Enterprise Data Protection – A Reality Today?
Enterprise Data Protection is an umbrella term used to
describe the coming together of data leak prevention technologies with
encryption (often referred to as data loss prevention) technologies.
The reason for the coming together of two different
security technologies is the natural synergy they share. By stopping data leaks
in the first instance an organisation will achieve a high level of protection,
but accepting that no organisation can ever prevent all data from leaking it
makes sense to secure sensitive data further using encryption.
This combined approach delivers a comprehensive, robust
and practical response to the data loss problem.
The first Bullseye report covering 43 vendors in the
Enterprise Data Protection domain has just been released in time for InfoSec
Europe, being held in London this week. Vendors covered in the report include:
| Microsoft | Vericept | GuardianEdge | PGP |
| Adobe | Tablus | Workshare | CheckPoint (Pointsec) |
| Lumension Security | McAfee | Vontu | Utimaco |
| BeCrypt | Decru(NetApp) | Tumbleweed Communications | Cisco (Ironport and PostX) |
| Cryptzon | Verdasys | Centennial Software | Websense |
| Entrust | Voltage Security | Reconnex | Credant Technologies |
| Fidelis Security Systems | DESLock | Blue Coat | BigFix |
| Promisec | TrendMicro/Provilla | Code Green Networks | GTB Technologies |
| F-Secure | ProofPoint | GFI | Vormetric |
| Aladdin | Intrusion | Orchestria | Mobile Armor |
| Dekart | 3BView | CryptoForge |
For the purposes of this Bullseye report an ideal but
mythical Enterprise Data Protection product has been created by the Bullseye
committee combining the best known features of data leak and data encryption
products. This “perfect product” does not currently exist, instead it
represents a vision of what could be developed in the future. A list of
attributes has then been created from this “perfect product” that has enabled
the Bullseye committee, formed in support of this project, to review current
vendors and their products against such a perfect benchmark using an open
methodology.
The relative scores of the vendors and their products,
measured against the “perfect product” have been turned into the Bullseye
landscape diagram.
To ensure this report is relevant and useful today two other diagrams produce a similar view but of the data encryption and data
leak prevention vendors with products available now. These vendors and products
were compared to each other rather than a “perfect product” to produce two easy
to use landscape diagrams.
In practice the Enterprise Data Protection domain has
been proven as a desirable objective for vendors as they seek partnerships and
acquisitions to compliment their own solutions in this area. New and emerging Digital Rights Management
products continue to cross over into what was considered the data loss
prevention market place at the same time
as data encryption vendors look at ways of complimenting their products.
End user organisations need to be reviewing their data
loss and encryption strategies as a matter of urgency to prevent expensive and
reputation damaging incidents. This needs to be approached from a strategic
viewpoint so that best use is made of budgets, personnel and systems.
Having Enterprise Data Protection as an objective is a
worthy goal for any organisation. Is it real today? Take a look at the full report on www.bloorresearch.com and make your own mind up.