Preview: McAfee's DLP product stops your host's data leaks

Data leak prevention (or protection) is all about making sure that data doesn't leave your organization without approval - a laudable goal. These days, I spend most of my time trying to convince people of the simple things they can do to prevent data loss, including authentication, encryption, and compartmentalization of sensitive and proprietary data. Unfortunately, there are a variety of ways that data can sti

Unfortunately, there are a variety of ways that data can still sneak out the door unfettered, leaving your organization open to regulatory compliance and legal issues -- not to mention the potential harm to your organization's reputation which can substantially and negatively affect your bottom line.

That being said, I recently took a look at McAfee's newest offering in the desktop DLP space and I'm impressed. Regardless of the method I tried to use to remove data off the host, McAfee DLP stopped me every time.

ss21small.JPG
I tried to take a screenshot of the data I wanted to steal, copy and paste it to other applications, use Web and desktop mail programs to move it, and encrypt the data, among other methods. No success. Short of taking a picture with my camera phone, I couldn't get past the desktop agent monitoring my nefarious activity.

Of course, good data protection requires that you first identify and quantify your sensitive data. McAfee DLP's management console has a number of prebuilt templates that allow sensitive data types (like the nine-digit Social Security number) to be easily locked down so that they don't escape from your enterprise.

While DLP is all about making sure data stays safe and secure, McAfee's product is somewhat limited by its focus on the endpoint. It still leaves data vulnerable in all of its other potentially exposed locations -- since it's host based, it can't protect network, servers, databases, and so on. Nevertheless, McAfee DLP does what it says: it keeps data from leaving the desktop.

While I haven't had a chance to take a look at it, McAfee Data Loss Prevention Gateway is a way to mitigate the shortcomings of the endpoint. The DLP gateway is policy based and can manage endpoint deployments for a more comprehensive data loss prevention solution.

McAfee Data Loss Prevention

Available: Now

Pricing: Approximately $79 per seat

Verdict: Organizations looking to stop the potential or existing loss of critical data need to look at McAfee's host-based DLP solution. While the product does require a desktop agent, this data loss product can protect your enterprise from costly and embarrassing theft and unintentional disclosure. It's a good first step, but remember that desktop lockdown only stops those using your existing endpoints and does nothing to stop data moving out of your organization from other locations and origins.

Copyright © 2007 IDG Communications, Inc.

How to choose a low-code development platform