Monday | 24 November, 2008
Data loss start-ups sell out
Rapid consolidation could mean 'baked-in' data leakage features will appear in security products from vendors such as Cisco, Symantec, Trend Micro and McAfee
Cara Garretson (Network World) 08/01/2008 09:19:04
Page:

The rapid consolidation in the anti-data leakage market in the past year is enough to make an IT manager's head spin: This segment of the security sector ballooned to include dozens of start-ups, then even more quickly dwindled down to a few independent companies as larger vendors cherry-picked smaller ones to add data leakage to their own product portfolios.

A rough estimate shows at least US$1.6 billion was spent by vendors acquiring anti-data leakage -- also referred to as data-loss prevention or data-leak prevention -- start-ups over the past year, and that figure only includes the transaction values that were made public.Now that the spending spree is winding down and the acquiring vendors are revamping their product road maps to include these new wares, observers say enterprises can look forward to having the benefits of these security products baked into existing offerings that they're probably already using.

"We found there was a significant hole in the security product suite vendors," says Trent Henry, vice president and research director with Burton Group. "The hole has been information-flow protection and protecting the endpoint, not just network content flow."

As many of the data leak products evolved from protecting information "in motion," or being e-mailed, sent via instant messaging or copied to removable media, but also data "at rest," many large vendors thought it best to buy rather than build these capabilities.

Data leakage assimilation

Turning anti-data leakage into a feature of existing products represents a logical progression, analysts agree. In fact, many existing products are already moving in that direction; e-mail security offerings from companies such as Proofpoint, Secure Computing and Google's Postini already have some basic data-leak-protection functions that can, for example, scan outbound e-mail, instant messaging and Web traffic and flag messages that contain information thought to be sensitive, such as Social Security or credit card numbers.

Going beyond these basic features to add the finely tuned content-inspection and policy-enforcement capabilities of some data-leak-prevention tools to existing security offerings would reduce the number of products operating at an organization's gateway, and offer universal management and policy enforcement to simplify administration.

Knowing what's going out of the corporate network, and being able to stop policy violations, is an important part of what makes anti-data leakage valuable, says one enterprise user.

"You can generate all the polices that you want, but unless you have some kind of monitoring and enforcement mechanism, you don't know if a policy is working or not," says Bob Gorrie, information security project manager at USEC, a supplier of enriched uranium fuel for commercial nuclear power plants based in Bethesda, Md., which uses Vontu products.

Road to integration

Acquirers including Symantec, McAfee, Trend Micro, Cisco, and others are beginning to reveal details of how they'll integrate these new capabilities into their products.

Upon announcing its acquisition of Vontu in November, Symantec executives offered some details on plans to integrate the start-up's line of data-loss prevention products into its own desktop, network and storage products. The two companies earlier this year struck a deal to embed Vontu's detection engine into Symantec's e-mail security gateway software; Symantec says adding Vontu's capabilities to other products including its endpoint security offering is likely.

Adding Vontu's ability to scan data resources across the network to seek out sensitive data would be beneficial additions to Symantec's NetBackUp and Enterprise Vault offerings as well, officials say, to facilitate chores such as responding to e-discovery requests.

Trend Micro's October acquisition of Provilla will result long term in integrating the start-up's anti-data leakage capabilities into the security vendor's desktop and gateway products, officials say, although in the near term Trend Micro will continue to sell Provilla's LeakProof product as a stand-alone offering. The acquirer also spoke of extending LeakProof to mobile platforms.

Page:
Computerworld Buyer's Guide - Vendors Matched to this Article
Dimension Data , WebReq , SafeNet , GFI , MessageLabs , 3Com
More about VIA, Proofpoint, Google, Web Security, Postini, IronPort, Trend Micro, Motion, Websense, Cherry, Surfcontrol, Billion, Secure Computing, SecureComputing, Cisco, Logical, McAfee, Gateway, Symantec, Burton Group
Computerworld Buyer's Guide - Vendors Matched to this Article
Dimension Data , WebReq , SafeNet , GFI , MessageLabs , 3Com
Related Features
  • +

    Ticked Off at Tick the Box Mentality 04/02/2008 13:01:15

    Does your executive search firm know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?
    Does your executive search firm know its MIS managers from its elbow? Does it even know the difference between an MIS manager and a CIO, and if it does, can it explain that difference to its corporate clients?
  • +

    How to Get Real About Strategic Planning 04/02/2008 12:50:59

    Everyone agrees that having a strategic plan for IT is a good thing but most CIOs approach the process with fear and loathing. In fact, the majority of CIOs (and the enterprises they work for) are faking it when it comes to strategic planning. Isn't it time we all got real?
    Oh, it must be nice to be the CIO of a FedEx or a GE or a Credit Suisse. Places where IT and the business are so tightly aligned you can barely tell the two apart. Where corporate leaders understand that IT is a strategic asset and support it as such
Additional Resources
Executive Guides
Whitepapers
white paper Read up on the latest ideas and technologies from companies that sell hardware, software and services.
Zones
Zone logoZones provide focussed content from Computerworld and leading technology partners.
Newsletter Subscription
Sign up for our Computerworld newsletters!
RSS Feeds
Market Place
CRM Webcast: Learn how to find a CRM solution that fits into your existing business environment. View now.
Reduce costs, secure data, ensure compliance with Identity Management
Learn how to prioritize services with IT Service Management (ITSM). Watch the Computerworld webinar now!
HP webcast: Learn how to get the best value out of your network
Gaining Competitive Advantage Through Enterprise Planning.
Discover best practice strategies for the archival and removal of .PST files using email archiving
Beat the credit crunch. 0% for 24 months. Just for small business. Offer ends 24th Dec!
Taking on Demand CRM Integration to the next level.

 

Smart SOA World Tour

Discover how SOA can create smarter outcomes for your business.

Attend and learn:

  • How SOA is helping leading companies to become more agile
  • Where you should be applying SOA processes in your company
  • The top SOA implementation mistakes to avoid

Click here for more information.
Get a job Careerone
Whitepaper


Read Whitepaper

Wireless LANs: Is my enterprise at risk?

Achieve an overall understanding of the risks associated with wireless LANs. Discover their inherent properties, as well as what makes them different from wired networks. Read on to uncover a list of recently published articles on real-life breaches and incidents illustrating the need for proactive measures to mitigate wireless security risks.

Enterprise IT Buyer's Guide
Find Technology Vendors Fast
 
Find vendors by name | Find by category
Sponsored Links