Choosing endpoint DLP agents

There is a lot to be said for preventing data loss at the point of use but if you are considering endpoint DLP (data loss prevention), I recommend against buying and deploying an integrated DLP/Anti-virus end-point security agent.  This is for 4 reasons:
  • Bloatware/system resource consumption – if you’re concerned with anti-virus system resource usage, imagine layering another 100MB of software, another 20MB of data security rules and loads of network traffic for management just for the luxury of getting a good deal from Symantec on a piece of integrated software that IT doesn’t know how to manage anyhow.
  • Software vulnerabilities – if you have issues with the anti-virus – you don’t want them affecting your data flows via the DLP agent. Imagine a user uninstalling  the anti-virus and impacting the DLP agent.
  • Diversity – the strong anti-virus products have weak DLP agents – which means that the advantage of a single management platform is spurious. Having strong anti-virus software on your Windows PCs from a vendor like McAfee complements having strong data loss prevention from a company like Verdasys.
  • Not a good fit for the organization – IT manage the Anti-virus,   Security manage the data security and never the twain shall meet.
Related Posts Plugin for WordPress, Blogger...
Tell your friends and colleagues about us. Thanks!
Share this

Leave a Reply

Your email address will not be published. Required fields are marked *