IT and data security comes in many forms and addresses many issues and threats. In today’s connected world the threat has increased dramatically. Data can go very far, across international and legal boundaries, and in large quantities – without you even knowing about it!
Information Rights Management (IRM) and Data Loss Prevention (DLP) solutions both control information to prevent theft and misuse; but do so in different ways.
IRM protection allows business users to persistently control whether, when and how documents are accessed, no matter where they reside; allowing information to be safely shared across enterprise boundaries. Protected documents are encrypted on disk and remain so even when they are being used, so uncontrolled usage is not an option. Where actions such as printing or editing a document are permitted the activities can be logged so you can know who has done what with the information.
DLP solutions centrally monitor and control how data is allowed to move around your company’s network, devices and applications, allowing you to set up secure digital perimeters to prevent data leaking out. DLP can be invisible to business users going about their own legitimate activities, and only intervening when necessary to prevent information from being compromised.
Achieving success with these technologies requires a broad understanding of not just how they work, but how they fit into a real world business context. DLP solutions can generate vast amounts of information on data movements much of which will be legitimate, so crafting policies correctly without creating a snow storm of false alarms or missing major loop holes can be challenging. IRM solutions have come a long way in recent years, but getting it consistently adopted across a business requires simplicity, clarity and easy of use to be at the top of the agenda. Each technology has its own strengths. Used in combination you really can get the best of both worlds.
We have worked with IRM and DLP technologies as they have matured; in real world situations, in some very large companies. There are numerous vendors providing these solutions, and while some of the technology is great, we have come to understand that how they should be deployed, configured and managed, is critical to provide the intended improvements in security, while allowing your normal business processes to continue unimpeded.
We would be delighted to act as your information security analyst and your technical resource to help you navigate through the complexities of solution selection and deployment; enabling you to secure your business and meet your regulatory obligations.
Do contact us for a no obligation chat, we will be happy to help.