Data leak prevention solutions are top of mind for most IT executives and staffs because these products manage risk and help organizations comply with a growing list of regulations. This interest is priming a market that IDC estimates will grow from $194 million in 2007 to almost $435 million by 2009. At the same time, vendors are spawning new technologies — or combining and improving tried-and-true methods — to keep confidential information private.

For the most comprehensive protection, consider products that detect and stop leaks of data at rest (such as information on a file server), data in motion (including e-mail), and data in use (usually local files on a desktop or laptop). PortAuthority (acquired by Websense in January) is an excellent example of this totality; the price you pay is increased complexity, with appliances at network exits along with crawlers or agents running on servers and workstations. However, PortAuthority does an impressive job of centrally managing policies at all points.

Other products we like that cover data in motion and at rest include Vontu, Reconnex iController and iGuard, plus Tablus Content Alarm. (Find reviews of these leak-prevention products here.) Beyond policies that tell the application what type of communications and files to check, each product has a secret recipe that identifies specific data that should stay in-house. Vontu, for instance, keeps a fingerprint of your protected files in memory so it can quickly perform an exact comparison with data it sees on the network. Other solutions have their own artificial intelligence that looks at messages in context to determine if they are safe. A combination of these biometric approaches is ideal, but not common.

Oakley Networks’ CoreView and SureView incorporate network monitoring with agents at end points. Oakley differs from others by emphasizing behavior modification, such as alerting users that although their online shopping isn’t a security risk, it does result in lost productivity.

As for Orchestria, it reduces deployment complexity with the newer agent approach but also has intricate techniques to accurately determine if data is at risk. However, it lacks real-time coverage of all communications channels (such as IM) and currently doesn’t handle data at rest.

One final tip: Remember that less is often more. If you only need to protect documents, for example, digital rights management solutions from Liquid Machines and Sealed Media or Adobe can be effective, lower-cost solutions.