Professional Documents
Culture Documents
Gartner only considers a product to be offering content-aware DLP if the technology is able to look at the data itself
Gartner, the industry research firm, the use of content-aware DLP is being driven by four factors: regulatory compliance; risk management; the need to protect intellectual property; and evidentiary support, or the need to be able to answer queries in civil or criminal law cases.
Security is largely automated and hidden from the user, so its not something they have to think about every time they need to do something
Keith Lester
DLP Catalysts
There is another, higher-level trend that is prompting organizations to look again at DLP, suggests Steve Jones, global head of master data management at Capgemini, the IT consultants. Growing data volumes are making it harder for organizations to police the transmission and use of their data through policies alone. There is more and more information available, and it is easier to store so there is more information that can leak, he warns.
19
SPOTLIGHT
director of IT at Wedbush Securities, a Los Angeles-based financial investment bank and brokerage. There are a lot of loopholes and a number of ways an employee could circumvent the system. But the market is maturing and there are more solutions available to monitor [activity]. But Tornyi stresses that DLP is just one layer in the firms security technology, along with conventional perimeter security measures, policies, and education. DLP is one of those things you can enforce through policies. Making sure employees follow those policies is more of a technology solution, he suggests.
When an organization develops its information architecture, it should do so in a way that minimizes the risk of data loss
Extensive marketing efforts on behalf of security vendors have also accelerated the adoption of data loss prevention technologies.
With the larger anti-malware and general IT security companies such as Symantec and Sophos as well as specialists such as Websense and even network hardware vendor Cisco, which is active in DLP, firms are better able to buy the technology as part of a suite of applications from a single vendor.
Terms related to DLP get overused in marketing messages. Vendors reference any capability that can address the loss of data with DLP-related terminology, warns Paul Proctor, a vice president at Gartner and role service director for risk management. He adds that Gartner only considers a product to be offering content-aware DLP if the technology is able to look at the data itself. By no means can all products labeled as DLP do this today. The participation of the larger vendors is, nevertheless, evidence of the growing maturity of the DLP market. Three or four years ago, DLP was largely confined to specific, niche solutions of varying effectiveness. DLP, being a fairly new technology, is still fairly immature, says Mattias Tornyi,
A Marketing Tool
But there is also a danger that DLP could be over-hyped, with disparate technologies including network traffic monitoring, access and identity management, and encryption all being labeled as DLP. Gartner, for example, describes DLP as a hot market.
20
SPOTLIGHT
JULY/AUGUST 2011
SPOTLIGHT
data management. When an organization develops its information architecture, it should do that in a way that minimizes the risk of data loss, says Capgeminis Steve Jones. Building data loss prevention into an overall information management plan can also help organizations reduce their risks and their compliance costs by restricting access to, or the archiving of, sensitive data (See box: British Waterways). To do so effectively, organizations need to develop a deeper understanding of the data they gather and hold and its sensitivity says Mike Gabriel, director of the data protection practice at security consultants Integralis. The perimeter model, which was effective in the mainframe era, and even extended into the PC era, no longer holds
DLP is one of those things you can enforce through policies. Making sure employees follow these policies is more of a technology solution
as we enter the cloud [computing] age, he says. There is no perimeter that works, because data moves so much. Instead, encryption and access management tools that understand users roles and locations will be needed to protect specific pieces of data.
Facing Reality
The difficulty for enterprises, however, lies in applying such technologies to ever-larger volumes of sensitive data. According to Sean Sutton, a specialist in data loss prevention in the security practice at Deloitte, an approach based on education and policy alone will struggle to scale up to handle data growth, so organizations need to deploy technology.
The technology itself, nonetheless, still needs to develop to the point where it is effective, and cheap enough, to deploy across the enterprise. For now, then, a blend of policy and the selective use of DLP technology is more practical. If you deploy data loss prevention around the perimeter, at least you have a better idea of what is leaving your organization, Sutton says. Organizations have a better ability to monitor what is leaving, and so can take a more focused, risk-based approach. But it may be that only some parts of a business need those more granular DLP technologies, and that addresses the scalability issue.
21