Risk
12/27/2010
03:32 PM
Commentary
Commentary
Commentary
Connect Directly
RSS
E-Mail
50%
50%

Why SMBs Aren't Buying DLP

Cost, complexity, and a dearth of complete solutions limit adoption rates for small and midsize businesses; revamping the architecture and packaging of DLP solutions is key to winning the SMB market.

Much has been written about the rapid growth of the Data Leakage Prevention (DLP) market. According to Gartner, the DLP market has grown at more than 80% annually since 2006, hitting $300mm in 2009. That's a mighty growth rate by any standard, and growth in excess of 20% is expected to continue for the foreseeable future. But the sales expectations may be a red herring. That same vaunted Analyst firm has also recently written that DLP is becoming, in effect, very expensive shelfware for the enterprises that have driven its rapid growth. And small and medium businesses (SMBs), which are needed to sustain DLP's growth as they follow the early corporate adopters, aren't buying at rates that would be expected for such a critical application as data protection.

The "shelfware" conclusion is puzzling at first glance -- the large businesses who have bought DLP solutions typically have the IT expertise and endless resources to tackle major deployments. They've solved much bigger problems, such as ERP systems for example. And if it's true that enterprises are having trouble figuring out DLP, it is even more difficult to imagine how SMBs will ever adopt this same technology.

The "fix" for this emerging problem is, thankfully, staring us right in the face. But to understand the fix its first important to put the challenges to DLP adoption into focus. There are three, and until solved they will continue to limit the growth of new buyers -- especially SMBs -- while also frustrating new clients into not completing deployment:

1. Excessive costs to purchase and deploy

2. Complexity of deployment

3. Lack of complete solution provided by current DLP offerings

The first two are obvious enough. Cost is almost always the first and largest hindrance to technology adoption, and since DLP was initially developed for large enterprises managing tremendous amounts of sensitive data, it's no surprise that the technology is built to a high standard and comes with an equally high price tag. For businesses that can rationalize the purchase -- think enterprises with many seats to spread the per-user cost -- the next challenge becomes complexity of deployment. Inserting a large device into the corporate network and then connecting every PC and server in the network to that device for the purpose of approving or denying outbound emails, saving data to removable media or printing is quite a task -- one that requires many expensive hours to set up, fine tune, and then administer. This complexity challenge is at the heart of Gartner's "shelfware" assertion.

Previous
1 of 2
Next
Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Cartoon
Current Issue
Dark Reading Must Reads - September 25, 2014
Dark Reading's new Must Reads is a compendium of our best recent coverage of identity and access management. Learn about access control in the age of HTML5, how to improve authentication, why Active Directory is dead, and more.
Flash Poll
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2012-5619
Published: 2014-09-29
The Sleuth Kit (TSK) 4.0.1 does not properly handle "." (dotfile) file system entries in FAT file systems and other file systems for which . is not a reserved name, which allows local users to hide activities it more difficult to conduct forensics activities, as demonstrated by Flame.

CVE-2012-5621
Published: 2014-09-29
lib/engine/components/opal/opal-call.cpp in ekiga before 4.0.0 allows remote attackers to cause a denial of service (crash) via an OPAL connection with a party name that contains invalid UTF-8 strings.

CVE-2012-6107
Published: 2014-09-29
Apache Axis2/C does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.

CVE-2012-6110
Published: 2014-09-29
bcron-exec in bcron before 0.10 does not close file descriptors associated with temporary files when running a cron job, which allows local users to modify job files and send spam messages by accessing an open file descriptor.

CVE-2013-1874
Published: 2014-09-29
Untrusted search path vulnerability in csi in Chicken before 4.8.2 allows local users to execute arbitrary code via a Trojan horse .csirc in the current working directory.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
In our next Dark Reading Radio broadcast, we’ll take a close look at some of the latest research and practices in application security.