On April 5th, Avivah Litan, VP Distinguished Analyst at Gartner (@avivahl) declared “DLP is Dying” in what quickly became a very controversial blog post on the Gartner Blog Network. Some DLP vendors quickly cried foul and called Avivah’s (and Gartner’s) motives into question.
The online discussion got so heated that comments on the Gartner Blog Network and LinkedIn were quickly disabled then deleted and the original post was hastily re-written. The only evidence of the dust up is the lingering URL for the original post:
blogs.gartner.com/avivah-litan/2018/04/05/insider-threat-detection-replaces-dying-dlp/
Avivah, Digital Guardian had your back, we agree that DLP of old is dying, but a whole new generation of data loss prevention solutions is emerging as a result.
Time to Redefine Data Loss Prevention
Antiquated DLP solutions provide little value. In our experience, most DLP implementations today are comprised mainly of network appliances. The corporate network has evolved; the perimeter effectively dissolved leaving network-only solutions full of gaps. Compound that with the emergence of the cloud and the reality that most threats originate at the endpoint and you understand why traditional, network-appliance only DLP is limited in its utility and truly at risk of dying.
Layering on an endpoint agent does help fill some of the gaps. But traditional DLP typically included basic agents, which were limited to content inspection and control of removable media. They lacked visibility into user and system level events creating holes in policy and rules to block activity. Next generation data protection technologies combine multiple methods of classifying data and provide deep visibility into data, system and user events.
Comprehensive Data Protection: DLP and EDR
Digital Guardian has defied traditional DLP for years; that’s why our solution displaces legacy products regularly.
Features like endpoint detection and response (EDR) are some of the best ways to protect networks from both known and unknown threats.
Detecting insider threats has always been a pillar of Digital Guardian’s technology. That’s why we’ve incorporated EDR capabilities into our platform to make a comprehensive offering that sees, classifies and protects all data from attacks, both from risky insiders and external adversaries.
Integrating EDR with DLP in the same agent allows administrators running Digital Guardian to monitor endpoint and network events, be alerted if a malicious process is detected, and have confidence that data, under strict access controls, isn't going anywhere.
Blog Post Digital Guardian is a Leader in the 2017 Gartner Magic Quadrant for Enterprise DLP |
Responding to Customer Demand
Digital Guardian’s flexible controls, coupled with visibility, and advanced analytics, has helped us meet the growing demands of our customers without the need for additional technologies that effectively drive up the cost of ownership.
Our enterprise DLP technology takes a data-centric approach to security and affords users the ability to enforce data access control policies based on context, content, and user input and tags, without disrupting existing business processes or hampering user productivity. After all, it's only after data has been identified, classified, and controlled that an organization can truly understand where it is, how it flows through the company, how it’s being used and ultimately where it goes.
Perhaps it’s a good thing that Gartner retired its Enterprise Data Loss Prevention Magic Quadrant. Vendor positions were based on criteria established in 2006, something that made it very difficult, if not impossible, for companies that have redefined DLP, like Digital Guardian, to score high.
DLP Market Continues to Grow
DLP isn't going away as a solution. DLP use cases continue to fuel Digital Guardian’s growing pipeline. Gartner experts recently said that by 2020, 85 percent of organizations will implement at least one form of “integrated DLP,” a figure that’s up from 50 percent today. DLP is a growing and healthy market – Gartner’s predicted spend in 2018 is more than a billion dollars for DLP, with a strong CAGR of 10% from 2015-2021.
The technology also remains paramount for organizations looking to protect intellectual property, personally identifiable information, payment card industry data, or achieve HIPAA compliance. The European Union’s General Data Protection Regulation (GDPR), less than 50 days away, continues to reinvigorate interest in DLP as well. DLP will continue to be key to many organizations, if they haven't deployed a solution already, to ensure data is processed and stored appropriately.
