Saturday, June 5, 2010

DLP as a Service: What's the business case for this?

Question:
DLP as a Service: What's the business case for this?

Answer:
Xxxxxx,
DLP can leverage all the advantages of service-alization on legacy information systems.
If we define service a standard offering delivered by a service provider, business case (of DLP as a service versus technology solution) can be summarized as:
1- Leveraging economies of scale with utilizing shared resources at service provider
2- Leveraging deep-dive technical specialization at service provider since service provider can effort dedicated specialists (not because they are more intelligent). Levering know-how gained from managing multiple customers.
3- Measurements and metrics program guaranteed by service level agreements
4- Ability to scale up/down easily, more reliability and redundancy on the provider side.
5- The old capex vs opex discussion
6- No operational worries (e.g. who will patch my appliance) / focus on core business goals, competitiveness
7- Pay as you go elastic service.

But if you look at DLP specific cases, the answers could be categorized in many different buckets. (this might be different for different organizations). We believe that a DLP program must include
• DLP program management (GRC, Policies , Procedures)
• Endpoint enforcement components,
• Secure remote access components,
• Data classification & governance components,
• Encryption components
• Rights management components.
• Training and user awareness component
• Incident management component
• Central monitoring , Access Control, RBCA the usual InfoSec components

This can all be offered as a hybrid service of people, process, technology and managed services. Usually an important component of DLP program is the network based DLP gateway solutions. A managed offering for network level DLP gateway may offer
1- Ability to get a clean pipe from service provider (e..g prevention in the cloud)
2- Ability to leverage a wide set of solutions for the recognition of different data types / file formats since service provider is developing the service for other customers
3- Ability get experts for custom scripting (yes you will need this)
4- Transparent deployment
5- Correlation of events with other network activities (e.g. IPS, Anomaly Detection, Content security solutions, Firewalls, AV etc)


Type rest of the post here

Add this post to:

DiggIt!| Reddit| Technorati|

Posted by yinal at

Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)