It's Reglitory!
Protects EU residents' personal data, requiring data breach detection and notification.
GDPR (General Data Protection Regulation)
This term describes the unauthorized transfer of data from within an organization to an external destination.
Data Exfiltration
This acronym refers to information that can be used to uniquely identify an individual, such as a Social Security number.
PII (Personally Identifiable Information)
This mode allows a user to send sensitive data but requires them to provide a business justification first.
User Override
This app that specializes in short-form videos gets its name from the sound of a clock.
TikTok
Protects sensitive patient health information from being disclosed without consent, and establishing standards for electronic health records and facilitating insurance portability.
HIPPA (Health Insurance Portability and Accountability Act)
This is the practice of tricking people into giving up sensitive information through emails or phone calls
Social Engineering
This type of DLP monitors data being moved from a computer to a USB drive or printed.
Endpoint DLP
This method involves replacing sensitive data with a non-sensitive "placeholder" that has no exploitable value.
Tokenization
ByteDance was founded in 2012 by this Chinese entrepreneur.
Zhang Yiming
Ensures the secure handling of credit card data, often requiring encryption of sensitive data in transit or at rest.
PCI DSS (Payment Card Industry Data Security Standard)
Where attackers impersonate reputable individuals or organizations to trick victims into revealing sensitive information
Phishing
In DLP, this is the process of scrambling data so it is unreadable without a specific key.
Encryption
DLP systems use this technique to identify sensitive files by comparing them to a "fingerprint" of the original.
Exact Data Matching
In 2017, ByteDance acquired this lip-syncing app, which was later merged into TikTok.
Grants California residents increased control over their data, including the rights to correct information, limit the use of "sensitive personal information," and opt-out of sharing data for targeted advertising.
(CCPA) California Consumer Privacy Act
Information technology systems, software, hardware, or services used within an organization without explicit approval, oversight, or knowledge of the central IT department
Shadow IT
This proactive strategy involves monitoring user behavior to flag "unusual" activities before a breach occurs.
User and Entity Behavior Analytics (UEBA)
This type of DLP monitors and protects data as it moves through corporate email and web gateways.
Network
In 2024, US federal law necessitated a, requiring ByteDance to reduce its ownership stake in the US entity to this percentage.
19.9%
Restricts data collection from children under 13.
COPPA (Children’s Online Privacy Protection Act)
Refers to a security risk that originates from a person within the organization, like an employee.
Insider Threat
This common DLP technique uses specific patterns (like a 16-digit credit card number) to identify sensitive data.
Pattern Matching
This is the term for scanning data that is stored in "the cloud," such as in OneDrive, SharePoint, or AWS.
Data-at-Rest
Pioneered by TikTok, these quick, vertical, engaging clips typically ranging from 15 to 60 seconds,
Short Videos