We use cookies to deliver the best possible experience on our website. To learn more, visit our Privacy Policy.
By continuing to use this site, or closing this box, you consent to our use of cookies.

Blog home
Blog post

My First DLP Paper Publishes

By Anton Chuvakin | March 15, 2013 | 2 Comments

securityDLPdataannouncement

My first paper (out of 2) on Data Loss Prevention (DLP) just went up – enjoy “Enterprise Content-Aware DLP Architecture and Operational Practices.” The paper focuses on DLP architecture and operational practices essential for ongoing DLP success.

Quick summary: “Data loss prevention (DLP) has completed its evolution from a niche tool to an important component of broader information-centric security architecture. However, customers are still hard-pressed to realize value from this technology. This guidance document shows a structured approach to deploying and using DLP technology effectively.”

A few highlights from a 50 page document:

  • “The design of a DLP solution must take into account its use cases and related audiences who interact with a DLP. Deployment of a DLP tool should go from one tactical success to another (a "quick-wins" approach) to avoid outright failure due to complexity and organizational politics.”
  • “Unlike network security technology, DLP spans network, endpoint (now including mobile) and enterprise storage (now including cloud storage) technologies and must have the support of business unit personnel for most use cases.”
  • “Looking to do too many things at once with DLP technology will often lead to getting nothing done, while looking to do less will lead to them being done well.”
  • “It is critical to balance information protection goals with organizational ability to execute on them. Consequently, an enterprise’s initial DLP policy should not necessarily be the one that it needs the most but the one that it needs the most based on those that it can actually implement.”
  • “Ongoing DLP operation is centered on a core set of essential processes that must be in place for DLP deployment to succeed in its mission of protecting data. The essential processes include alert triage, security incident response (IR), policy creation, policy tuning and ongoing reporting.” (more details in this blog post)

Enjoy! (sorry, Gartner GTP subscriber access only!)

Somewhat related content:

The Gartner Blog Network provides an opportunity for Gartner analysts to test ideas and move research forward. Because the content posted by Gartner analysts on this site does not undergo our standard editorial review, all comments or opinions expressed hereunder are those of the individual contributors and do not represent the views of Gartner, Inc. or its management.

Comments are closed

2 Comments

  • define identity theft says:

    This is a topic that is near to my heart.
    .. Best wishes! Where are your contact details though?

    March 19, 2013 at 9:09 am
  • Anton Chuvakin says:

    Re:contact Trivially found online 🙂

    March 19, 2013 at 5:05 pm