An employee sitting in a cubicle can do serious damage using the business tools IT provides, including e-mail, FTP, instant messaging, and Web 2.0 applications. IT can turn the tables with network DLP capabilities to assist in risk-mitigation efforts. Through integration with ICAP proxies, network DLP appliances can interrogate the content of data streams before they exit the LAN. Using custom or predefined policies, a network DLP product can determine whether a certain communication should be logged, blocked, or audited.
On the network DLP side, we concluded that Symantec's DLP 9 came to the table with a more robust offering than RSA and Code Green Networks in several key areas. For one, Symantec supports the most instant messaging clients. For another, its policies work offline, whereas RSA's agent, for example, could apply policy only if connected to the corporate LAN.
In addition, Symantec's monitoring and enforcement capabilities are available both in an appliance and as software, allowing for more flexibility of deployment.
DLP On The Move
There's good reason that DLP is a hot topic. These tools can fill some gaping data-centric security holes for organizations that need to protect sensitive information and intellectual property. Insider threats and government and industry regulatory requirements are driving new installations at a rapid pace.
Of course, DLP requires an investment in defining protection policies and managing the tools. It's not a set-and-forget technology, so be prepared to devote administrator resources to monitoring and responding to alerts, conducting regular data discovery scans, and keeping fingerprints updated.
Organizations can take a measured approach to DLP deployment by focusing on one area of immediate concern, be it discovery, the network, or endpoints. Many vendors offer their products as components, so you can buy à la carte and scale up if and when your requirements evolve.
While we're technically wrapping up our Rolling Review, we're not shutting down the DLP labs. Gear from other players is arriving at our door, so stay tuned for future reviews.
(click image for larger view)
Randy George ([email protected]) is an industry analyst covering security and infrastructure topics.