What strategies to follow after you have implemented a DLP solution

If you deployed a DLP strategy, you have probably deployed it in your high risk areas, and if you have become somewhat mature in your current DLP deployment, the next is how to grow the deployment so that you can secure more areas. As you are becoming more successful, your management, or clients within business groups who is not currently enjoying the protection a DLP solution can give, will ask you to protect their areas as well.

So, the question becomes, how do you grow both horizontally and vertically? You can grow horizontally by putting in place in place more monitors, but you will quickly find yourself in a situation where your current rules/policies does not meet the needs of the additional areas where you are now scanning, or maybe the business model you deployed for the corporate roll out does not meet the needs of the business unit you are now supporting in addition to the corporate roll out.

Do you invest in data in motion along with data at rest? Do you invest in end point protection? How about managing different departments ranging from your HR department, to your credit card processing department to your research and development arm. For each one of these, different business problems arise, and different solutions must be put in place. For HR, your main concern is probably the loss or disclosure of personnel data, from your sales organization, customer PII, and from your R&D department, loss of your future bread and butter.

So the discussion becomes the one of head count, and centralized versus de-centralized. Which model is right, and how to ensure comparable results between them? It is a discussion which will be had in many organizations in the upcoming years. Many IT security shops will have the idea that you should have a centralized approach. This will become increasingly difficult for several reasons. One, only the users/business owners in the respective areas will have an understanding of what is valuable, and needs protection, and what doesn’t. Then you have the issue around different IT departments controlling collaboration and messaging. Each one is important for securing your information. I think the right answer is a mix between centralized/decentralized, where information security runs the majority of the tools, but the business owners and IT collaborates on how to identify IP and business secrets, and create and manage policies dependent on roles.

There is one undeniable fact. The amount of information is growing, in fact according to IDC, it is growing by 60% a year, with new regulatory requirements means that IT will have to invest more in managing the information for disclosure, protection and retention.

Demand for storage capacity has grown by 60% per year and shows no signs of slowing down, according to research company IDC. New disclosure laws, which require more data to be preserved and retrievable, also are making storage management a bigger job. http://www.networkworld.com/news/2008/032108-storage-revolution-jobs.html