DLP Shortcomings Equals Security Services Opportunities

By Lawrence Walsh  |  Print this article Print


Desktop-as-a-Service Designed for Any Cloud ? Nutanix Frame

A defender of data loss prevention technology says the state-of-the-art products are more than capable of detecting contextual information. Just how it’s done is a combination of technology, planning and policy management - and that’s where solution providers can play a role in advancing DLP adoption.

Just how good is contemporary data loss prevention (DLP) technology? Can it do more than identify and stop the release of Social Security and credit card numbers?

On Friday, I wrote about how DLP "probably" couldn’t have prevented the security breach that resulted in the authorized disclosure of more than two dozen Congressional lawmakers under suspicion or investigation for ethics violations.

My contention: DLP is improving, but remains a relatively immature technology that is good at identifying, intercepting and blocking known data set such as Social Security numbers, but not so good at identifying unclassified or unknown contextual data. In the case of the Congressional leak, I said that DLP would have a hard time recognizing and distinguishing "Maxine Waters" in routine correspondence from "Maxine Waters" in sensitive investigation materials.

I was called on the carpet by Kevin Rowney, founder of Symantec’s data loss prevention division and founder of Vontu, the company Symantec acquired to get into the DLP business. He called my analysis lacking in "basic fact checking" and representing of DLP prior to 2001. While I said the Achilles heel of DLP is the same that stymied previous attempts at data leak prevention—user driven classification of data when storing and transmitting—Rowney counted by saying that such DLP solutions represent "bottom-of-the-barrel vendor solutions."

"New advanced algorithms detection algorithm (many of them pioneered by Vontu) [sic] have made many of the types of breach you talk about above a quite solvable problem. They have high accuracy, low false positives, and don't require pre-classification," he wrote on the Secure Channel blog.

In a rousing debate, Rowney went on to explain DLP solutions—particularly those offered by Symantec—are able to detect contextual data and how the contemporary methodology could have prevented the congressional ethics probe data leak.

> DLP Shortcomings Equals Security Services Opportunities
> Congressional Ethics Leak Demonstrates DLP Shortcomings


Lawrence Walsh Lawrence Walsh is editor of Baseline magazine, overseeing print and online editorial content and the strategic direction of the publication. He is also a regular columnist for Ziff Davis Enterprise's Channel Insider. Mr. Walsh is well versed in IT technology and issues, and he is an expert in IT security technologies and policies, managed services, business intelligence software and IT reseller channels. An award-winning journalist, Mr. Walsh has served as editor of CMP Technology's VARBusiness and GovernmentVAR magazines, and TechTarget's Information Security magazine. He has written hundreds of articles, analyses and commentaries on the development of reseller businesses, the IT marketplace and managed services, as well as information security policy, strategy and technology. Prior to his magazine career, Mr. Walsh was a newspaper editor and reporter, having held editorial positions at the Boston Globe, MetroWest Daily News, Brockton Enterprise and Community Newspaper Company.

Submit a Comment

Loading Comments...