RSA Conference and Data Loss Prevention
So, RSA is just around the corner and like previous years, there are a number of DLP vendors that have nothing at all to do with “data loss prevention,” yet leverage this phrase to describe themselves. With all the hubbub about protecting data, many vendors just want their piece of the DLP pie, regardless of whether their product/s actually perform data loss prevention.
Should this really be a concern or am I making a mountain out of mole hill? Are companies really buying non-DLP technologies, thinking they are deriving DLP benefit? Well, to be sure, buyers of security technologies are some of the smartest out there. And, while most of them can see through the pitch, “Of course, Mr. Customer, this laptop privacy filter will absolutely put an end to your data loss prevention woes,” you might be surprised to know how many buyers acquire technologies that are “almost DLP” or “channel DLP,” not realizing they are incapable of providing the comprehensive levels of protection they should really have.
All too often, an organization determines a specific need and buys to address that need, only to find out at a later date that they started down the wrong path. Case in point is a customer that identified the need to control USB devices on workstations about three years ago. Due to budgetary constraints and a narrow vision of their need, they selected a product limited to device control only, with no content awareness and no forethought to future needs. The vendor they selected cannot address data in motion, data in use and data at rest, meaning they have to ditch this product and select a new one, or be faced with managing disparate solutions.
Had they selected a full suite DLP vendor in the first place, they could have started their project with simple device control (with some additional DLP features thrown in for good measure) and then added data in motion and data at rest at a later date. All without having to pull a vendor and bring another one in.
All this because the original device control vendor they selected pitched their solution as DLP and the customer bought it.
The DLP Buyer’s Guie for RSA Conference Expo 2013 will be available in the coming weeks and will provide a comprehensive view of RSA Expo DLP vendors.