BACKGROUND IMAGE: iSTOCK/GETTY IMAGES
Data leakage protection tools -- also referred to as data loss protection and prevention tools -- aim to stop users from sending sensitive or critical company data outside the corporate network. In a recent SearchCIO webcast, Nemertes Research CEO Johna Till Johnson explained why data leakage protection tools should be on every organization's must-have list.
[Data leakage, or data loss protection, tools] monitor structured and unstructured data to ensure that information is only viewed by and modified by individuals with appropriate access rights.
One thing to keep in mind is that DLP is often built in as a function to other solutions. There are a handful of user behavioral analytics tools that include DLP. There are also various flavors of endpoint protection tools that include DLP. So, you don't necessarily have to buy a DLP product, although there may be advantages to doing that. But you do definitely want it as a capability.
Why you need it? Well, to prevent hacks, such as the Sony attack in 2014, yes. And frankly, compliance is a huge driver for DLP, because you really want to understand who's touched anything, who's moved it and have a full-history track record for any document that exists in your organization.
Who makes it? Again, a whole slew of vendors. Varonis is one that's actually interesting, because they zero in on this space in a way that some of the other folks don't, but all of these guys do have capabilities in this area.
You're going to see this, as I mentioned, more tightly integrated into -- and in some cases, part of -- user behavioral analytics tools, security event and incident management tools, and other tools. In fact, I'd venture to say that DLP starts to become a feature of certain other product categories long term. But it's not yet. It's headed there now.