Many folks have had the unpleasant experience of forwarding a long e-mail string to a third party, only to realize seconds after hitting the send button that one of the messages early in the exchange said something nasty about the new recipient. The next day or so are spent hoping that the recipient doesn't decide to scroll back to the beginning of the string.
This is a good example of how electronic communications, in which messages fly back and forth quickly and in great number, can lead to mistakes. It also is true that just about anything that the individual has access to can be attached and sent outside the organization's physical and electronic walls. Inadvertently insulting someone is humiliating, but sending an attachment with sensitive data to an unauthorized person can be costly and even illegal.
Enter data-loss prevention (DLP), a rapidly growing family of security software that focuses on making sure that what shouldn't be sent isn't. Internetnews.com offers a nice roundup, pegged to the first product release from a recently acquired DLP provider. Last month, the story says, Symantec paid $350 million for DLP provider Vontu. The story says that in a one-month period, McAfee acquired SafeBoot and Trend Micro took control of Provilla.
Provilla's LeakProof 3.0 -- now rebranded by Trend Micro -- is being released Monday. According to the vendor, the product has a broad ability to identify information that is going off network -- in an e-mail, a portable storage device or though other means -- and alert the IT department if it is a possible problem. The individual sending the information is flagged in a message written by the company. The software also has the ability to encrypt outgoing data.
There is no shortage of news in the DLP sector. Verdasys said Monday that OKI Electric, a telecom manufacturer in Japan, will use its Digital Guardian software. The benefits are the ability to meet regulatory obligations by securing data across desktops, laptops, mobile devices, USB drives, corporate file systems and any other networked computer device operated by employees or suppliers, vendors and others with whom it is electronically connected.
Last week, Vontu said that global risk-mitigation provider First Advantage Corp. will use its software. The release reads much like Verdasys'. It says First Advantage and its other customers will be able to centrally manage the movement of confidential data across the enterprise and more efficiently fulfill regulatory obligations. Its software covers USB drives, CD-ROMs, iPods, local drives and other data destinations. Communication channels covered include e-mail, instant messaging, Web transmissions, file transfer protocol (FTP) and others.
In September, Orchestria unveiled its Multi-Layed Defense product. The company says that product uses network, server, client, import and archive agents to control files including those encrypted, password-protected, internal, in offline laptops, in storage repositories, in mobile storage devices or elsewhere. The company says that not all of these venues were covered by first-generation approaches. Any implication that this demarcation between first- and second- generation products means Orchestria is ahead of the other players would clearly be up for debate with other vendors.
This Q&A with Richard Stone, vice president of marketing for Credant, doesn't mention DLP by name. He discusses the need for such an approach, however. The key, he says, is to identify places from which data escapes an organization. The job isn't as daunting as it seems: There may be thousands of different types of end points connected to an organization in a breathtaking number of ways. The key is that there are points through which the data must pass to get out. It is possible to set up safeguards at these points, and DLP software clearly should be a big part of such an effort.
The DLP software sector will grow as organizations find that it impossible to defend every possible way in which data leaves an organization. Products that offer passive protection -- the ability to guard the gates by default -- will become more central to their security strategies. DLP software, by automatically looking at everything leaving the organization, will be a big part of that effort.