Beware DLP Quotes without packaged deployment services
Today I met with the third company in as many months that has acquired data loss prevention (DLP) enforcement technologies without also being quoted for professional deployment services. In today’s world of DLP, almost no company should attempt to implement enterprise DLP (network, storage and endpoint) without a professional services engagement. In fact, most DLP vendors require VARs quote deployment services as part of the complete solution to avoid the very problems outlined below.
In one case, the buying company had purchased DLP from a major online technology reseller because they offered the best budget price. By the time the buyer called on us, they were desperate for a solution provider to support the final – and arguably the most critical – stages of implementation. Their reseller had the best price, but couldn’t help beyond basic software installation. The buyer had dropped significant security budget on DLP technology and in the end was left holding a bag with nothing in it to protect critical sensitive data.
In an enterprise DLP deployment, there’s typically much more to do than just install some software. Architecturally speaking, most DLP technologies require multiple servers/software, VMs, and/or appliances be installed and some not-so-trivial integrations with email, proxies, Active Directory, email encryption, and the like. But that’s really only the beginning.
Just as important as getting the hardware and software installed, running and integrated into a network, is putting in place effective policies that make use of all the detection methodologies needed for accurate detection. The last thing any company needs is to deal with an incident any time a random nine-digit number (no, that’s not a social security number!) is detected in an outbound Outlook calendar invite!
Then there’s everything in between: determining what data to protect, where it resides and flows throughout the organization, identifying data owners and members of the incident response team, establishing role-based accounts for each of them, etc.
As you might expect, there’s a bit of magic that goes into every DLP deployment. The kind of magic that only comes from local tribal knowledge after many dedicated years of DLP deployment experience. Some solution providers have that magic. Others do not. The reseller you buy from is just as important as the DLP technologies selected.
And you’d better hope they have some of the magic!