DLP not the security silver bullet

Vendors views on DLP gathered at a recent MicroScope roundtable indicate resellers need to change the pitch on data loss prevention

Customer confusion around what can be delivered by data loss prevention (DLP) technology is leading to some vendors to advise resellers to reconsider the way they pitch the technology.

One of the main concerns seems to be around the belief some customers have that DLP is an answer in its own right rather than part of a wider security solution, with vendors at a recent MicroScope roundtable calling for a different approach in both selling and delivering the technology.

"The problem with DLP is everyone is thinking it's a great technology and a silo in its own right but it is not. It is part of a layered approach. You need to think about DLP, application control, botnet control as a holistic solution," said Terry Greer-King, UK managing director at CheckPoint.

He added that DLP needed to be deployed as part of a wider security solution: "The problem is everyone has been selling it as if it is the holy grail on its own."

Matthew Robinson, sales and marketing director at Kaspersky, said that the problem was the term DLP and it would help the industry if the phrase was avoided as the customer still had work to do deciding what information needed to be encrypted and which rules should be set and the technology was not the sole answer.

Others believed that a DLP solution should be pitched as one more associated with a wider business intelligence pitch rather than just a tick in the security box.

"DLP is more about business intelligence. They are dealing with lumps of information and how do they know what's in the data," said Warren Constable, technical account manager at Qualys.

"If [business intelligence has been deployed] then DLP has more chance pf success, but often business intelligence isn't there," he added.

Read more on Data Protection Services