Data loss prevention (DLP) is a piece of software that can detect data theft. DLP solutions work by monitoring the usage, movement, and storage of sensitive data.

Data is usually considered to have three states:

• in-use
• in-motion
• at-rest

Data in-use is monitored at the endpoints. The data in-motion is checked using network devices. Data at-rest is monitored by monitoring the storage device's databases. As per this data, DLP solutions can comprise the components on network, endpoint, and storage systems that can monitor the data in various states.

DLP solutions are used for the following:

• Data leak prevention 
• Data loss prevention

Data leak and data loss are closely related terms. When we cannot recover the data, we call it data loss. When confidential data reaches unauthorized people, it is called data leak. When the data is encrypted by ransomware, it's sometimes unrecoverable. This can be referred to as data loss. Stealing of data can be considered as data leak.

Data in-use can be leaked at endpoints using  USB, emails, FTP, and so on. Data in-motion can be leaked over the network via emails from employees and network traffic generated by the malware. DLP relies on access-control, that is, who should access which data.