Try for free
    15.06.2012

    Tailoring courses by DLP developers

    Sooner or later many companies come to understanding the need for reliable protection of their information. One of the effective ways to protect your data is to deploy a DLP system in your corporate network. Usually this decision is motivated by the following reasons: Data Loss Prevention software ensure sustainable protection of confidential information and compliance with regulatory requirements.

    But just like an expensive business suit, a DLP system must be a perfect fit. Therefore it is necessary to have a preliminary try-on of the software to see how it fits your network and your needs. Such a try-on will be the deployment of a pilot project. It is not until the customer puts on a brand-new suit and sees how neat the whole ensemble looks, that he will appreciate all elegance and quality of the new outfit. And even though any DLP (Data Loss Prevention or Data Leakage Prevention) vendor will claim safety and compliance of their products, only a high-quality DLP system can make a perfect fit. In addition to the core functionality for data protection the customer will obtain supplementary advantages, not evident at first sight.

    On the basis of questionnaires filled out by companies that use SecureTower system, Falcongaze Company Analytical Department decided to describe additional possibilities that become available to customers when employing DLP functionality. Besides, based on the experience of the company’s specialists, it was decided to figure out common issues faced by companies when implementing data protection solutions.

    Speaking of additional possibilities unfolded before DLP system users, almost all specialists polled by Falcongaze Analytical Department noted that the supplementary features of the data protection system turned out to be of no less use than the core functionality of the product.

    «The staff works more effectively»

    The majority of companies noted that after a DLP system was deployed and the personnel were duly notified of that, their work became far more fruitful. As observed by many users, a DLP system is a kind of an invisible hand that gently pushes employees to devote more time to their direct responsibilities and be less distracted by job-unrelated activities.

    «HR managers got a cool instrument»

    Also a lot of companies noted that DLP functionality appeared very useful for Human Resources managers. HR executives of many companies said that SecureTower system helped improve the social climate, and also reveal disloyal people and groups who had a bad influence on the atmosphere of trust and often broke up the business process.

    «It's convenient to have all business correspondence close at hand»

    Many of those polled said that the DLP system proves to be very useful in case it is needed to quickly review business correspondence with a certain party or find an important previously sent document. Due to the fact that the best data security systems intercept all traffic and are able to store it for indefinitely long time, the search for necessary files became much faster and easier. Moreover, security officers confirmed that the system drastically reduced the time needed for investigation of incidents involving potential data loss.

     

    «Spambot detected»

    Sometimes even the developers themselves do not realize the full potential of their product, specifically, the areas of its application. Some companies pointed out that SecureTower helped them detect computers heavily generating malicious spam. It is just like the same old story of a well-known caffeine-rich sparkling beverage: a would-have-been medicine ended up as an extremely popular soft drink.

    However, multiple advantages of DLP systems can sometimes be accompanied by certain difficulties turning into a serious sticking point, if not taken care of in good time. Below Falcongaze specialists list most widespread issues encountered at the stage of preparation to the deployment of a data leakage protection system.

     

    «DLP is fine but costs a pretty penny»

    The stereotype of a DLP system being a close relative of an antivirus application has struck roots in the minds of many business owners. Sometimes this attitude prevents them from seeing the point: a DLP system is a complex instrument that serves for economic protection of the company. This is why the opinion that a Data Loss Prevention solution should cost like a simple antivirus is absolutely wrong. And although a misleading assertion about DLP systems being overpriced can be heard quite often, in fact, there are no two solutions alike and prices for DLP can be very reasonable, let alone the possible cost of data leakage.

    «We want DLP, but have no possibility to manage it»

    One more aspect appealed to by several companies are obstacles arising from lack of preparation to running a DLP system, namely, there is sometimes simply no employee or department dealing with information security in the company. Actually, there is nothing fatal about this. The right person can almost always be found, though this situation can delay the implementation of a data protection system.

    «It is not nice to snoop on employees»

    Another counterargument is the ethical side of the issue. Some companies refuse DLP systems emphasizing that they trust their employees and do not want to spy on them. On the one hand, this posture may seem noble and laudable, but, as it has been mentioned many times, a large portion of data leak incidents occur unintentionally, and a mere presence of a DLP system does not oblige one to read personal chats of secretary Jane with a programmer Mike. Besides, information protection systems are not originally designed for peeping at employees, but for controlling data flows and identifying security issues, so comparing DLP with an unscrupulous spy is like thinking that top-grade suits are only worn by mobsters.

    «Those DLP systems are not so effective»

    It is a popular belief that all existing DLP systems are inefficient and unable to protect a company from sensitive information leakage. Most often, this statement can be heard where there is a lack of understanding of how data security systems work. But, nevertheless, it is very difficult, if not impossible, to outvoice someone who thinks this way, so it is better to just demonstrate how the system works in practice. After all, there haven’t been invented anything more effective than a clear demonstration. However, it is equally wrong to insist that a DLP system is an ultimate cure for all problems of the company. Any DLP product is first and foremost a tool which can level up the information and economic security of a business provided that it is set up and used properly and a due set of organizational arrangements is introduced within the company.

    «We will have to reorganize the whole network to secure the data»

    As is the case with the DLP prices, many companies are misled to think that the implementation of the system will require restructuring of the entire corporate network. In fact, a high-quality solution will work in any environment without the need to replace all equipment, and easily integrate into the existing infrastructure. Therefore, the worries about inevitable and total overhaul of the local network for information security purposes are absolutely groundless.

    If the developer cares about his customers and truly respects and appreciates them, just like a good tailor he will not force them to throw away their whole stock of clothes in favor of a single new outfit.

    You can endlessly weigh all "pros" and "cons" or get carried away in theoretical disputes over any emerging issue. But instead of lengthy speculations it is better to come boldly to the tailor’s shop, push the door and just ask for a suit that will fit.

    Important publications

    The SecureTower DLP system

    • Protection against data leaks caused by employees
    • Control of employees' work on computers
    • Identification of potentially dangerous employees (risk analysis)