So many customers are struggling with the content identification and policy formulation elements of DLP (data loss prevention) that vendor Reconnex has launched a new appliance designed to help companies manage that work.
Reconnex officials admit that many potential customers of its DLP technologies are holding off on buying based on challenges they face in getting a grip on just how their data is being used, by whom, and how those interactions affect their overall business processes.
In many other cases, the company said, customers that have already purchased DLP technologies are taking as long as several years to engage the products' enforcement mechanisms because they are so worried about the potential for interrupting crucial business operations.
Understanding the scope and usage of their data and then creating and tuning the rules needed to detect and govern its use has become such an onerous process in and of itself that it is slowing the overall DLP market, Reconnex executives said.
By launching an appliance that promises to allow companies to address those aspects of their data security projects before they jump headlong into DLP, at a significantly lower cost, the company contends that it is creating a new market niche while removing obstacles to further adoption of its data leakage technologies.
"Customers were telling us that they're not ready for DLP because they don't know the data context and they can't create rules if they don't understand where they are in this process, so that's why we built the technology," said Faizel Lakhani, vice president of products and marketing at Reconnex. "DLP vendors don't want to talk about this problem because it is a major impediment to the market in general, but this is the biggest challenge around this technology, and we thought this was the best way to help people move forward."
Sold for $20,000, a fraction of the $200,000 that Lakhani estimated as the cost of a typical enterprise DLP installation, the appliance, dubbed Data Loss Profiler, specifically promises to automatically index and classify all content leaving a customer's network, allowing users to get a better grasp on how their information is being handled.
By looking closely at all the network interactions transpiring across a customer's systems, the vendor said, the product allows users to more rapidly figure out how and where they need to enforce and improve data security policies.
In mapping the context within which their data is living and being transmitted, Lakhani said, companies can figure out quickly whether they even need a more robust DLP system altogether.
One of the biggest problems with DLP technologies is that the pre-set enforcement rules integrated into the products can be hard to match up with customers' real world data processes, he said.
"Every organization has data leakage problems, but they all have unique data issues. The struggle is that even when they buy DLP, they don't have people to sit around all the time and tune the enforcement rules," Lakhani said. "Customers have been asking us, 'Why should we spend the time and money to deploy DLP without knowing specifically what it can do?' -- we think this product answers that question in a straightforward turnkey model."