A company recently experienced several security breaches that resulted in confidential data being infiltrated form the network. The forensic investigation revealed that the data breaches were caused by an insider accessing files that resided in shared folders who then encrypted the data and sent it to contacts via third party email. Management is concerned that other employees may also be sending confidential files outside of the company to the same organization. Management has requested that the IT department implement a solution that will allow them to:
Track access and sue of files marked confidential, provide documentation that can be sued for investigations, prevent employees from sending confidential data via secure third party email, identify other employees that may be involved in these activities.
Which of the following would be the best choice to implement to meet the above requirements?
A. Web content filtering capable of inspe4cting and logging SSL traffic used by third party webmail providers
B. Full disk encryption on all computers with centralized event logging and monitoring enabled
C. Host based firewalls with real time monitoring and logging enabled
D. Agent-based DLP software with correlations and logging enabled