Heightened data-loss prevention needs fuel arms race between vendors
Data-loss prevention is rapidly becoming the next big battlefield in IT security.
Innovative start-ups in DLP, such as Reconnex, Orchestria, Vontu, Provilla and Tablus have been swallowed up by McAfee, CA, Symantec, Trend Micro and RSA (the security division of EMC), respectively, though independents such as Fidelis Security Systems remain, in addition to open source. With acquired strength in DLP, the established security vendors are now determined to use DLP in new ways, by integrating it into storage systems, desktop anti-malware suites and more.
Though deploying commercial DLP still is expensive — a $100,000 price tag and up is not unusual — the process of filtering content to spot leaks of data, intentional or otherwise, shows signs of starting to become commoditized.
“There’s a lot of duct tape and glue right now to make this work the way you really want,” says Gartner analyst Eric Ouellet of the sophisticated DLP systems on the market today that can watch for sensitive content and block it, or hand it off for encryption before transmission.
Though fairly new, DLP can work remarkably well in detecting sensitive data and issuing warnings or blocking it. But there’s still often a lot of manual labor in registering content and defining policies. Businesses shouldn’t be jumping into it thinking they can instantly “boil the ocean,” Ouellet cautions. Rather, he says they should focus on four or five big categories of data they want to subject to DLP rules. “You have to train the system until you get comfortable with it.”
But what may be a somewhat arduous and expensive process today could give way to much more commoditization and ease of use within the next two years, Ouellet adds. That’s because security vendors see demand for DLP not just in large organizations, such as the financial institutions and insurance companies where DLP first caught on, often driven by regulatory-compliance concerns, but in any type of business that wants to protect sensitive data.
While Microsoft and Cisco haven’t bought DLP start-ups, they’re partnering with RSA to use RSA’s DLP classification technology. The first fruit of the RSA DLP alliance has been Cisco's just-announced integration of DLP into Cisco IronPort.
“We’ve been an early adopter of a number of RSA technologies,” says Erik Heidt, assistant vice president and manager of information technology at Cincinnati-based Fifth Third Bank, which uses IronPort for gateway e-mail security filtering.
Sign up for ITworld's Daily newsletter
Follow ITworld on Twitter @IT_world
On Twitter now
data loss prevention
Powered by Twitter
jfruh
Apple syncing patent can't come soon enough
pasmith
New Twitter features borrow from 3rd party clients
Esther Schindler
Open Source Changes the Software Acquisition Process
mikelgan
How to set up continuous podcast play on the new iTunes
David Strom
Five important Windows 7 mobility features
sjvn
Guard your Wi-Fi for your own sake
Sandra Henry-Stocker
Grepping on Whole Words
Sidekick: The Good News & the Bad News
Either way you look at it Microsoft Data Center management did not follow standards or best practices in this failure. In which case it makes me wonder more about the outsourcing of corporate data much less personal data.
- mburton325
Join the conversation here
Quick, practical advice for IT pros. Made fresh daily.
Want to cash in on your IT savvy? Send your tip to tips@itworld.com. If we post it, we'll send you a $25 Amazon e-gift card.
