In January of 2009, we launched a rolling review of enterprise Data Loss Prevention (DLP) solutions to see how well they tackle enterprise data security. Six months and six vendors later we've got interesting results and observations that will help you decide if DLP fits your risk management strategy, and if so, which vendors you should be talking to.
The most significant reason to bring a DLP product into the organization is its enterprise data discovery capabilities. Sensitive information, whether it's customer credit card numbers, next quarter's financial projections or the schematics for a new tech gadget, sits in various file systems, databases and employee laptops across the enterprise.
Traditional security tools have a significant blind spot when it comes to protecting data because they have little visibility into all the places where such information resides. Before you can stop a potentially damaging leak, you have to know where the data are--and that's where DLP shines.
The ability to discover critical information across almost every conceivable data source was a major factor in our testing and grading methodology. We tested each vendor's ability to unearth data such as credit card social security numbers and other personally identifiable information within Office documents, e-mail, PST files, and structured databases.
Three vendors—RSA, Symantec and Code Green—all performed enterprise-wide data discovery. Of those three, our editor's choice goes to both RSA and Symantec. Yes, we're hedging here, but we must. RSA provides rich detail, and a more elegant management interface than Symantec's. It also offers a well-designed dashboard that let us quickly scrutinize various data discovery incidents. However, Symantec gets credit for its ability to perform data discovery against IBM DB2 and Lotus Notes databases, something RSA was unable to do at the time of testing.