All products on the United States Munitions List (USML) are regulated by ITAR or International Transfer in Arms Regulations. As far as IT goes, any endpoint device carrying information about products on the USML list, including laptops, that can be viewed or handled by foreign nationals, is considered a ‘retransfer’ of ITAR data. This retransfer is subject to legal, and criminal prosecution, up to and including imprisonment. the most likely punitive action is a fine and being forced to do an audit of prevention systems. I’m familiar with fines up to $100 million. Some individuals have been sentenced to decades in prision.
But still, some companies find their IT staff overwhelmed by the prospect of implementation of DLP because the intellectual property is unstructured data. It is true that creation of policy and creating a catalogue of it takes some work. It seems that many expect out-of-the-box policy enforcement to be available for proprietary, unstructured data as well.
The good news is that a full-bodied DLP solution will not only close up channels of leakage and loss, but they’ll also do a discovery of network and endpoint data. After a hash is created from the existing unstructured IP, admins can use the on-solution copy to create policy. That is why discovery is so crucial as a component of DLP