The following post on DLP is the combined effort of Joe Clapp and Paul Hill in response to a media query asking experts to weigh in on where they see the data loss prevention market going in 2016 and beyond.
The July 2015 Gartner Hype Cycle for Data Security indicates that Data Loss Prevention (DLP) has passed the “Trough of Disillusionment” after being over-hyped and has entered the “Slope of Enlightenment.” This indicates that the technology is maturing and customer expectations are maturing as well.
In 2016, businesses should expect to see underwriters which provided data loss insurance to require covered entities have DLP in place in order to maintain coverage. A successful implementation of DLP requires organizations to know where protected data resides. Commonly, organizations know where data “should” be but rarely know to a certainty. There is software available to aid organizations in identifying rouge data and rouge data types. Examples of this include BeyondTrust Retina, Identity Finder, and Encase CyberSecurity, each of which actively audit your environment to identify structured data. With the data identified, it can be disposed of or appropriate controls can be put in place.
For customers handling structured regulated data such as SSNs and credit card numbers, DLP can be an important tool, if existing processes and technologies allow potential mishandling. For example, if users have the ability to store such data to local disks or USB drives, even though policies prohibit that behavior, utilizing DLP tools to identify where such data is being stored is a recommended practice.
Similarly, if employees have the ability to copy such data into email messages, implementing DLP to scan outgoing messages is recommended.
Microsoft’s Outlook 365 offers DLP for outgoing email, however, that option is only available under some subscription plans that are more expensive than the most basic offering.
Potential customers should expect more SaaS providers to offer DLP options as service plan options during the next year.
Unfortunately, DLP tools remain more effective when identifying structured data. Identifying rogue data and improper disclosure remains a difficult problem when dealing with unstructured data. To be effective human resources with insight into the data, business processes, and the tools will need to expend time tuning detection rules no matter what tool is selected.