DLP: infrastructure and consulting | InfoWatch

You are here

DLP: infrastructure and consulting

It is no great secret that by now everybody and their mum has DLP solutions as part of their product line: McAfee, Websense, Symantec, Trend Micro, Check Point, BlueCoat, Aladdin and so on. Even companies that have nothing to do with data security per se, such as Microsoft and Cisco, have added DLP products to their line. There are abound that Kaspersky and Oracle are working on their own versions. It would be easier to point out companies that refuse to create their own or quickly buy out a smaller company for a piece of the admittedly small pie.

Still, there are very few companies that focus on DLP solutions as their central product. As soon as they show market viability, they quickly get bought over. After all, Vontu, Provilla and PortAuthority have been “snatched up” by Symantec, Trend Micro and Websense, respectively. The same thing has happened to Tablus, Orchestria and Reconnex. But, in all honesty, it is more likely than not that this was their original plan. After all, they now have a lot more money to work with, as well as a greater client base to sell to.

However, some of these acquisitions do seem odd. According to Gartner’s Magic Quadrant report on Content-Aware Data Loss Protection, the market size is predicted to be around $400 million this year. For comparison, the firewall market revenue size in 2010 is predicted to be around $3.6 billion. And yet, Vontu was bought for $350 million and PortAuthority for $80 million. This shows us that leading IT security companies believe DLP to be serious business and are willing to heavily invest in it. Granted, McAfee were relatively cheap in this regard, shelling out a mere $20 million on Onigma, instead focusing on other areas with their money.

The biggest issue in this case is the misappropriation of DLP’s purpose and methods of integration by the buyers. When a company decides to introduce an antivirus system to their corporate infrastructure, it gets its Computer Guy to deal with it. He picks up a box (whether that box is green and white, black and yellow, red and white or white and orange makes no difference in terms of integration) and installs it on the computer of every user they have. The Computer Guy then sets up a distribution centre from where the antivirus grabs its updates from and lo and behold: the virus problem has been solved.

This is the typical approach of antivirus vendors to their customers, because antivirus software integration mostly depends on the infrastructurebenefit equally from introduction of antiviruses and firewalls without any consulting beforehand. DLP solution, the customer must know what his confidential data is, how it is stored, where it is stored, who has access to it, etc. Most customers have nothing more than a rough idea of how the document flow works within their company, let alone how or why their confidential data is labelled or archived. Integrating a DLP solution without consulting will, at most, stop a few accidental leaks. The client will then get mad about wasting money on such a project and will spread the word that DLP is a waste of resources. As a result, no one is happy, and the technology gets a lot of bad rep from poor implementation.