Users: Integration key to real world DLP

If security industry sources prove correct and Symantec is busy putting the finishing touches on a deal to acquire data leakage prevention specialist Vontu, the acquisition will undoubtedly lead to further integration of DLP technology with many other forms of IT security agents.

The Symantec-Vontu deal notwithstanding, industry analysts currently count slightly fewer than 40 different vendors currently pitching some form of DLP tools.

With IT industry giants ranging from security specialists Symantec and rival McAfee to networking giant Cisco and storage market leader EMC already blending different flavors of DLP into their products, experts contend that the trend toward consolidation of the applications with other technologies, at least from a vendor perspective, is certain to continue.

According to existing users of the content protection systems, the ongoing trend toward the marriage of DLP technologies with other critical IT platforms mirrors the need to link the tools tightly together with other security systems to allow them to have their intended effect.

For the process, also known as information leakage prevention, to work on a practical level, users of the tools say, the strategy -- and the technologies used to carry it out -- must be embedded throughout other IT management systems.

"Beyond protection of our student and employee information, we want to stay out of the papers, that's the biggest motivator. The real issue isn't so much addressing malicious intent, but rather it's more about preventing inadvertent data misuse, that's the core of the problem," said Michael Gabriel, corporate information security officer for Career Education Corporation, a publicly-held operator of more than 75 professional training schools encompassing 90,000 students.

Tasked with creating the decade-old company's information security infrastructure from scratch in 2004 to prepare for its initial Sarbanes-Oxley audits, Gabriel said that it become immediately clear that for any of the technologies he would invest in to pass the tests, they would need to work together in almost seamless fashion.

"One of the things I learned right away was that if you are going to rely on end-users to play a role in protecting the company, you are not going to have a very good result when it comes to DLP, or content filtering, or e-mail encryption," Gabriel said.

"Selecting the various technologies was the easy part, but to make it work, I had to get all the providers together in one room; that was the only way we were going to make the whole thing work," he said.

The reason he selected Vontu's Network Data Monitoring and Prevention software over products from rivals like Verdasys, Vericept, and PortAuthority -- which was subsequently purchased by filtering specialists WebSense for $90 million in 2006 -- was based on the knowledge that it could be tied efficiently together with e-mail encryption software made by PGP and gateway monitoring applications made by IronPort, Gabriel said.