Educause Security Discussion mailing list archives
Re: Enterprise DLP Solutions
From: Philip Webster <p.webster () QUT EDU AU>
Date: Thu, 27 Sep 2012 10:30:23 +1000
On 21/09/2012 6:39 AM, Barnes, Sylvia A wrote:
We are looking at Data Loss Prevention solutions and I would like to know about your experience with purchase, deployment and use/satisfaction with your product. We currently use a data detection tool Identity Finder but we are not using the encryption or scrubbing modules. We want to know what else others are using and finding successes with. Does your product meet your expectations for improving data loss prevention without generating more Help Desk calls than you can manage? 1) What DLP product did you install and what other one did you compare it to? 2) Did you install the complete DLP or just the data detection? Are you planning to install other modules if so which ones? 3) Was the vendor training adequate for your employees and how many FTE’s does it take to manage? 4) What are some of your lessons learned from the purchase, and or implementation? 5) What do you know now that you wish you had known before you started choose your DLP solution?
I don't want to hijack the conversation, but was wondering how people are handling the interaction of DLP and cloud. I've seen solutions at the client, solutions at the point of migration to the cloud, and solutions which inspect traffic to/from the cloud (usually involving SSL MitM); however I'm yet to hear of happy installations.
Has anyone gone down this route, or abandoned DLP completely, or chosen some other path (e.g. outsourcing the risk to the cloud provider as well)?
Thanks Phil -- Philip Webster, Information Security Manager Queensland University of Technology
Current thread:
- Enterprise DLP Solutions Barnes, Sylvia A (Sep 20)
- Re: Enterprise DLP Solutions Philip Webster (Sep 26)