Andrew Rose, principal analyst for security and risk at Forrester Research says: "I'm actually pleasantly surprised that 42% of respondents use DLP, my concern would be to what extent they are using the tool to provide real business value," said Rose.
A significant barrier is that DLP needs to have full backing from the board as its introduction will have some disruptive effects on the business. It is likely to incur unforeseen costs and will take time to get it right, said Adrian Wright, vice president of research for ISSA-UK.
"There is also a need to educate staff on policies and appropriate use, so projects need to set realistic timescales and expectations as deploying DLP well, takes considerable time to achieve, he said.
Adopters should not underestimate what it takes to manage DLP operationally, said Wright, as it is likely require a dedicated team -- not just additional responsibilities placed on the security or IT functions.
Download our complete security survey results here.