- Mythbuster busts his own tale
- 10 open source companies to watch
- Sony recalls 73,000 Vaio laptops
- Tool to evade China's Web censorship
- Chrome and Firefox and add-ons
Newsletters | Podcasts | Chats | Opinions | RSS Feeds | This Week In Print | IT Careers | Community | Reports | Downloads | Slideshows | New Data Center
Partner Sites:App Performance | On Demand Security | Networking Solution | SOA | Value of WDS
 |
Anti-data leakage vendors make bold claims about how far their products can go to protect enterprises from unauthorized information sharing. This irks Nick Selby, head of enterprise security research at The 451 Group, who believes these tools are helpful with some tasks, but far from “the solution.”
Selby declines to use the industry term “data-loss prevention” to describe these products because he believes such words instill a false sense of security. Network World Senior Editor Cara Garretson recently spoke to Selby to find out more about where these tools deliver, and where they fall short.
What are anti-data leakage products good for?
These products are very effective at giving enterprises a great amount of visibility into what’s going out of the building. While that seems like a simple thing, it’s in fact a sea change – the idea that you can now quantify and see who is sending what where is a tremendous advance.
They can do a great deal with stopping stupidity [users sending out sensitive data without realizing it]. Most customers are using these tools in monitor-only mode to reduce the noise and help internal security do its job by removing stupidity, and that’s an extraordinary benefit to businesses.
What’s not so good about these products?
Enterprises don’t know where their unstructured data is, let alone where their sensitive data is. Putting a box at the gateway doesn’t solve the problem, but highlights it. What do you do once you’ve identified what’s going out the door, run around the building hitting people over the head with newspapers?
What’s more, now you’re subjected to litigation problems. Imagine the person who has to answer the plaintiff lawyer’s question `You knew three years ago that this stuff was going out the building and you didn’t do anything about it?’
Some anti-data leakage products say they help customers discover and identify their sensitive data, is that valuable?
The time it takes to classify that data that already exists is such that by the time you’re finished, a new mountain exists. Every day information workers create more unstructured data measured in gigabytes if not terabytes … to keep up with the flow while classifying what’s already been done is a very difficult challenge.
Rss FeedRss Feed
Gartner summarizes its view on Application Delivery Controllers, evaluates strengths and weaknesses...
Vulnerability Management For DummiesDownload this concise book "Vulnerability Management for Dummies," to learn about the simple steps...
The ROI and TCO Benefits of Data Deduplication for Data Protection in the EnterpriseThis paper examines and quantifies the costs and benefits of backup with deduplication storage as...
Life on the edge of your WAN has changed dramatically. With the need to deliver advanced services,...
PoE Plus: Impact on the PoE MarketThe standard for Power over Ethernet (PoE), IEEE Std. 802.3af(tm)-2003, advanced networking,...
Harnessing the power of communications to increase workplace performanceDue to the convergence of IT and telecommunications technologies, the business workplace has been...
We have so many holes punched in our firewalls today that many industry insiders question the value...
The self-managed networkWe aren't there yet, but advances in network and systems management tools are making it possible to...
| NetworkWorld, Inc. | About Network World, Inc. | Advertise | Careers | Contact us | Terms of Service/Privacy | Reprints and links | Partnerships | Press room | Subscribe to NW |
| IDG, Inc. | CIO | Computerworld | CSO | Demo | GamePro | Games.net | IDGconnect.com | IDG World Expo | Infoworld | JavaWorld.com | LinuxWorld.com | MacUser | Macworld | PC World | Playlistmag.com | The Industry Standard | IDG List Services | IDG TechNetwork |
 |
Copyright © 1994-2008 Network World, Inc. All rights reserved. |
Partner Content
Brilliantly simple security and control solutions for email, web and endpoint
www.sophos.com
Stopping data leakage
Learn how to exploit your current security investment to control the information that flows into, through and out of your network.
Download the white paper.
Why detection rates aren't enough
Evaluating endpoint security products is a time-consuming and daunting task. Learn the six critical questions you need to ask prospective vendors to get the right endpoint solution.
Download the white paper.
Applications: taking back control
Employees installing unauthorized applications is a growing threat to business security and productivity. Cost-effectively reduce this threat by integrating control into your malware protection.
Learn more today.
Comment