Comments on: Is Data Leak Prevention the next “big thing” in security? http://www.infosecpodcast.com/2007/08/is-data-leak-prevention-the-next-big-thing-in-security/ Information Security related news, opinions and ramblings Tue, 12 May 2009 17:22:17 -0600 http://wordpress.org/?v=2.9.1 hourly 1 By: Rob Lewis http://www.infosecpodcast.com/2007/08/is-data-leak-prevention-the-next-big-thing-in-security/comment-page-1/#comment-27919 Rob Lewis Tue, 21 Aug 2007 14:55:30 +0000 http://www.infosecpodcast.com/industry-events/2007/08/is-data-leak-prevention-the-next-big-thing-in-security/#comment-27919 Another article from my file on DLP DLP in Flux http://www.darkreading.com/document.asp?doc_id=128292 Another article from my file on DLP

DLP in Flux
http://www.darkreading.com/document.asp?doc_id=128292

]]> By: Rob Lewis http://www.infosecpodcast.com/2007/08/is-data-leak-prevention-the-next-big-thing-in-security/comment-page-1/#comment-27917 Rob Lewis Mon, 20 Aug 2007 16:53:46 +0000 http://www.infosecpodcast.com/industry-events/2007/08/is-data-leak-prevention-the-next-big-thing-in-security/#comment-27917 Interesting piece on this last month, ehere the writer says: "these solutions address data that is being transferred over the network. They do not address data that walks out via USB, hard copy and a number of other removable media formats. You’re going to have to engineer an architecture that addresses all of the vectors, which will take a lot of time, money and resources" etc. What’s Walking out Your Doors? http://www.enterpriseitplanet.com/security/features/article.php/3690291 Interesting piece on this last month, ehere the writer says:

“these solutions address data that is being transferred over the network. They do not address data that walks out via USB, hard copy and a number of other removable media formats. You’re going to have to engineer an architecture that addresses all of the vectors, which will take a lot of time, money and resources” etc.

What’s Walking out Your Doors?

http://www.enterpriseitplanet.com/security/features/article.php/3690291

]]> By: Chris Harrington http://www.infosecpodcast.com/2007/08/is-data-leak-prevention-the-next-big-thing-in-security/comment-page-1/#comment-27824 Chris Harrington Wed, 15 Aug 2007 03:39:16 +0000 http://www.infosecpodcast.com/industry-events/2007/08/is-data-leak-prevention-the-next-big-thing-in-security/#comment-27824 @ Brad Having been in the NAC space there is definitely more adoption than in conference rooms alone. I think I get what you mean though...the adoption has not been "stellar" in my mind. @ Chris I was thinking in terms of hype / marketing when I say the next big thing. I think you will probably see some IPS vendors jump into the DLP arena if it takes off. Given what signature based IPS products do it's not a huge stretch to be looking for patterns / fingerprints in files....in theory. Most IPS I know would choke if they had to decode / decompress / inspect every attachment that went down the wire. @ Lori I just named some off the top of my head. There are others like Vericept, Provilla, Websense, BigFix, etc. @ Brad
Having been in the NAC space there is definitely more adoption than in conference rooms alone. I think I get what you mean though…the adoption has not been “stellar” in my mind.

@ Chris
I was thinking in terms of hype / marketing when I say the next big thing. I think you will probably see some IPS vendors jump into the DLP arena if it takes off. Given what signature based IPS products do it’s not a huge stretch to be looking for patterns / fingerprints in files….in theory. Most IPS I know would choke if they had to decode / decompress / inspect every attachment that went down the wire.

@ Lori
I just named some off the top of my head. There are others like Vericept, Provilla, Websense, BigFix, etc.

]]> By: lori rush http://www.infosecpodcast.com/2007/08/is-data-leak-prevention-the-next-big-thing-in-security/comment-page-1/#comment-27821 lori rush Wed, 15 Aug 2007 02:55:23 +0000 http://www.infosecpodcast.com/industry-events/2007/08/is-data-leak-prevention-the-next-big-thing-in-security/#comment-27821 What do you think about Vericept? I thought they were a leader in DLP and you did not reference them. I'm curious, because of the consulting I do, I want to be sure to invite all the leading players to opportunities. What do you think about Vericept? I thought they were a leader in DLP and you did not reference them.
I’m curious, because of the consulting I do, I want to be sure to invite all the leading players to opportunities.

]]> By: Christofer Hoff http://www.infosecpodcast.com/2007/08/is-data-leak-prevention-the-next-big-thing-in-security/comment-page-1/#comment-27802 Christofer Hoff Tue, 14 Aug 2007 21:05:57 +0000 http://www.infosecpodcast.com/industry-events/2007/08/is-data-leak-prevention-the-next-big-thing-in-security/#comment-27802 I think what NAC and DLP will *become* closer to being the "next big thing" when they MERGE, but given the absolute car crash that both of these efforts have produced thus far, you'll have to define what you mean by "big" if you speak of them as markets rather than features...IMHO. Or, if by "next big thing" you mean that every freaking journalist who has nothing else to write about except the newest squeaky toy fetish to pounce on like a cat possessed, will continue to hype this imperfect technology...then yes again. IPS vendors that couldn't cut it have become NAC vendors. NAC vendors who can't hack it will add additional content security functionality and claim they are DLP vendors, too...until the next kitchy market namespace comes along... But I'm not opinionated on the topic. I think what NAC and DLP will *become* closer to being the “next big thing” when they MERGE, but given the absolute car crash that both of these efforts have produced thus far, you’ll have to define what you mean by “big” if you speak of them as markets rather than features…IMHO.

Or, if by “next big thing” you mean that every freaking journalist who has nothing else to write about except the newest squeaky toy fetish to pounce on like a cat possessed, will continue to hype this imperfect technology…then yes again.

IPS vendors that couldn’t cut it have become NAC vendors. NAC vendors who can’t hack it will add additional content security functionality and claim they are DLP vendors, too…until the next kitchy market namespace comes along…

But I’m not opinionated on the topic.

]]> By: Brad Walden http://www.infosecpodcast.com/2007/08/is-data-leak-prevention-the-next-big-thing-in-security/comment-page-1/#comment-27794 Brad Walden Tue, 14 Aug 2007 17:26:59 +0000 http://www.infosecpodcast.com/industry-events/2007/08/is-data-leak-prevention-the-next-big-thing-in-security/#comment-27794 I sure hope DLP does not follow in the footsteps of NAC; has anyone adopted that technology in the marketplace besides a box for conference rooms? DLP has much more promise than NAC. I sure hope DLP does not follow in the footsteps of NAC; has anyone adopted that technology in the marketplace besides a box for conference rooms?
DLP has much more promise than NAC.

]]>