Data Loss Prevention Market Showing MaturityBy Ericka Chickowski | Posted 2008-03-12 Email Print
Where can data loss prevention technology make sense for your company? When defining your long-term risk management strategy. But don't take vendor and analyst words for it: Hear it from the head of risk management at
As the worry of data leaks weigh on the minds of IT executives, data loss prevention tools offer methods to track and monitor movement of data across multiple channels while at rest, in motion and in use. While the data loss prevention (DLP) market only makes up a small $70 million sliver of the overall information security market, they are being heralded as tactical tools to help businesses meet compliance needs and protect intellectual properties.
The buzz around this small but growing niche in security is also building off of what some analysts call a paradigm shift in security.
Last year the major security and storage players like Symantec, McAfee and EMC invested in DLP either through in-house development or acquisitions like the $350-million purchase Symantec made of DLP-leader Vontu last year.
Rather than securing the network perimeter like most traditional products, DLP focuses on the heart of every organization’s information assets: the data itself. This type of focus appeals to many organizations who have begun to concentrate on moving to a more information-centric security model, says Rich Mogull, analyst for the security firm Securosis.
“Both the threat environment has changed and our priorities have changed so that we really need to get into protecting the information itself,” Mogull said. “So that’s where the concept of information centric security comes from. Which is why people are saying ‘Why don't we look at the tools and techniques we need to protect the data and not just protect our networks?’”
But this shift in security philosophy is far from swift and DLP is still largely an emerging technology. The question remains whether DLP will actually play a role in most security programs’ move to the information-centric model or if it will fall by the way of dozens of other security products consumed by their own hype.
Analysts and industry insiders are hopeful for the DLP’s prospects, but they do believe it will need to work through some challenges before it obtains widespread adoption.
“I think it does provide a lot of value but it is still very adolescent in terms of enterprise adoption,” Mogull said. “Its not immature by any means of the imagination, the technology does provide value so its not one of those solutions that you can't make work.”