Are you like the rest of the lemmings?
Most companies we know – don’t have the faintest idea of what’s going on inside the corporate network.   Once the company management discovers that almost all their employees cc company documents to their gmail accounts so they can access the data at home – it becomes a “Houston we have a problem” moment.  .

I think the various DLP (data loss prevention) vendors split into two camps – the network security people (like Fidelis Security Systems, Vericept, Vontu) and the Microsoft Windows client security camp (McAfee, Verdasys, Symantec, Workshare).  Customers implementing DLP in the network don’t like the idea of installing and maintaining client software; they are also more likely to see data security as a monitoring +procedure + discipline issue than as controlling-what-users-do issue.   The data security in the client PC camp are focused on point of use (probably the right place to be if you want the most precise security countermeasure for data abuse, data loss and data theft) and are less likely to consider implications of data security in the extended enterprise computing space.
So what do you do? Buy technology, call a consultant or ignore the problem?
The answer depends on a senior manager in your business (CISO, CFO, CIO, CEO) doing a cold-blooded risk calculation after getting over her “Houston we have a problem” moment
Data security used to be about preventing malicious outsiders (usually automated scripts) from attacking the network using firewall/IPS at the perimete/system perimeter. Companies with well-maintained firewalls have good perimeter security, and do a good job mitigating outsider threats.    The focus has now moved to mitigating insider threats -and the key question is what is the right data security countermeasure for your company at the right price:

1) If you have less than $20,000 to spend – you’re best off working on employee awareness and discipline as the most cost-effective security countermeasure for data security.
2) If you have up to $100,000 to spend – and don’t want to get involved with expensive enterprise implementations with distribution of agents for Windows XP/Vista and policy development – you’re best off buying Fidelis Security Systems XPS. Use the extremely precise and cost-effective monitoring capability that XPS provides to improve procedures and user discipline in real-time.
3) If you have have more than $100,000 for product and another $100k for professional services – and you are willing to take the plunge on agent-based data security, try Verdasys. You will get the benefit of control at the point-of-use, visibility to data security violations and ability to prevent data loss in real-time.
Danny Lieberman
Software Associates
Expert security consultants, providing internal security solutions:  investigating  and preventing data theft and fraud for telecommunications, manufacturing and pharmaceutical companies in Eastern Europe and the Middle East.