Varonis announces strategic partnership with Microsoft to accelerate the secure adoption of Copilot.

Learn more

What is Data Loss Prevention (DLP)? Software and Solutions

Data Loss Prevention (DLP) solutions protect your data from theft, ransomware, and accidental deletion—learn how it works and how to pick the best solution
Michael Buckbee
4 min read
Last updated June 2, 2023

Data Loss Prevention (DLP) software protects data from theft or loss that could cost your company in fines or productivity. DLP solutions cover a wide variety of techniques to protect data – like classification, encryption, monitoring, and policy enforcement. Let’s investigate DLP solutions some more.

If you’re interested in leveling up your IT security, check out our free live security webinars and earn CPE credits along the way.

Don't Get Left Behind: Get Our Free Zero Trust Whitepaper Now

Get a Free Data Risk Assessment

How does DLP work?

DLP is an end-goal, and not a process or procedure. To get to the goal of protecting data from loss you need to know several things about the data you protect.

  • What kind of data do you have? Compliance governed? Intellectual property? Karen from Accounting’s gif collection?
  • Who has access to that data? Who should?

With your data classified and your permissions mapped, you can determine what you need to protect and how you need to protect it. Do you want to spend resources on gifs of cats? Probably not. But your data containing PII, HIPAA, SOX, and IP information you certainly need to protect.

Here are a few ways to protect data from loss.

  • Backups: Lose data? Restore from backup. Problem solved.
  • Encryption: Encryption prevents the person who steals the data from accessing or reading the data. This means your data is still not “lost,” even though it is no longer within your network.
  • Monitoring: Monitoring keeps an eye on your data, so you know if you have an internal or external attack targeting your data.

Check out Varonis CTO Brian Vecci on the “Defense in Depth” podcast to learn more about data protection.

The Importance of Data Loss Prevention

how to use DLP software across your organization

It’s the day of your quarterly announcement, and the disk where your finance team stores all the data dies and you don’t have time to recover it.

A laptop with a spreadsheet of unencrypted PII gets stolen.

Do you agree that you need a DLP process in place now? Awesome.

The Role of DLP in Cybersecurity

DLP is a core discipline in a full-spectrum cybersecurity plan. You have to protect data from loss from ransomware or exfiltration to maintain productivity and prevent data breaches.

What Does DLP Software Protect?

Here are lists of data that you should protect with DLP.

  1. Intellectual Property
  2. Design documents
  3. Project plans
  4. Patent applications
  5. Source code
  6. Process documentation
  7. Corporate Data
  8. Financial records and statements
  9. Employee records
  10. Pricing documents
  11. User logins
  12. Customer Data
  13. End-user logins
  14. Credit card numbers
  15. Social security numbers
  16. Medical data

This is not a comprehensive list. There might be some other kind of data in your business that you should protect with the same vigor. A complete data audit will uncover a treasure trove of data you didn’t know you had to worry about.

What is a Data Loss Prevention Policy?

A data loss prevention policy is the guidelines you set for your organization to promote DLP. Each organization should have a DLP policy in place as part of their overall cybersecurity or data retention policy. One look at the previous list should be enough for you to know why. Companies store huge amounts of ever-increasing data. Some of that data is protected by laws. Some of that data is worth billions of dollars in potential revenue. A DLP policy will help you protect that data.

Considerations to Pick the Best DLP Solution

Questions to ask DLP software providers

Here are some things to consider when you compare DLP solutions:

  • Does the solution cover your primary data stores?
  • Is there endpoint, server, and cloud coverage?
  • Does the solution provide classification, or can the solution take input from 3rd party classification systems?
  • Do you need to protect structured data, unstructured data, or both?

Questions to Ask a DLP Software Provider:

  1. Do you have technology partnerships with [structured and/or unstructured data vendors]?
  2. What technologies do you use to support Windows? NFS? Linux?
  3. What kind of encryption technology do you support?
  4. Does your solution promote privacy-by-design principles? (i.e., what risk if any do you introduce)
  5. How long does your solution take to deploy, and how long until our data is protected?

