At rival McAfee, which has made less aggressive moves in adding DLP capabilities -- having purchased a smaller vendor, Onigma, in late 2006 and recently buying Safeboot, more of a device encryption specialist -- executives agreed that the complex nature of the data protection tools makes integration crucial to their overall usability.
McAfee executives agree with Symantec's view that there is likely a market for both stand-alone and integrated DLP in the short term, but said that the long-term play favors assimilation into other products -- in particular, more narrow DLP products aimed at protecting only end points, network gateways, or databases will need to be merged with other technologies, said Vimal Solanki, McAfee's senior director of product marketing.
Those DLP products that can offer broader coverage across different systems and many types of data have the best chance of selling on their own going forward, he said.
"The point products that are out there are just features at some point, if they don't have all the pieces, like encryption, they won't meet all the expectations that customers have for DLP," Solanki said. "The key is that the same policies have to apply regardless of the device or the data; vendors have done a good job of marketing individual DLP features, but what we've seen among customers is that unless they can view many areas of risk and manage them with the same policy, DLP becomes a much tougher sell."
Some companies who have already been acquired are already questioning the viability of the DLP space they came from.
"The remaining stand-alones will be very challenged, as DLP is going to be absorbed into all types of networking gear," said Derek Smith, chief executive of Oakley Networks, which was acquired by defense industry giant Raytheon for an undisclosed sum in late September. "I think DLP was probably pretty short-lived as the basis for an entire company, because if all you are doing is putting a box on the network, you're simply deflecting the threat of data loss to another vector that you probably can't see."
However, most people in charge of the 35-odd remaining independent providers of DLP tools argue that in many senses it is the larger vendors who have the most work to do.
It is the core anti-virus tools and spam-filtering products of security companies including McAfee, Symantec, and Trend that are becoming rapidly commoditized, an argument that has hung over the sector for years, said Seth Birnbaum, chief executive of Verdasys, an independent DLP vendor.
The big players are trying desperately to shift from selling those types of legacy products into providing the data protection tools that customers are clamoring for, he said.
"Maybe if we were more of a point provider I'd be worried, but we are winning deals today based on a platform approach that includes everything from data discovery and policy creation right through to encryption, which is what customers are looking for and not many people have been able to offer," said Birnbaum.