Vontu 7 covers your end point

Information leak prevention solutions have evolved predictably. First, they identified, and then blocked, sensitive data moving around your networks. Next, the cycle repeated with information resting in data repositories. The latest installment safeguards data at end points. This is especially important for mobile workforces with sensitive files residing on laptops and other portable devices; if the unit is stolen or otherwise compromised, data loss is clearly a major problem.

[ Vontuwas selected for an InfoWorld Technology of the Year award. See the slideshow to view all winners in the security category. ]

When InfoWorld last reviewed Vontu, Version 5 was at the midpoint of this cycle, offering full network coverage and the capability of discovering sensitive information in file systems, database, and e-mail archives. Vontu 6 included data-at-rest protection for these repositories. Now, with the introduction of Vontu Endpoint Monitor (which checks for sensitive data on removable media, USB devices, iPods, external drives, and data downloads), Vontu 7 is a near-total solution for guarding confidential customer and company information.

Other leak-prevention products block at the end point, such as prohibiting files from being copied to external devices. Version 8 will include this feature, according to Vontu. Otherwise, there's enough solidity in Vontu 7 to make it a prime choice for financial institutions, manufacturers, technology companies, and retailers.

Eye on the data prize

Vontu Enforce is the glue of Vontu 7. This server provides centralized policy management, unified reporting of incidents from the five monitoring and prevention modules, automated policy enforcement, and remediation workflow.

Click for larger view.

Key to preventing data loss is accurately detecting confidential data -- the first half of a policy. (The second half is response rules, which I'll discuss further on.) Vontu 7 ships with more than 60 policies; these certainly provide you with an excellent starting point and best practices for setting up your own policies. However, what makes Vontu Enforce so strong is its three types of underlying detection technology and how they can be customized and combined for near-perfect detection performance.

I started testing Vontu 7 at the Vontu Enforce Web console by fingerprinting a text file with 1 million rows of customer names and associated Social Security numbers -- a process called EDM (Exact Data Matching), the first of the three underlying detection technologies. Additionally, I registered content from several SQL Server databases.