FINAL WORD
• Comply with Regulations: Compliance
has long been and remains a primary
driver of DLP demand. Starting
more than 15 years ago, regulatory
requirements mandated controls for
handling sensitive data and helped drive
a surge of ‘checkbox DLP’ purchases by
large, compliance-bound enterprises.
Heavily regulated industries, such as
financial services, retail, government and
healthcare, tend to invest most in DLP
when compliance is the primary objective.
• Protect Intellectual Property:
Forrester Research makes the case for
IP protection as the top DLP objective
as compared to securing personal
cardholder information (PCI), personal
health information (PHI) or personally
identifiable information (PII). The loss
of IP can result in a permanent loss of
competitive advantage. IP tends to skew
towards unstructured data. DLP tools
must be trained to understand which
unstructured information constitutes
your organisation’s critical IP, meaning
the solution must be able to discern
unstructured data’s content and context.
• Business Partner Compliance: The
globalisation of the supply chain means
that manufacturers of goods and services
rely on global relationships to deliver value
to their customers. To facilitate this an
unimpeded data flow is needed, often
this stream contains sensitive data. Global
relationships require an unimpeded data
flow, necessitating robust data protection.
Step 2: Determine the architecture
With your data protection objective defined
there are four primary DLP deployment
architectures, and a growing number of
organisations are leveraging a mix to cover
their evolving business.
• Endpoint DLP: Endpoint DLP relies
primarily on purpose-built software
agents that live on endpoints: laptops,
desktops, servers and any device that runs
on Microsoft Windows, Linux or Apple
OS X. The agent delivers visibility and, if
desired, control over data. Deployment
involves installing the agent on machines
where protections are desired. No agent
means no coverage.
• Network DLP: Often referred to as
agentless DLP, Network DLP delivers
visibility and control of traffic that
96
INTELLIGENTCIO
does sensitive information move? How could
your data be lost, compromised or abused?
Compare these insights with how perception
differs from reality. The benefits of this are
two-fold. For one, these discussions provide
you with the details needed to create a
strategic data protection plan and secondly,
it will make business leaders aware of
the programme and begin the process of
gaining buy-in from critical constituencies.
When it comes down to actually selecting a
vendor, make sure you:
Thomas Fischer, Global Security Advocate,
Digital Guardian
passes across the network. A physical or
virtual machine inspects all traffic, such
as mail, web, IM and can then enforce
data policies. Deployment is either via a
physical appliance or a virtual machine
that then configures network traffic to
pass through for the inspection.
• Discovery DLP: Discovery DLP proactively
scans your network, including laptops,
servers, file shares and databases to
deliver a comprehensive analysis of where
sensitive data resides on all these devices.
To perform the data discovery some
solutions require an agent to also be
installed on the machine being scanned.
• Cloud DLP: Cloud DLP, much like
Discovery DLP, scans storage repositories
and delivers an accurate picture of where
sensitive data lives, though as its name
suggests Cloud DLP focuses on your data
that lives in the cloud. Cloud DLP relies on
an API (Application Program Interface)
to connect with the cloud storage service
(Box, OneDrive, etc.) and then scans
the content. Cloud DLP sees data as it is
being put into the cloud and can perform
a cloud storage audit or remediation.
Step 3: Selecting a vendor
Before reaching out to vendors, engage
business leaders informally on what data
exists and how it’s used. What pockets of
information exist in your business? Who
uses the data, who shouldn’t use it? How
1. Research initial vendor set: Hundreds
of vendors offer some form of data
protection. I recommend identifying
and applying a set of filters to narrow
down your organisation’s choices. One
common filter is identifying whether the
vendor supports all of your operating
environments. Another guide used by
many organisations is the Gartner Magic
Quadrant report for Enterprise DLP.
Peer research is a valuable source of
information as well.
2. Reach out to vendors with a plan:
After you create the short list, it is time
to contact the vendors. Have a list of
use cases or critical business needs. This
process can be as structured as you need it
to be to satisfy your internal organisation.
3. Consolidate responses: Gather the key
stakeholders and seek to build consensus
around which vendors have the best
ability to solve your problems.
4. Narrow choices down to two vendors:
Based on RFP scores or rankings, you
should be able to eliminate all but two
vendors that can be engaged for onsite
presentation and risk assessment.
5. Conduct pilot tests: Request pilots from
both vendors or from a single finalist as
selected from onsite meetings.
6. Select, negotiate, purchase: After pilot
testing has concluded, take the results
to the full selection team and begin
negotiating with your top choice.
If you are business manager who values the
data you own, demand a DLP solution. If you
lead IT security, make DLP a priority initiative
for 2018. n
www.intelligentcio.com