Access your Pro+ Content below.
Endpoint DLP fills data protection gap
This article is part of the January/February 2010 issue of Information Security magazine
Be it as part of a full-suite solution or as a standalone product, organizations are increasingly turning to endpoint data loss prevention (DLP) to close the gap on data protection. Although most organizations start with network DLP to gain the broadest coverage as quickly as possible, loss of sensitive data isn't exactly a problem limited to the network or storage repositories. From remote users to portable storage, the endpoint is not only a significant repository for sensitive information, it's where users spend much, if not most, of their time accessing the data. But endpoint DLP is also the least mature segment of this increasingly popular class of technology. Due to processor and memory limitations it's where we see the biggest differences between competing products, and the greatest feature and performance constraints. We also see competing solutions targeting the endpoint from different genealogical backgrounds, with offerings from traditional DLP, traditional endpoint, portable device control, and even encryption ...
Features in this issue
Massachusetts 201 CMR 17.00 and Nevada's data protection law establish new standards for personal data protection
Learn how endpoint data loss prevention technology complements network DLP and secures data that users interact with on laptops, mobile and portable storage devices.
Disaster recovery plans, DLP solutions, and regulatory compliance are top enterprise priorities, according to Information Security's Priorities 2010 survey
Secure coding and vulnerability scanning could mitigate many Web application attacks
Columns in this issue
IT and security managers often make the mistake of being consumed with a specific risk or threat to the detriment of security
Security experts Bruce Schneier and Marcus Ranum debate the possibility of eliminating anonymity on the Internet.
China's hacker attacks against Google's infrastructure, including Gmail accounts of human rights activists as well as Google's source code, should be used to educate enterprises about the reality of cyberespionage from nation states and organized criminals.