I recently ran into a 2 year old post that decried the use of the term extrusion prevention calling it the “worst tech term of the year”
I will cut the author of the article some slack as it was back in 2007 and a lot of folks were just coming to grips with the spate of data breach events and stating with straight faces that PCI DSS and a bunch of other compliance regulations were going to be our savior.
Regulation is not an effective measure – neither for data breaches nor for crooked bankers.
Massive government regulation and intervention of the sort that President Obama is pushing is precisely the wrong thing to do right now (or ever for that matter). Big government will always do a worse job of protecting consumers than consumers themselves. Take your lumps, shoot the bad guys and get the strongest and most innovative economy in the world back on track without wasting a trillion dollars of America’s future and dragging the entire world into 20 years of depression.
Apropos Obama and his far left agenda – there is no empirical evidence that US government stimulus packages after the Stock Market crash of 1929 improved things for the consumer – the opposite is true – by 1935 unemployment had actually increased to 35 percent. My guess is that the same thing will happen in the US over the next 5-10 years – a lot of money being printed for social good, that will put the next generation of Americans in hock to the Chinese. That is not a pleasant thought.
Getting back to data security.
Extrusion prevention is now commonly called DLP – data leakage prevention. Actually – extrusion prevention is more logical since it is the opposite of intrusion prevention. If intrusion prevention prevents bad guys from getting in, then extrusion prevention prevents good data from getting out. This actually makes it a much more logical and accurate description than DLP – as if data security was a plumbing problem. DLP is also an incorrect data security approach as it assumes that the majority of threats to information assets are from trusted insiders. Maybe – maybe not. You’ll never know until you do some threat analysis accompanied by some hard network surveillance.
You can read more on my web site at