Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Risk

12/27/2010
03:32 PM
Commentary
Commentary
Commentary
50%
50%

Why SMBs Aren't Buying DLP

Cost, complexity, and a dearth of complete solutions limit adoption rates for small and midsize businesses; revamping the architecture and packaging of DLP solutions is key to winning the SMB market.

The third challenge is more telling, and gets us closer to understanding the "fix." Assuming you hurdle the initial cost and complex deployment, there's a good chance you still end up unhappy with your new DLP system. Why? Two reasons: 1) your success relies on the imperfect knowledge of your programmers; and 2) today's DLP systems are incomplete. A DLP solution is simple in practice: you set up a rule with a trigger, and when the trigger is set off the DLP system denies the action. However, most of us are not omniscient and cannot anticipate all the rules that are needed to prevent data leakage. We don't have to look far for a good analogy. A bank wants to avoid money leakage, and thus installs a lock and an alarm on its door, and then cameras that record. Why have the camera if you have locks and an alarm? Because you don't know what you don't know, so if you're system is foiled you want to be able to replay the video tape to see who did it and most important, how they did it. Current DLP systems do not include this "record" functionality and thus provide clients no feedback loop for adjusting rules and, most importantly, no forensics when a breach does occur.

So, in effect, most DLP buyers soon discover that they're taking a shot in the dark and hoping for the best.

The answer to these problems lies in the architecture and the packaging. Let's start with architecture. Current DLP solutions have been designed as network-based systems, which make them expensive to buy, complex to deploy, and blind to anything that occurs outside of the rules set by their human administrators. Further, they're protecting data near its source, not where it's being used, which is where the greatest risk of breach lies. An endpoint DLP solution gives businesses complete visibility and control of the users' behavior since the endpoint is where all the action is. An endpoint agent can allow you to record all computer activity (whether or not a rule is triggered), creating a feedback loop administrators can use to perfect policies over time, as well as providing a play-back feature if and when there is a breach.

Now, the packaging. Delivering the endpoint solution in a Software-as-a-Service (SaaS) model solves the more obvious and easier problems of cost and deployment complexity. With a SaaS solution, businesses effectively eliminate the upfront purchase and deployment costs.

To be sure, protecting data wherever it resides or is in use -- whether in storage, on the network or at the endpoint -- should be a critical objective for any business. But if DLP providers want those 20%-plus growth rates to go on forever, they not only need happy enterprise clients, they ultimately need SMBs to buy the vision. And to make that happen, the endpoint is the place to be.

Brad Miller is CEO of Awareness Technologies.

Previous
2 of 2
Next
Comment  | 
Print  | 
More Insights
Comments
Oldest First  |  Newest First  |  Threaded View
Commentary
Cyberattacks Are Tailored to Employees ... Why Isn't Security Training?
Tim Sadler, CEO and co-founder of Tessian,  6/17/2021
Edge-DRsplash-10-edge-articles
7 Powerful Cybersecurity Skills the Energy Sector Needs Most
Pam Baker, Contributing Writer,  6/22/2021
News
Microsoft Disrupts Large-Scale BEC Campaign Across Web Services
Kelly Sheridan, Staff Editor, Dark Reading,  6/15/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
The State of Cybersecurity Incident Response
In this report learn how enterprises are building their incident response teams and processes, how they research potential compromises, how they respond to new breaches, and what tools and processes they use to remediate problems and improve their cyber defenses for the future.
Flash Poll
How Enterprises are Developing Secure Applications
How Enterprises are Developing Secure Applications
Recent breaches of third-party apps are driving many organizations to think harder about the security of their off-the-shelf software as they continue to move left in secure software development practices.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-18654
PUBLISHED: 2021-06-22
Cross Site Scripting (XSS) in Wuzhi CMS v4.1.0 allows remote attackers to execute arbitrary code via the "Title" parameter in the component "/coreframe/app/guestbook/myissue.php".
CVE-2020-22168
PUBLISHED: 2021-06-22
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\change-emaild.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22169
PUBLISHED: 2021-06-22
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\appointment-history.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22170
PUBLISHED: 2021-06-22
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\get_doctor.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.
CVE-2020-22171
PUBLISHED: 2021-06-22
PHPGurukul Hospital Management System in PHP v4.0 has a SQL injection vulnerability in \hms\registration.php. Remote unauthenticated users can exploit the vulnerability to obtain database sensitive information.