DLP (Data Loss Prevention) encompasses technologies and policies that prevent confidential data from leaving the organization in an uncontrolled manner. DLP systems monitor data in three states: at rest (stored), in motion (transmitted), and in use (processed).
Typical functions include detecting credit card numbers in emails, blocking uploads of classified documents to external cloud services, and disabling USB ports. DLP rules rely on content analysis, fingerprinting, regular expressions, and classification labels. An effective DLP program begins with clear data classification — without it, DLP mainly produces false positives.