In order to PREVENT data loss, the DLP solution must be sufficiently accurate. Among two types of error (false positives and undetected leaks) the more dangerous error is a false positive. In the enforcement mode, even a small amount (0.1%-0.2%) of false positives can wreak havoc in the organization. Therefore, a DLP solution has to employ detection technology with virtually zero false positives. Another aspect of accuracy is that the DLP system must protect data and not a specific form of its representation. Therefore, the DLP system must be resilient to typical modifications of the data, such as excerpting, embedding, changing file format, re-ordering, re-typing, text re-formatting etc. (Above from www.gtbtechnologies.com )
It is hard to believe that an administrator will ever enforce a blocking policy with a DLP system that has false positives thus yielding a "DLD" system (Data Loss Detection)one that reports what breaches have occurred.
Gartner devotes very little to this important issue. In fact, their grading assigns Accuracy a weight of 15% to the overall product grading. Obviously, they are not in a position to test the products in question and to verify vendor claims. All they can do is to assume.
