Content Filtering Needs to Marry DLP

Michael Vizard

Historically, there's been a lot of frustration with data loss prevention (DLP). Often due to a lack of context, DLP offerings draw the enmity of end users and IT organizations alike when appropriate messages are blocked simply because they contain some word that in a different context should be blocked.

Of course, the providers of DLP systems argue that over time their systems will learn the appropriate context for the business. But until that happens, a fair amount of frustration can build across the organization.

It's unlikely that, given compliance requirements, DLP offerings are going away anytime soon. But the folks at ContentWatch are making a case that says content filtering is a more effective approach to determining what information should be leaving and entering company systems.

According to Doug Anderson, a product manager for ContentWatch, a provider of Web content filtering and bandwidth management appliances, compliance issues coupled with frustration with DLP is getting a lot of companies to take a second look at approaches that not only dynamically filter content, but do a much better job of understanding the context of that information based on the role of the individual within the organization. The end result, says Anderson, is a more proactive approach to data loss that can also be extended to encrypted data.

The difference in the way ContentWatch approaches content filtering is that its engine relies on a dynamic content analysis engine rather than a simple list of URLs, says Johnson. That engine allows ContentWatch to examine every page of content, even if the content is encrypted, he said.

Content filtering is just one aspect of the suite of security tools that ContentWatch makes available. But as companies look for lower-cost ways of staying compliant with any number of regulations, especially as mobile computing creates more opportunities to be out of compliance, Anderson says there is a new appreciation for content filtering as a natural complement to DLP.

Whether that leads to convergence of content filtering and DLP remains to be seen. But it increasingly seems that this is a case where two technologies together might be more than the sum of their parts.

Add Comment      Leave a comment on this blog post
Feb 11, 2011 4:02 PM Anonymous Anonymous  says:
This article is misleading since all of the leading DLP solutions--Code Green Networks, McAfee, RSA, Symantec, and Websense--provide Content Filtering in their offerings. Content filtering is the base for DLP. Reply
Feb 12, 2011 5:02 AM Anonymous Anonymous  says:
The key to content protection, regardless of the offering, is in the detection engine as well as the protocols covered. Therefore, one should include GTB Technolgies "Content-Aware" Data Loss Prevention suite in their research. Reply
Feb 14, 2011 6:02 PM Ben Ben  says:
Thanks for the great article - I didn't find it misleading. Anyone that has ever tried the DLP solutions listed in the above comment have seen how horrible their "content filtering" (if you can even call it that) is and have usually turned it off. As a user of Net Nanny (the home version of what contentwatch has for businesses) on my own personal home PC, I know their filtering does work and really does complement DLPs, especially those already having "content filtering" inside. Reply
Mar 28, 2011 5:03 PM WC WC  says:
The greatest secret of the industry lies in the accuracy of the detection engine. If a solution has any degree of False Positives in detecting data, then you will never enforce Blocking Policies. You will only Monitor transmissions. In that case, you would be buying a Data Loss Detection System, merely to get reports (hopefully accurate) on what security breaches may have occurred. Most vendors will tell you the system needs "tuning", to get rid of the false positives; once you hear that ... as a colleague posted in another forum "you will find yourself with an expensive toy" Reply
May 4, 2011 9:05 PM James James  says:
Hmm... I've tried filtering in the McAfee and Symantec products. It's garbage. I'll look into Websense and ContentWatch and return/report back if I remember. Reply

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.