Data Leakage Detection and Prevention: Review and Research Directions

Abstract

Disclosure of confidential data to an unauthorized person, internal or external to the organization is termed as data leakage. It may happen inadvertently or deliberately by a person. Data leakage inflicts huge financial and nonfinancial losses to the organization. Whereas data is a critical asset for an organization, recurrent data leakage incidents create growing concern. This paper defines data leakage detection and prevention system and characterizes it based on different states of data, deployment points and leakage detection approaches. Further, this paper follows a systematic literature review considering a decade of the existing research efforts and makes a critical analysis thereof to highlight the issues and research gaps therein. The paper then proposes important research directions in the field of data leakage detection and prevention. This review helps fellow researchers and interested readers understand the research problem, appreciate the state-of-the-art techniques addressing the research problem, draw attention toward the research challenges and derive motivation for further research in this promising field.