http://www.bloginfosec.com/2008/10/15/how-deep-in-dlp-are-you/ An Information Security Magazine in a Blog Format Mon, 30 Jan 2012 11:01:25 +0000 hourly 1 http://wordpress.org/?v=3.3.1 http://www.bloginfosec.com/2008/10/15/how-deep-in-dlp-are-you/comment-page-1/#comment-20134 Pat Foley Thu, 04 Dec 2008 21:04:55 +0000 http://www.bloginfosec.com/?p=515#comment-20134 Thanks for the feedback. Most companies I've spoken with have never completed an enterprise-wide deployment of a DLP tool, but with the new Massachusetts data leakage law, I imagine organizations will be looking for manageable solutions. Thanks for the feedback. Most companies I’ve spoken with have never completed an enterprise-wide deployment of a DLP tool, but with the new Massachusetts data leakage law, I imagine organizations will be looking for manageable solutions.

]]> http://www.bloginfosec.com/2008/10/15/how-deep-in-dlp-are-you/comment-page-1/#comment-20130 Maven Tue, 02 Dec 2008 00:03:35 +0000 http://www.bloginfosec.com/?p=515#comment-20130 Yes, there is a plethora of "customer data, legal agreements, financial reporting" and so on that needs protection. And trying to block content such as this from leaking out through any number of doors and windows is next to impossible. And not necessarily desirable - sensitive content does need to move in order to meet business requirements. Rather than barring the egress points, it makes much better sense to continuously protect the data, whereever it goes. This approach also offers a simpler, more direct path for "strong data owners" to take control of data they know is sensitive. There is no way that an expensive and complex DLP solution provides the necessary flexibility. Solutions such as those [that create a secure virtual project workspace] don't require a company-wide deployment; they're highly efficient for individual workgroups and departments. Yes, there is a plethora of “customer data, legal agreements, financial reporting” and so on that needs protection. And trying to block content such as this from leaking out through any number of doors and windows is next to impossible. And not necessarily desirable – sensitive content does need to move in order to meet business requirements. Rather than barring the egress points, it makes much better sense to continuously protect the data, whereever it goes. This approach also offers a simpler, more direct path for “strong data owners” to take control of data they know is sensitive. There is no way that an expensive and complex DLP solution provides the necessary flexibility. Solutions such as those [that create a secure virtual project workspace] don’t require a company-wide deployment; they’re highly efficient for individual workgroups and departments.

]]>