hence they are a great weakness in any
institutions. An institution can completely disallow them or use only organization issued portable USBs.
These USBs should allow automatic encryption to protect any sensitive data that is stored in them.

Page 2 of 4
ADVANCED CYBERSECURITY TRAINING FOR TEACHERS (ACTT)
Individuals should also purchase USBs with such features, or ensure they use tools like BitLocker to encrypt
the contents of their portable devices.
Partitions
Another technique used to prevent data loss is the use of partitions. A partition is a logical division of a
hard drive. The most common criteria for creating partitions is to have one for the operating system and
another for data. By utilizing partitions, you prevent errors in one partition from affecting data in the other
partitions and causing data loss. To effectively use partitions, the best time to partition hard drives is
before the installation of the operating system. Remember to back up data before using partitioning
software, as mistakes could lead to data loss. Some data partitioning software include EaseUS, MiniTool
partition wizard and GParted
To create, resize or delete partitions, follow the steps detailed in this article
All external hard drives should also be partitioned to prevent data losses in case one partition fails.

Back-Up
Even after implementing various data loss prevention methods, data loss is still probable. It is important
to back up any important data so that in case of any loss, you can restore this data from the backup
location. You can use external drives or the cloud to store backups. Most used cloud services include
Google Drive, One Drive and Dropbox. Due to the large volumes of data, it is crucial to manage the storage
space in the cloud drives available to us as individuals. It is advised that automatic backing up be disabled
so that one can decide on the specific data they want to back up.
As earlier mentioned, data can also be lost through accidental deletion. To prevent such loss:
1. Always maintain a regular backup of essential data such as performance grades, class plans,
research
2. Organize files into folders depending on the importance. For example, one can have a folder with
student grades and another with research. This limits data loss in case one folder gets corrupted
or is accidentally deleted.
3. Do not save important data in frequently used partitions or locations to avoid accidental deletion.
For example, the Documents folder and the Desktop are frequently used; therefore they are not
a good place to store any important data
4. Verify the Recycle Bin before emptying.

Page 3 of 4
ADVANCED CYBERSECURITY TRAINING FOR TEACHERS (ACTT)
Additionally, to prevent data loss through corruption, implement the following guidelines:
1. Have anti-virus software installed as some malware may cause corruption of files
2. Do not interrupt any data transfers as this could lead to corruption of the files being transferred
3. Use the recommended procedure to terminate any applications that access data
4. Safely removing external storage devices like hard drives and flash drives
5. Follow proper shutdown procedures

In conclusion, data losses can be devastating for both organizations and individuals with effects such as
financial losses, damage to brand reputation and privacy infringement. However, most data losses can be
prevented through caution and use of the mentioned preventive measures.

Page 4 of 4