- As adversaries focus more and more on data theft, and increasing compliance and regulatory requirements need to be met, protecting and securing data becomes more and more important.
- Data can be leaked via a variety of channels, from email communication, various web protocols, smartphones, and removable devices. A Data Loss Prevention (DLP) solution that doesn’t address these options is leaving the enterprise exposed.
- An enterprise's ability to protect and keep safe its data is only as good as the knowledge IT has on the organization's valuable or sensitive data. Security professionals must ensure that their DLP technologies are configured correctly and supported by the correct organizational specific policies.
- Enterprise security budgets are constrained, yet must be spent on an increasing number of protection mechanisms; since spending on DLP likely takes money from other security solutions, enterprises must carefully determine if DLP is right for their environment.
- As the environments in which organizations operate expand and become more versatile (mobile devices, cloud services, operating systems, databases, etc.), the ability to scan, detect, and enforce actions across these mediums becomes paramount to effective data protection.
- Effective data protection not only comes from strong visibility, but also the ability to take action once sensitive data is detected. A breadth of actions enables greater data protection and information governance.
- The ability to stop data leakage or theft is based on knowing what data is sensitive and where that data lies. A DLP product's ability to identify data as sensitive across the organization is essential to stopping its extraction.
- The DLP market will continue to divide into two main segments: simple dedicated DLP solutions for less demanding security organizations, and advanced add-on functionality to comprehensive security operations for high demand organizations.
Impact and Result
- Understand that DLP is an investment, but it is possible to find the best value and meet most feature requirements.
- An investment in DLP will provide the enterprise with a tool designed to control these threats – a tool that is aware of all enterprise data, where it resides, and how it moves – with the power to enforce automated responses to inappropriate activity.
- Review the market and identify a best-fit vendor and product from the broad and diverse market space. Whether the organization targets security, compliance, or overall risk reduction, there’s a solution for every need.
1. Evaluate the leading solutions for mid-market DLP
Understand the market and available options.
2. Identify the mid-market DLP solution that best meets the organization's needs
Develop a shortlist to speed the selection process.
3. Issue an RFP to the shortlist of vendors
Solicit responses from shortlisted vendors to find optimal enterprise fit.
4. Review RFP winners
Ensure that selected proponents can deliver when it counts.
This guided implementation is a three call advisory process.
Call #1 - Shortlist assistance and requirements
Get off to a productive start: Discuss the market space and how vendors are evaluated. Decide which platform suits you best and narrow down the options based on customized requirements.
Call #2 - RFP and budget review
Interpret and act on RFP results: Review vendors’ RFPs and ensure the solution will meet your needs. Discuss average pricing of solutions and what can fit into your budget.
Call #3 - Negotiation and contract review
Purchase optimization: Review contracts and discuss best practices in negotiation tactics to get the best price for your solution.