Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Perimeter

11/15/2012
02:10 PM
50%
50%

All Security Technologies Are Not Data Loss Prevention

While security technologies may share the common goal of protecting an organization's sensitive data, not all can -- or should -- be called data loss prevention

I recently read an article that made the following assertion (paraphrased in my words): Every part of an organization's security technology arsenal is, in fact, data loss prevention (DLP). At the very heart of every organization's information security strategy is the blessed data, the object of the safeguarding effort. Any and every security tool or technology that serves to protect that data, therefore, can be deemed DLP.

One example in the article suggests that disk encryption could very well be DLP to an organization with a mobile workforce because both technologies share the objective of data protection. If that logic holds true, then we might as well drop in uninterruptible power supplies and data recovery services to the growing list of DLP products because each one helps protect data. Why not add laptop privacy screen filters and portable hard drives, while we're at it? In fact, let's drop in all 3,009 products once listed on the website of an office supply giant in its innovative "DLP" category.

Of course, I'm being facetious to emphasize my point. The unfortunate reality is the marketplace is flooded with "data loss prevention" tools that wouldn't know sensitive data if it bit them in the power cord. Where should we draw the line?

While all security technologies may share the same objective of protecting an organization's critical data, different tools arrive at that objective from different angles, often using completely different technologies. Those different technologies require unique labels in order to distinguish one technology from another. (Imagine a world where all security technologies were referred to as "data loss prevention.")

Those who share the "all-security-is-DLP" mindset seem to disregard this point, claiming that any security tool can be DLP to one organization, while a different security tool can be data loss prevention to another organization. I agree that DLP often has different meanings to different people.

The problem I have with this approach is: I do not agree this should be the case.

While most of us can agree that data protection is the overarching goal of information security, the reality is very few information security defenses work at the data level. DLP technologies deliver something that other data protection tools do not -- and simply cannot: They monitor the actual data, detecting and preventing the leakage of that sensitive data. What's more, true DLP technologies accomplish this colossal task comprehensively, through deep packet inspection, using a high level of content-awareness across all major leakage vectors: data in motion at the network gateway, data in use at the endpoint and data at rest in storage.

For years, many argued the phrase "data loss prevention" was too broad and did not accurately describe the true benefit of these technologies. I would argue an even more significant problem is the generally accepted notion that data loss prevention is a product, rather than the complete process of safeguarding data. Regardless of how I feel about these arguments, both are now rendered moot. It's too late to turn back the clock. The marketplace has spoken definitively: DLP is the descriptive term for that category of solutions that prevent the leakage of sensitive data.

By accepting and promoting this reality, the marketplace -- and specifically those organizations with data protection needs -- will better understand how to meet requirements with the right tools for the greatest data protection benefit.

Jared Thorkelson is founder and president of DLP Experts, a vendor-agnostic VAR and consulting practice focused exclusively on data protection. He can be reached at [email protected] Jared is president of DLP Experts, a value-added reseller dedicated exclusively to data loss prevention (DLP) and other data protection technologies and services. For over twenty years Jared has held executive level positions with technology firms, with the last six years ... View Full Bio

 

Recommended Reading:

Comment  | 
Print  | 
More Insights
Comments
Threaded  |  Newest First  |  Oldest First
ANON1233964134849
50%
50%
ANON1233964134849,
User Rank: Apprentice
11/16/2012 | 3:39:32 AM
re: All Security Technologies Are Not Data Loss Prevention
Core Technology of DLP - Protection of the Data (regardless of the device or file) - http://www.gtbtechnologies.com...-
COVID-19: Latest Security News & Commentary
Dark Reading Staff 7/13/2020
Omdia Research Launches Page on Dark Reading
Tim Wilson, Editor in Chief, Dark Reading 7/9/2020
Russian Cyber Gang 'Cosmic Lynx' Focuses on Email Fraud
Kelly Sheridan, Staff Editor, Dark Reading,  7/7/2020
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
Special Report: Computing's New Normal, a Dark Reading Perspective
This special report examines how IT security organizations have adapted to the "new normal" of computing and what the long-term effects will be. Read it and get a unique set of perspectives on issues ranging from new threats & vulnerabilities as a result of remote working to how enterprise security strategy will be affected long term.
Flash Poll
The Threat from the Internetand What Your Organization Can Do About It
The Threat from the Internetand What Your Organization Can Do About It
This report describes some of the latest attacks and threats emanating from the Internet, as well as advice and tips on how your organization can mitigate those threats before they affect your business. Download it today!
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-14298
PUBLISHED: 2020-07-13
The version of docker as released for Red Hat Enterprise Linux 7 Extras via RHBA-2020:0053 advisory included an incorrect version of runc missing the fix for CVE-2019-5736, which was previously fixed via RHSA-2019:0304. This issue could allow a malicious or compromised container to compromise the co...
CVE-2020-15050
PUBLISHED: 2020-07-13
An issue was discovered in the Video Extension in Suprema BioStar 2 before 2.8.2. Remote attackers can read arbitrary files from the server via Directory Traversal.
CVE-2020-10987
PUBLISHED: 2020-07-13
The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute arbitrary system commands via the deviceName POST parameter.
CVE-2020-10988
PUBLISHED: 2020-07-13
A hard-coded telnet credential in the tenda_login binary of Tenda AC15 AC1900 version 15.03.05.19 allows unauthenticated remote attackers to start a telnetd service on the device.
CVE-2020-10989
PUBLISHED: 2020-07-13
An XSS issue in the /goform/WifiBasicSet endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers to execute malicious payloads via the WifiName POST parameter.