Written by Jeromie Jackson Published on Thursday, 02 April 2009 18:56 Last updated on Thursday, 02 April 2009 19:11
Data Loss Prevention
If you read the Gartner reports or the Forrester waves you'll find that Data Loss Prevention (DLP) is a very hot topic, even in the economic downturn. There are a pile of vendors clamoring to get a piece of the DLP pie. McAfee, Trend, Websense, Symantec, and several others are actively placing product.
Two Major Types
The two major plays are either end-point or network based DLP. In an end-point play file shares and systems can be scoured to identify potential leak points. This can be done via a centralized scanning engine that reaches out to the end-point, or can also be an agent-based solution. With a network-based tool the device generally hangs off a span or tap port and listens for violations traversing the wire. This is great technology to mitigate DLP issues which traverse border firewalls/devices.
McAfee has both a network & an endpoint solution with their two acquisitions. One thing that stands out about the McAfee solution is having both the end-point agent and a network-based component. The benefit to the agent solution is that the DLP solution moves wherever the device goes. If sensitive data is brought on a laptop to a hotel and an attempt is made to export the data security restrictions remain in tact. With non-agent technology this nefarious activity would go unnoticed.
Due Diligence & Due Care
Data Loss Prevention provides visibility into traffic like no other technology has in the past. Scouring network streams and hard disks for sensitive information being improperly stored or transmitted has previously been very difficult. Data can also be tagged and security controls can be applied to limit the ways in which the data can be used. Now organization's have gained the ability to understand what is flowing through their network pipes.
With transparency bring a steward's/custodian's due diligence & due care. Due diligence is the act of doing what any prudent steward or custodian would do. Due care is once issues have been identified that response is appropriate. Should you decide to purchase DLP technology be ready to see a lot of new issues and be prepared to respond appropriately. Installing one of these devices generally causes several gasps as people begin to identify the vast amount of sensitive information is stored and transmitted inappropriately. Make sure to plan the integration to include initial incident plans- work with TIG bring the experience and to ensure smooth implementation.
