Network Computing is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

InformationWeek Analytics: Data Loss Prevention: Page 2 of 2

Stop That Data!
As expected, when we asked what, exactly, our poll respondents are most concerned about protecting, the overwhelming majority cited the type of information you can be fined for losing, including consumer credit card and Social Security numbers. We also asked respondents to rank a list of seven DLP product capabilities from most to least important. Given that e-mail is of the greatest concern as a leakage vector, we weren't surprised to see content security, defined as the ability to scan e-mail and attachments for content that violates policy and take action as necessary, ranked No. 1.

Does this mean that data centers worldwide will begin to implement National Security Agency-like wiretaps of all corporate communications? Of course not, but to the degree that technology allows organizations to manage their exposure to leaks and minimize the risk of lawsuit, you can bet that the insurance policy that is network DLP will continue to gain popularity.

The top questions then become: What's the best way to cost-justify DLP in a tight budget season? And what's the best way to implement such protection at the e-mail gateway so as not to interrupt operations with thousands of false positives?

We cover ways to minimize help desk calls in our full report. In terms of ROI, data discovery--the ability to crawl data sources, including file shares, e-mail databases, and endpoint hard disks, for information deemed vital for corporate and customer security--is a windfall for IT shops with stringent security needs, lots of e-discovery requests, and strict compliance requirements.

However you make the budget case, enterprises that lay the groundwork now for increased government intervention will be ahead of the game. Our strategy for tackling DLP, developed while working on our InformationWeek Rolling Review of DLP systems (four tested, two to go), can help.

Get the full-length
Analytics Report at:
dataprotection.informationweek.com

We've found that successful DLP programs have a few common traits: They cut across a wide range of disciplines. They enjoy support from the very top of the organization. And they employ not just technology but firm usage policies and procedures that are enforceable, understandable, and accepted by all parties. A multitiered approach to protecting key data and systems ties together a number of big-picture technologies, which we'll also discuss in depth.

Randy George has 13 years of experience in enterprise IT as a senior-level systems analyst and network engineer.

chart: The Compliance Effect: How does compliance affect your decision to buy or consider a comprehensive data loss prevention product?