Data loss controls are designed to prevent data from being exfiltrated from the organization. These are many different controls that can be put in place to reduce data loss, there are policies and procedures, as well as technical controls. Policies and procedures can specify how data is handled, where and how it is stored, and other controls, such as limiting access. Technical controls may include everything from outbound firewall rules to dedicated data loss prevention (DLP) devices on the network. DLP devices look for certain patterns of information and, based on those patterns and the destination, may stop the network connection.
Data loss represents a serious concern for most organizations. The data may be their intellectual property (IP), information that would give advantage to another organization, or information about their customers or users, which is protected by law. They want to know what steps are being taken to minimize the chance of loss of that information.
It is expected that your organization has a robust, mature system of data loss controls. It is usually expected that there are technical devices or means at the edge of the network preventing certain types of data from leaving the network. Furthermore, it is also expected that there are policies in place protecting sensitive or customer data. These policies should include; not storing data on removable media or laptops, media encryption, fine-grained access control to the data, and media disposal properties.