Applying data loss prevention (DLP) to devices like PCs and laptops is a natural extension for any organization that’s already identified its critical data and set up policies around that, according to an executive with a Web content filtering software developer.
“It’s really critical to have that layer now in addressing data loss prevention at the end point after you solved some of the network issues and built the policy model that you want,” said Devin Redmond, director of security products group with San Diego, Calif.-based Websense Inc.
While DLP on end points is an emerging market, there is an increasing demand for tools that protect sensitive data residing on those endpoints – be it for proactive or reactive reasons, said Redmond.
Actually, the increasing reliance on DLP tools to manage endpoint technologies is, in part, the push behind Websense Inc.’s preview of its Open Endpoint Initiative that seeks to ensure easy integration with its Content Protection Suite and third-party endpoint security tools, he said.
As part of the initiative, Websense announced a partnership with Scottsdale, Ariz.-based enterprise endpoint security vendor Lumension Security Inc., to address the issue of sensitive data being copied to removable media and storage devices whether on the network or remotely-located.
Customers can use Lumension’s application programming interface (API) to complement whatever end point infrastructure is in place and analyze data and make policy decisions based not just on the device, but on the data itself, he said.
“The real estate on each PC or each desktop can be a pretty challenging thing to deal with for each organization, which typically has patching tools, anti-virus and other applications that may be specific to their environment on the endpoint,” said Redmond.
Websense’s endpoint DLP tool certainly offers customers an alternate method to address data loss, but it may not be the better approach, said James Quin, senior research analyst with London-Ont.-based Info-Tech Research Group.
“Is data leakage protection the right way to go about it or is it simple access controls so people who aren’t supposed to have the privileges to access the data are restricted?” he said, adding the product works as a tool to enforce a policy.
Quin is of the mind that if certain data is prohibited from being saved to a mobile device and removed from the company network, then the person taking the data probably shouldn’t have access to it in the first place.
He added that a data leakage tool may not ultimately protect an enterprise if company executives, for instance, remove data from the network in order to work on it offsite. “The risks should be people who are not supposed to be accessing the data takes it offsite or accesses it across the network when they’re not supposed to.”
Websense targets verticals in which regulated industries are the biggest consumers of endpoint DLP technology, said Redmond, an area which cuts across both large enterprises and small to medium sized businesses.
The company claims the offering will be the most complete endpoint DLP offering available.
Quin is not aware of any rival products to Websense’s offering, but he does think certain factors need to be taken into consideration – namely, the fact that the endpoint DLP arena is nascent and not very broad-based.
There are many caveats around data leakage protection, and “it is a market that is in a tremendous state of flux with ongoing changes in the marketplace on a regular basis,” said Quin. He cites the recent acquisition by Cupertino, Calif.-based Symantec Corp. of San Francisco, Calif.-based DLP vendor Vontu Inc., where Symantec said it recognizes DLP as a growth area and hopes to bolster its presence by buying a vendor with established market share.
However, Quin said he thinks endpoint DLP is definitely a novel niche where Websense can establish a dominant market presence considering the area is a “new but hot and rapidly growing space.”
The company’s partnership with Lumension follows its acquisition earlier this year of Palo Alto, Calif.-based data loss prevention software PortAuthority Technologies Inc.
The company is likely looking to see what it can do to become “the vendor in data loss prevention” now that it’s established a name in Web content filtering, said Quin.
Open Endpoint Initiative is schedule for release in 2008.
