Data Loss Prevention

DLP refers to systems that enforce policies to safeguard critical data such as Intellectual Property and customer information and ensure it doesn't escape from the enterprise to unintended parties. THese solutions discover and classify sensitive data, define and manage policies based on content and context, monitor and enforce movement of data, as well as report, audit and document incidents of data leakage.

Cloud Controls Matrix (CCM) Data

Array

DG-07 | Data Governance | Information Leakage

Control Specification +-

Security mechanisms shall be implemented to prevent data leakage.

Architectural Relevance +-

PhysicalNetworkComputeAppData
False False True True True

Corp Gov Relevance +-

Corp Gov Relevance
True

Cloud Service Delivery Model Applicability +-

SaaSPaaSIaaS
True True True

Supplier Relationship +-

Service ProviderTenant / Consumer
True False

Scope Applicability +-

COBIT 4.1HIPAA / HITECH ActISO/IEC 27001-2005

DS 11.6

A.10.6.2
A.12.5.4

NIST SP800-53 R3FedRAMP (Final 2012) Low ImpactFedRAMP (Final 2012) Moderate ImpactPCI DSS v2.0

AC-2
AC-3
AC-4
AC-6
AC-11
AU-13
PE-19
SC-28
SA-8
SI-7

NIST SP 800-53 R3 AC-1
NIST SP 800-53 R3 AC-2
NIST SP 800-53 R3 AC-3

NIST SP 800-53 R3 AC-2
NIST SP 800-53 R3 AC-2 (1)
NIST SP 800-53 R3 AC-2 (2)
NIST SP 800-53 R3 AC-2 (3)
NIST SP 800-53 R3 AC-2 (4)
NIST SP 800-53 R3 AC-2 (7)
NIST SP 800-53 R3 AC-3
NIST SP 800-53 R3 AC-3 (3)
NIST SP 800-53 R3 AC-4
NIST SP 800-53 R3 AC-6
NIST SP 800-53 R3 AC-6 (1)
NIST SP 800-53 R3 AC-6 (2)
NIST SP 800-53 R3 AC-11
NIST SP 800-53 R3 AC-11 (1)
NIST SP 800-53 R3 SA-8
NIST SP 800-53 R3 SC-28
NIST SP 800-53 R3 SI-7
NIST SP 800-53 R3 SI-7 (1)

1.2
6.5.5
11.1
11.2
11.3
11.4
A.1

BITS Shared Assessments SIG v6.0BITS Shared Assessments SIG v5.0GAPP (Aug 2009)

I.2.18

7.2.1
8.1.0
8.1.1
8.2.1
8.2.2
8.2.5
8.2.6

Jericho ForumNERC CIP

Commandment #4
Commandment #5
Commandment #6
Commandment #7
Commandment #8
Commandment #9
Commandment #10
Commandment #11

Array

Consensus Assessments Initiative Questionnaire (CAIQ) Data

Data Governance (DG) | ID #DG-07.1

Do you have controls in place to prevent data leakage or intentional/accidental compromise between tenants in a multi-tenant environment?

Compliance Mapping +-

COBITHIPAAISO27001SP800_53

COBIT 4.1 DS 11.6

A.10.6.2
A.12.5.4

NIST SP800-53 R3 AC-2
NIST SP800-53 R3 AC-3
NIST SP800-53 R3 AC-4
NIST SP800-53 R3 AC-6
NIST SP800-53 R3 AC-11
NIST SP800-53 R3 AU-13
NIST SP800-53 R3 PE-19
NIST SP800-53 R3 SC-28
NIST SP800-53 R3 SA-8
NIST SP800-53 R3 SI-7

FedRAMPPCI_DSSBITSGAPP

PCI DSS v2.0 1.2
PCI DSS v2.0 6.5.5
PCI DSS v2.0 11.1
PCI DSS v2.0 11.2
PCI DSS v2.0 11.3
PCI DSS v2.0 11.4
PCI DSS v2.0 A.1

SIG v6.0: I.2.18

GAPP Ref 7.2.1
GAPP Ref 8.1.0
GAPP Ref 8.1.1
GAPP Ref 8.2.1
GAPP Ref 8.2.2
GAPP Ref 8.2.5
GAPP Ref 8.2.6

Model Applicability +-

SaaSPaaSIaaS
True True True

Scope Applicability +-

SPCUST
True True

Consensus Assessments Initiative Questionnaire (CAIQ) Data

Data Governance (DG) | ID #DG-07.2

Do you have a Data Loss Prevention (DLP) or extrusion prevention solution in place for all systems which interface with your cloud service offering?

Compliance Mapping +-

COBITHIPAAISO27001SP800_53

COBIT 4.1 DS 11.6

A.10.6.2
A.12.5.4

NIST SP800-53 R3 AC-2
NIST SP800-53 R3 AC-3
NIST SP800-53 R3 AC-4
NIST SP800-53 R3 AC-6
NIST SP800-53 R3 AC-11
NIST SP800-53 R3 AU-13
NIST SP800-53 R3 PE-19
NIST SP800-53 R3 SC-28
NIST SP800-53 R3 SA-8
NIST SP800-53 R3 SI-7

FedRAMPPCI_DSSBITSGAPP

PCI DSS v2.0 1.2
PCI DSS v2.0 6.5.5
PCI DSS v2.0 11.1
PCI DSS v2.0 11.2
PCI DSS v2.0 11.3
PCI DSS v2.0 11.4
PCI DSS v2.0 A.1

SIG v6.0: I.2.18

GAPP Ref 7.2.1
GAPP Ref 8.1.0
GAPP Ref 8.1.1
GAPP Ref 8.2.1
GAPP Ref 8.2.2
GAPP Ref 8.2.5
GAPP Ref 8.2.6

Model Applicability +-

SaaSPaaSIaaS
True True True

Scope Applicability +-

SPCUST
True True