Next up for DLP: The cloud?
Firm leverages cloud, human capital to offer data loss prevention services
Network World - Traditionally there have been two ways to host a data loss prevention security service: An on-premise application managed by the customer, or an on-premise application managed by the DLP supplier. BEW Global, a managed security service provider, has a third way: Through the cloud.
DLP services work basically by identifying information that needs to be protected, indexing it and securing it. The DLP system can prevent, for example, sensitive data, such as customer credit card information, from being downloaded onto an employee's USB drive.
BEW's cloud-based offering, which it announced at the recent RSA conference and the company claims is the first of its kind, uses a hybrid cloud approach. It combines an on-premise hardware application that identifies sensitive data, then pumps the flagged information up into the cloud to be analyzed by BEW security workers. This hybrid model allows users to benefit from the advantages the cloud provides of less on-site hardware, while still having a comprehensive DLP system. But, is the cloud right for DLP? Not all security experts are buying in.
"A completely cloud-based DLP offering just wouldn't fly for most enterprises," says Sean Steele, senior director of security services for infoLock Technologies, another security consultancy and provider. "It wouldn't even get off the runway." It's just simply not efficient to copy all of the data into the cloud for analysis, he says.
But BEW Global President Robert Eggebrecht stresses that his company's offering still has an on-premise component, which it calls a consolidated appliance. It consists of Dell hardware running Windows or Linux-based virtual machines and sits at the edge of the network, where it scans for sensitive data. BEW works with individual customers to determine what traffic flows up into the cloud to be analyzed by the security workers.
Eggebrecht says undoubtedly some customers may have questions about BEW workers analyzing sensitive information. But, he says the 15 analysts that currently pore over 40 client accounts are trained security experts who often go through the end user's own security training process.
Having security experts analyze the information is better than the alternative, Eggebrecht says, which is to have the DLP system monitored by an enterprise's in-house IT staff, who may not be trained in data security.
"If you manage it yourself and you don't have the expertise around security services, then you're not getting the most out of the system," he says. The human component of the system, Eggebrecht says, is the differentiating factor between BEW and other managed security service providers, such as Cybertrust (now owned by Verizon), Dell SecureWorks and IBM ISS.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
Red Hat Enterprise Linux - The Original Cloud Operating System
Linux adoption is growing against a number of measures, such as the
number of supercomputers that run Linux and the size of the contributing...
- OpenStack Hype vs. Reality: CIO Quick Pulse Open-source architecture can enable IT departments to build infrastructure-as-a-service (IaaS) clouds running on standard hardware.
- Maximize Strategic Flexibility by Building an Open Hybrid Cloud Choosing how to build a cloud is the biggest strategic decision IT leaders will make this decade. It determines their organizational competitiveness, flexibility,...
- ESG: The IBM FlashSystem 840: Technical Evolution to Deliver Business Value In this whitepaper, you will learn how this high-speed storage technology has tremendous potential to support I/O-intensive and/or latency-sensitive applications.
- Meg Whitman presents Unlocking IT with Big Data During this Web Event you will hear Meg Whitman, President and CEO, HP discuss HAVEn - the #1 Big Data platform, as well...
- Cloud Knowledge Vault Learn how your organization can benefit from the scalability, flexibility, and performance that the cloud offers through the short videos and other resources... All Cloud Computing White Papers | Webcasts