No Summer Vacation for DLP

Carl Weinschenk

Just the name data loss prevention (DLP) almost guaranteed that the category would get attention. It's a great name. After all, what is better than stopping vital information from exiting the enterprise?


That's a bit facetious, of course. Catchy name or not, the technology, which focuses on tools to prevent the seepage of information out of an organization, has to deliver. Apparently it is, since two major players made DLP acquisitions during the past few weeks. An information-packed site, DLP In Depth, launched last month and is highly recommended for tutorials and to follow news in this sector. It pegs key providers as ArcSight, Blue Coat, Reconnex, Trend Micro and Utimaco.


That listing will soon need an edit. On the last day of July, McAfee said that it will acquire Reconnex in a $46 million deal that is expected to close during the third quarter. The story notes that last year, Symantec bought Vontu, Trend Micro took the reins of Provilla and EMC captured Tablus. The juxtapositions of all those names -- well-known companies acquiring those that few people have heard of -- is par for the course. As startups and small players prove both themselves and the categories they are in, they are courted and sometimes integrated by the larger players. This is the way of the world, both in security and elsewhere, and it seems to be happening in DLP.


The piece says that the Reconnex deal is McAfee's effort to round out its line, which includes encryption that came with SafeBoot and central management from ePolicy Orchestrator. McAfee CEO Dave DeWalt said that DLP is important, but today's approaches take too long to deploy and produce results. That's the kind of strength the big vendors bring to the table.


Three days earlier, Sophos said that it will buy Utimaco, a German DLP firm. This IT-Director commentary says that Utimaco focuses on encryption as well, is well respected and did well in a series of Bloor Research tests, though no details are provided. The writer says Sophos moved late on DLP, and that the recent spate of acquisitions suggests that the real battle will be in execution -- a sentiment that dovetails nicely with DeWalt's comment.


Deployment of DLP and related technologies pays benefits. During the past year, according to an Aberdeen Group study published in June, companies considered best-in-class suffered 27 percent fewer data losses from trusted users and 92 percent fewer from malicious outsiders compared to the industry average. The key, the report says, is to focus on the data itself. Focusing on the ways in which it can exit the organization is not prudent, since these conduits are proliferating. Successful companies, the report says, use a combination of network- and endpoint-based approaches.


It is an active area. For instance, last month Trend Micro upgraded its cloud-based DLP offering for SMBs and Orchestria unveiled FastStart DLP, a platform aimed at seamless DLP deployment. Fidelis Security Systems, which uses the same acronym as other DLP players but switches the term "loss" to "leakage," this week introduced the XPS Scout. The company claims that the Scout is the first comprehensive portable network data leakage detection application expressly for audit, assessment and incident response teams.

Add Comment      Leave a comment on this blog post
Aug 28, 2008 2:32 AM ckensek ckensek  says:
Interesting comment that the piece says that " the Reconnex deal is McAfees effort to round out its line", given that McAfee offered a DLP solution prior to its acquisition of Reconnex (though Gartner seemed to give Reconnex a more preferred position in its Magic Quadrant. It'll be interesting to see whether (a) purchasing Reconnex results in more rapid adoption of DLP by McAfee customers (b) what McAfee does with the Reconnex brand name (c) will Reconnex's technology be purchased more quickly as a result of the acquisition? The acquisition seems to support the below that innovation comes from smaller companies.Now if only the pundits could agree whether DLP stands for Data Loss Prevention or Data Leak Prevention. Reply

Post a comment





(Maximum characters: 1200). You have 1200 characters left.



Subscribe to our Newsletters

Sign up now and get the best business technology insights direct to your inbox.