When NextLabs' Enterprise DLP software catches an employee attempting to share proprietary design information on a wiki, send it out via unsecured Web mail or download it onto a USB device, it either blocks the action or sends the employee a reminder of company policy. Often, the reminder is sufficient, Bauer reports. The product can also automatically create audit files that keep track of who complies and who doesn't.
IRM and DLP are complementary technologies that address two critical and connected security areas, says Jon Oltsik, a managing partner at Enterprise Strategy Group (ESG). "DLP allows IT to block all the stuff leaking out on e-mail attachments, mostly through human error," he notes. Once a document goes outside the corporate network, however, it's out of DLP's control. "If you want granular enforcement at the application, document and user level, outside the firewall you need IRM," says Oltsik.
Some DLP products can scan an organization's internal databases and storage devices, classify information according to preset policies and alert administrators about information that resides in the wrong place.
Controlling intellectual property over the Web
BCA Research, for example, uses FileOpen's IRM software to control what paying customers can do with its intellectual property (IP) once they've downloaded it, says Paul Chow, director of information technology for the global investment research firm. "Our research can be rather expensive and unique, and the Internet makes it easy to abuse IP rights," he adds.