I have looked into the DLP scenario's and various solutions. I have not found a single solution which covers more than 75% of the DLP, may be my expectations are higher.Many of my vendor's used to tell me that I will have to use multiple solutions, still the reach did not go beyond 90%
The following are the areas I need protection, can anyone suggest solutions?
- Removable Media - I have zeroed down to a product from Checkpoint for the endpoint security, which gives fairly good protection from data leakage through endpoints. I have not (yet) found a mechanism for automating the installation and reporting of the same on all the client machines. I expected a mechanism similar to the one in most, if not all, of the anti-virus solutions
- Internet - The Secure computing webwasher is a pretty good tool, a key solution I liked is the possibility of stoping the internet uploads, by user, groups and some other parameters. This may be the same in the competing products. I have tested another product named webmarshal, which did not have this feature. Now in Internet, how do we stop posting to a text area, such as a blog? can someone do text analysis and stop the content being posted?
- EMail - I have seen many tools with text analysis capabilities with options to block and quarantine the messages, what about data which is altered? Can the system still read the logic? For example an excel sheet where the numbers are replaced with alphabets like acbd for 1324.
- What about corporate web mails? Many of the companies allow access to the corporate email through a webmail server such as in MS Exchange (Outlook web access). One can save data including large files in a draft email and download it from home. How can this be protected?
- What about the mobile computing devices such as laptops, Blackberry etc? If they connect to networks outside the corporate network, how much impact will the corporate policies have on these devices?
