Data Level Protection and Loss Prevention – the final frontier?

Written By:
Published:
Content Copyright © 2007 Bloor. All Rights Reserved.

It’s always a pleasure when you meet another person or
organisation that appears to “get it” the same way as you do. The
“it” in question this time is data level protection and loss
prevention, a term that brings together encryption with data loss
prevention.

In the Workshare case
Unified Content Protection is the term they use for mobile data
protection with data leak prevention under a common framework.

I wrote about Vontu’s developments in this area recently and it
is evident that the data leak prevention (DLP) market is heating
up. Rumours abound about imminent acquisitions that may further
consolidate the market, and the McAfee acquisition of SafeBoot
further supports the potential for this area as we see the joining
of DLP vendors with endpoint encryption suppliers.

Traditionally (or as near to tradition as IT security ever gets)
DLP operated as a stand alone solution carefully monitoring
networks and endpoints to ensure data was prevented from leaving in
breach of organisational guidelines. A lot of this technology has
progressed over the past few years and we now have some advanced
algorithms that can inspect the type of material a user is trying
to send, even if they try to spoof the system by mixing up some of
the content, and block its onward journey.

The problem with DLP is that no solution can be 100% guaranteed.
It is inevitable that someone somewhere will be able to remove data
from the corporate network and go unnoticed.

The logical move must be to ensure that data is encrypted,
according to centrally managed and locally enforced rules, so that
if it should go missing the data would appear as garbage. This
would also address the issue of data breach notificationif the data
is encrypted then you have nothing to tell.

But is an improved DLP solution, combined with encryption, going
to solve all of your IT security headaches?

Of course not.

Critical to any security strategy must be some firm foundations
including decent polices, a good basic level of IT security and
then probably some advanced security and ID management tools. Have
these in place first and then look at the final frontier of the
moment, which is data level protection and loss prevention.

This is the essence of Workshare Unified Content Protection and
the productProtect version 6, released on 22nd October. By
combining the strengths of Workshare in the DLP market with its own
secure PDF, USB and full disk encryption, partnerships with serious
email encryption players and real-time interaction with business
applications such as Office and Notes, Workshare is able to offer
an interesting attempt to prevent corporate smarts leaving an
organisation.

The fact that both Vontu and Workshare are focused so clearly on
combining data loss prevention with encryption means that end users
are not happy with data loss prevention alone.

I believe we are in for an interesting few months in the data
level protection and loss prevention market placethe latest
frontier.