DLP tools deliver strong endpoint protection

By Susan Perschke, Network World |  Security, Data Loss Prevention

With Verdasys, we tested the company's cloud-based service. The endpoints have an agent installed and policies are either manually updated on the endpoint or synchronized when connected to the Internet at predefined intervals. The agent installed with an MSI file, but can also be pushed from the console or installed when the endpoint is commissioned. The management console is accessed via a browser-based interface.

Most of the rules behaved as expected and informative error messages were displayed to the user (the product can also be configured to suppress user notifications). When using the Chrome browser and Thunderbird email client we ran into some issues as these are not currently supported natively, but Verdasys engineers assisted with writing custom rules that provided the desired protection.

The Digital Guardian tagging capabilities allowed us to classify a folder as 'Classified' and thus restrict handling of content in this folder. This extends not only to the files themselves, but also any derivative content. This worked well against our attempts to transfer data by copying just a portion of the content to Notepad and trying to save it, or saving a screenshot of the data. Both attempts were blocked successfully.

The Verdays solution provides a lot of granularity when creating rules, but we found this to be a mixed bag. Some of our rules did not behave as expected until we went back and tweaked them. And we found the wizard to be a bit less than intuitive. However, this is probably a training issue. Verdasys requires a week of training compared to the much shorter time we had at our disposal. The rules are created in an XML-style code and we suspect once you become familiar with the tags you can write the rules directly in XML as opposed to going through the wizard every time.

Although Verdasys provides a mobile endpoint protection through an agent that works in conjunction with a mail server such as MS Exchange or Lotus Notes, we were not able to test this solution due to time constraints.

The reporting capabilities are very rich and you can essentially drill down to very detailed information such as which user printed which document at what time.

Pros:

" Hassle-free installation (endpoint agent only - no server install with SaaS version)

" Directory and file 'tagging'

" Excellent monitoring capability

Cons:

" Rule writing wizard needs to be more intuitive

" Policies/rules a bit finicky

" Slow synchronization between agent and server

" Doesn't support Chrome (per Verdasys, support for Chrome will be included in the next product release)

Websense System: Tested Triton Data Security Suite


Originally published on Network World |  Click here to read the original story.
Join us:
Facebook

Twitter

Pinterest

Tumblr

LinkedIn

Google+

Answers - Powered by ITworld

ITworld Answers helps you solve problems and share expertise. Ask a question or take a crack at answering the new questions below.

Ask a Question
randomness