DOI: https://doi.org/10.36719/2789-6919/56/194-199
Huseyn Aliyev
Azerbaijan Technical University
https://orcid.org/0009-0003-6658-5144
huseynali1119@gmail.com
The Role of Data Classification and DLP Integration in Improving Information Security Policies in Enterprises
Abstract
In parallel with the acceleration of digital transformation processes, the volume, diversity and business value of data in enterprises have increased dramatically. This growth necessitates the management of information resources not only as technological assets, but also as objects with strategic and legal responsibilities. In modern organizations, the rapid movement of data flows between cloud platforms, mobile devices, corporate networks, and third-party services further increases the relevance of risks such as data leaks, unauthorized transfers, and insider threats. Empirical studies show that a significant proportion of data leakage incidents are related to technical gaps, as well as ineffective implementation of policies in the operational environment and the influence of the human factor.
In this context, the integration of Data Classification and Data Loss Prevention (DLP) technologies acts as a promising approach for operationalizing information security policies. While Data Classification provides structured identification of information according to business value and sensitivity level, DLP mechanisms control, block and monitor data flows in accordance with this context. An integrated approach allows security policies to be transformed into risk-based, measurable and auditable mechanisms.
Keywords: Data Classification, DLP, information security policy, risk management, False positive, Metadata