There are many factors to consider when looking into a DLP solution. Ultimately the goal here is to avoid losing confidential information. The problem is data is everywhere. It is kept in our servers, computers, laptops, mobile devices, removable devices, in the cloud and so on. The truth is a technical solution is not the be-all, end-all because a user can just write out on a piece of paper what they see on the screen. However, a technical solution does go a long way to controlling and securing our information by ten folds.

For a full blown solution, DLP vendors should cover three main areas that are as follows:

- Data at rest or storage (on file servers and database servers, etc),
-Data in motion (data traveling across the network),

-Data on the endpoints or in use (data on laptops and desktops).

A DLP solution should have the ability to discover content, and this not just content on Windows servers and clients, but other OS's like the ones on mobile devices, and be able to read data from complex applications such as databases. It should be able to classify content when in use, at rest or in motion and have built in advanced content matching and data detection techniques such as structured data finger printing and watermark recognition. A DLP solution should be tightly integrated with e-mail and web gateway technologies so that it may be able to stop sensitive data over those channels as well, and be able to encrypt data depending on company policy via a rule set. There are many other factors to take into consideration; the above are a few to get you in the mind set.

Many companies do not invest in full blown DLP solutions, and instead, implement DLP in small steps. For example a company may implement device control to begin with, so that users are not able to copy sensitive data to removable storage devices. However, as the law is taking firm actions against companies that do not demonstrate due care and diligence to protecting sensitive information, many companies have to take DLP seriously depending on the nature of their business.




DLP Solutions & Vendors







Blue Coat is known for its WAN acceleration solutions and also provides web security products & services. Blue Coat's DLP is a network based DLP solution for web and e-mail only.


Celestix is a security vendor and provides a DLP solution where organisations can share sensitive information with users inside or outside the network. Secure Data Exchange provides Information Rights Management, Data Leakage Prevention (DLP) and Managed File Transfer.


Computer Associates (CA) is a vendor providing IT management and security solutions. CA’s DLP product is able to integrate with its IAM and SIEM solutions. The solution can apply DLP on endpoints, email servers, network, databases and in file repositories


Code Green Networks is a dedicated DLP vendor and positions its DLP technology as a powerful solution that is cost effective and easy to deploy.


DeviceLock Endpoint Security Suite is an enterprise class endpoint device control solution. DeviceLock can also be used on mobile devices such as Windows Mobile, iPhone OS or Palm OS.


Fidelis Security Systems is a dedicated DLP vendor. Fidelis XPS (Extrusion Prevention System) is its flagship DLP solution.


GTB Technologies is a dedicated DLP vendor. GTB has a software development kit enabling OEM’s and software vendors to integrate GTB’s content inspection engine with its own solutions.


Lumension that specialises in endpoint security and managing risks has a product known as Lumension Device Control that is able to control which removable devices can connect to your endpoints and can define data control rules so you are able to control data leakage.


Mcafee is a security focussed vendor has a full blown DLP solution that integrates with its gateway products and EPO central management system.


Nogacom is a data protection and governance vendor. Nogacom's NogaLogic Solution provides complete visibility to unstructured data.


Overtis Group delivers a solution that can see, alert and report on sensitive data within an organisation.


Palisade Systems is a specialist DLP vendor with a solution known as PacketSure. PacketSure is positioned more towards small and medium sized businesses and can be installed and deployed using various options.


PixAlert delivers solutions to protect against losing of sensitive data. PixAlert also provides solutions such as monitoring of images being displayed on corporate systems and other data leakage protection solutions.


RSA is a reputable security vendor known for its leading two-factor authentication solution, SecureID, and also offers other products and services. RSA provides a strong DLP solution that is available in three modules known as RSA DLP DataCenter, RSA DLP Network and RSA DLP Endpoint.


Safend provides comprehensive data leakage and protection on the endpoint.


SecureTower looks for sensitive data from channels such as email, web and applications such as Oracle and SQL, external devices such as USB devices and printers and even SSL traffic. Notifications can be sent whenever sensitive data has been detected and daily reports can be generated.


Sentrybay specialises in security and offers a data loss solution through its Enterprise Data Protection Suite.


Sophos is a security vendor with some DLP capabilities built into its central endpoint protection known as data control and device control.


Symantec is a large security and storage vendor well known for its Norton anti-virus software. Symantec offers a complete and granular DLP solution.


Titus is a security vendor with a focus on email, Sharepoint and document based DLP capabilities.


Trend Micro is a security vendor with a range of security solutions including a DLP product offering.


Verdasys is a security vendor dedicated to data protection and offers a DLP solution known as Digital Guardian.


Trustwave is a vendor specialising in data protection and PCI compliance and has a dedicated DLP solution strengthened by acquiring a DLP vendor known as Vericept.


Websense is a leader in Web security. Websense also provide e-mail and data security. Websense DLP solution can be integrated with the web and e-mail solutions all managed from its central management Triton console. Websense DLP is a full blown solution.