I got momentarily excited by an Information Week article on next year’s security spend trends. I was hoping to find out what new techologies might be exciting and interesting, but really it just sticks to vendor ideas and the same old stuff. Application firewalls? I guess.
This article, towards the end, prompted my out-loud thought through Twittter: “Just how relevant will DLP be in 10-15 years?” I understand the desire to know and prevent data loss, but while DLP helps monitor the big and easy holes, I fear it does nothing to assuage the tide of external attacks and actual malicious activity. It helps stop casually negligent insiders and mistakes. But not every mistake. For instance what about all that data that gets “accidentally” posted to web sites on a regular basis? We’re really not talking DLP so much as more rigid manifestations of policy adherence and control and reporting.
I guess this goes back to having a blended defensive posture and DLP being one part of it, but I don’t know how long endpoint DLP can survive when endpoints naturally want more freedom (and battery life and speed and the things that DLP agents/tools take up when on endpoints) and business wants assurances that DLP is poorly marketed to handle.