The data loss prevention market is shaking out and, perhaps, stepping up. Code Green Networks Inc., one of a fistful of remaining independent DLP vendors, hopes to capitalize on enterprises that are ready to deploy in this maturing space.
To get security news and tips delivered to your inbox,
With its release of TrueDLP 6, analysts say Code Green is attempting to attract enterprise businesses after focusing on small and medium-sized businesses (SMBs). Most significantly, TrueDLP fleshed out its offering with stronger endpoint capability and central management to scale for large deployments. The release is timed to meet what may be an increased appetite for data loss prevention products. The Sunnyvale, Calif.-based vendor says customers finally get the DLP value proposition and are clear on what they need.
Nick Selby, research director of enterprise security at the 451 Group, said the market is maturing with more customers considering deployments in the next 12 months.
Data loss prevention:
Websense, Reconnex top Forrester ranking of DLP vendors: The data leakage prevention market is branching out into automating data classification, analysis and device management, according to a report from Forrester Research Inc.
McAfee merges encryption, DLP with new suite: The antivirus vendor repackaged SafeBoot's endpoint encryption and encrypted USB tokens with its existing data loss prevention products.
Symantec acquires Vontu for DLP know-how: In a move that was widely expected, Symantec announced Monday that it will acquire data loss prevention (DLP) vendor Vontu for $350 million.
"People are realizing this is not something they can fix with a box, not just by putting something on the desktop," Selby said. "It's the same as everything else in business: people, process and technology."
What Selby calls the "reduction in noise" in the DLP is, in part, the result of extensive vendor consolidation: Symantec Corp. (Vontu), EMC Corp. (Tablus), McAfee Inc. (Onigma and Reconnex), Raytheon Co. (Oakley), Websense Inc. (Port Authority), Trend Micro Inc. (Provilla). Some vendors are aiming their pitch around a more comprehensive data protection approach encompassing laptop encryption and device control. Witness McAfee's acquisition of Safeboot, Check Point Software Technology's purchase of Pointsec, and Sophos' purchase of Utimaco.
The converging market leaves Code Green with what it now considers an enterprise-caliber product, competing with these large, established vendors, as well as independents such as Vericept Corp., Verdasys Inc., Orchestria Corp., GTB Technologies Inc. and Workshare Inc.
Code Green's enterprise-grade TrueDLP release features completely new endpoint coverage, which was previously limited to device control technology, which it OEM'd. Now it's all in-house, looking at content on the endpoint as well as the gateway, and adding device and file auditing. Code Green now offers enterprise scalability, with centralized content registration, policy management and incident management. Centralized management now supports multi-site deployments.
"Last year, enterprises were all over the map, looking for very esoteric features," said Rod Murchison, vice president of marketing and strategic alliances for Code Green. "We saw the same thing in a number of emerging technology markets in the first decade or so, where you've got to wait for it to solidify a little. We've really seen that solidify lately -- in RFPs, RFIs, conversations with customers," Murchison said
451's Selby said enterprises may finally be waking up to what they don't know and what they need to know about their people and their business practices. Most companies --- 70% or more -- don't even try to find out who their employees are communicating with inside or outside the organization, much less what they are saying.
"If you don't know how [people] in the building are speaking to people outside, how are you going to know whether they are saying anything sensitive or not."