IronPort was subsequently acquired by Cisco for $830 million in January 2007, and in September, the company introduced onboard DLP and encryption capabilities for e-mail traveling through its anti-spam and anti-spyware appliances.
Vontu's software becomes a traffic cop
At CEC, Gabriel said he uses Vontu's software as a "traffic cop" to determine which e-mails get encrypted by the PGP system and to determine how the messages should be handled by the company's IronPort messaging gateway. An existing partnership between PGP and Vontu had played a role in his decision to invest in the two companies' technologies.
After the aforementioned meeting of the vendors -- largely devoted to designing the company's data flow configuration -- Gabriel said he spent a considerable period of time working out the firm's unique business process and creating related information security policies.
The end result is system where outbound e-mail at CEC moves from Microsoft Exchange into the IronPort appliance, where it is then forwarded to the Vontu system, where the messages are inspected for policy violations using a data-matching technology.
After being fed back into the IronPort system, non-confidential e-mail is distributed, while anything that needs to be encrypted is redirected through PGP's Universal Gateway software before getting sent out.
Meanwhile, anything that fails to meet CEC's data leakage policies is redirected into a special inbox where it can be reviewed by the company's human resources department and, when necessary, forwarded for review to the manager of the employee responsible for sending the e-mail.
"Compared to designing the business process, working with the technology was a breeze, the only sticking point was getting the data flow to work right, which we addressed by getting everyone in a room and staying until it worked," Gabriel said. "Now we're preventing people from attaching the wrong spreadsheet or sending it to the wrong people on a regular basis."
As with the integration of DLP into encryption and e-mail filtering, as well as its ongoing blending with everything from storage systems to networking gear, some users are looking for leakage protection that has hooks into the very applications in which most corporate documents are created, Microsoft's Office productivity suite.
Workshare, a maker of so-called "document integrity software" -- one the many forms of DLP tools -- was recognized by Microsoft in July as one of its top ISVs worldwide.
And while the firm actively pitches its products' abilities to remove "risky data" from Office documents, company executives admit that leakage prevention is only one feature of a broader content management strategy covered by its technologies.
Educating end-users to supplement DLP
John Meakin, group head of information security at Standard Chartered Bank -- a global concern with more than 1,600 branches and 60,000 employees -- said that he chose to buy Workshare's Protect applications to carry out his DLP strategy because of their direct ties into Office.
For DLP to work on a practical and philosophical level, he said, it must be intertwined with other security and information management technologies in such an innate and ubiquitous fashion.