What Sets Varonis DLP Solutions Apart From the Rest

Varonis as a DLP solution

Varonis provides the core functionality you need to protect your most sensitive data differently than the rest and achieve Zero Trust maturity. You can use Varonis as your core data security platform and cover many of the standard DLP workflows while taking advantage of other functionality like advanced threat detection and response capability.


  • Maps and discovers where your data is exposed by excessive permissions.
  • Classifies sensitive data like PII, PHI, HIPAA, SOX, GDPR and allows for custom classification rules as well
  • Creates baselines of individual user behavior patterns, so you know who is accessing what data when
  • Fixes over-permissive folder access and reduces the base risk to your sensitive data
  • Puts data owners in charge of their data, and builds a process to audit access to that data
  • Monitors data activity on-premises, in the cloud, and email with additional context from AD, VPN, DNS, and web proxies to alert and detect any abnormal behaviors

Varonis monitoring and threat modeling uncovered two brand new cyberattacks this year. That’s the kind of capability you want protecting your data.

Data Loss Prevention FAQ

Below are some commonly asked questions about data loss prevention.

Q: What is the difference between DLP and “DLP Endpoint?”

A: When you hear “DLP Endpoint,” it means that there is an agent running on a computer that is managing some aspects of DLP for that computer.

Q: If I have DLP Endpoint, why do I need to worry about DLP for the file servers?

A: 100% of your file traffic doesn’t happen on Endpoints anymore. There are cloud servers, remote processes, and many other possible avenues for traffic to completely bypass the Endpoint. Not to mention that an attacker can log directly into a file server and exfiltrate data if they need it.

Q: Are there any known security limitations with DLP?

A: DLP only tracks file movement and doesn’t include context beyond files. A classic example is a large folder migration. A user moves a large folder into a new folder, which triggers a DLP alert. This might be benign and normal behavior, but the DLP didn’t know that the user is a regular user of this data and hasn’t had any signs of compromise or abnormal AD behaviors. It just knows that a bunch of files got moved. DLP doesn’t have any insight into user behavior patterns or abnormal logins.

Q: When our users create data, the DLP asks them to classify the file, isn’t that good enough?

A: Do you trust your users to know all of the possible classification implications of the data they create? Me neither. It’s best to have the file scanned by an engine that has all the rules enabled.

Q: Is Varonis a DLP?

A: Varonis does have some DLP capabilities, like data monitoring and alerting on abnormal behaviors, classification, archival, and quarantine. You should start with Varonis at the core of your data security plan, and add functionality around it to fill in any gaps, like an Endpoint DLP solution.

Check out one of the Varonis Live Cyber Attack Demos, where we show you a real attack scenario and show you how Varonis detects that scenario and see the Varonis difference for yourself.

What you should do now

Below are three ways we can help you begin your journey to reducing data risk at your company:

  1. Schedule a demo session with us, where we can show you around, answer your questions, and help you see if Varonis is right for you.
  2. Download our free report and learn the risks associated with SaaS data exposure.
  3. Share this blog post with someone you know who'd enjoy reading it. Share it with them via email, LinkedIn, Reddit, or Facebook.

Try Varonis free.

Get a detailed data risk report based on your company’s data.
Deploys in minutes.

Keep reading

Varonis tackles hundreds of use cases, making it the ultimate platform to stop data breaches and ensure compliance.

DSPM Buyer's Guide: How To Choose a DSPM Solution
Understand the different types of DSPM solutions, avoid common pitfalls, and ask questions to ensure you purchase a data security solution that meets your unique requirements.
DSPM vs. CSPM Solutions: Bridging Data and Cloud Security With Varonis
Explore the essential roles of DSPM and CSPM solutions, and see how Varonis uniquely enables you to bridge the gap between cloud and data security. 
Using Power Automate for Covert Data Exfiltration in Microsoft 365
How threat actors can use Microsoft Power Automate to automate data exfiltration, C2 communication, lateral movement, and evade DLP solutions.
10 Tips to Pay Back Your Salesforce Technical Debt
Learn best practices for managing and analyzing permissions in Salesforce and how the need for quick solutions can put your organizations data at risk.