Enterprise IT Consultant Views on Technologies and Trends

May 16 2011   4:31AM GMT

Websense Data Leak Prevention expected to gain more traction in Enterprises

Sasirekha R Profile: Sasirekha R

Websense Data Leak Prevention expected to gain more traction in Enterprises

According to security experts, it costs organizations several million dollars per incident of data loss or theft. Even if the incident per se is innocent – like employee sending customer data to their personal emails so that they can work from home, the repercussions could be significant. In addition to direct loss in terms of money, any data leakage or loss results in negative publicity and putting the organization’s reputation at stake.

As reported by the Ponemon Institute, the average per-person expense for a data breach in 2010 was $214, with the average organizational cost at $7.2 million. The cost factors include detection, escalation, notification, response, and lost business feature. It is expected that this cost will continue to rise and especially so with the new regulations in almost all domains.

Content-aware data loss prevention (DLP) solutions enable organizations to enforce effective business practices for storing and transmitting sensitive data and avoid data loss / leakage.

According to Forrester, Financial Information, Non-public personal information, Personal Health information and Intellectual property are the four areas where enterprises are implementing the content-aware DLP solutions.

Content-aware DLP solutions differ from mere authorization tools that controls access based on roles or other rules, in their ability to classify information contained in an object (email, file, packet, database etc.). DLP products can inspect information while they are in storage, in use or in transit and can intercept multiple channels (email, HTTP, FTP, file shares, printers, USB, portable media, databases, IMs).

Websense that offers data loss prevention solution is identified as a leader by both Gartner and Forrester continually for past 3 to 4 years in providing unified Web, data and email content security solutions. Websense goal is to protect essential information – such as financial info, databases, and employee records – in all locations, including email, websites, PCs, laptops, USB drives, and printers.

Websense with its simple interface can be installed in a few hours and makes data security simple by providing one unified console, over 1000 built-in policy rules and enabling DLP in Web or email with just a mouse click.

Websense support creation of policies that results in classifying, tagging, encrypting, alerting, reporting, logging etc. which come into effect automatically in various events. A simple policy that alerts and prevents the employees from forwarding customer data to any of their personal emails could save the organization from data leak. Typically these DLP solutions are intentionally visible (unlike firewalls) and this can be used to educate the employees about the inappropriateness of their action. In one of its case study, Websense highlights that this employee education on policy violation resulted in an immediate 50% decline in alerts.

WebSense provides DLP solutions in cloud as well as Saas. It offers both subscription pricing as well as perpetual licensing. Gartner points out that Websense offer comprehensive capabilities in all three functional areas – network, discovery and endpoint.

Websense uses its patented PreciseID technology to conduct 24×7 deep analysis of all content – web, email, data and applications – in real time. When anything suspicious pops-up, PreciseID in addition to alerting, isolates the would-be invader and prevents a zero-hour attack (that tries to exploit the vulnerabilities before the developers become aware of it).

ThreatSeeker Network provides the intelligence that underlies Essential Information Protection by delivering real-time reputation analysis and expanded behavioral analysis. Websense augmented its ThreatSeeker technology with organically developed and acquired email security, hosted security, and data loss prevention technologies from SurfControl and Port Authority. Websense then added dedicated content and email security specialists to the Websense Security Labs team of researchers. The result is a network of technology and human intelligence that creates an adaptive feedback network that uses more than 50 million real-time data collecting systems to parse one billion pieces of content daily.

PreciseID works with the Websense ThreatSeeker Network to deliver deep content control, which enables Websense Data Security Suite to accurately secure confidential data, efficiently prevent information leaks, and ultimately protect who and what go where and how.

Websense Data Security Suite enables:

  • to enforce business and regulatory policies across multiple channels of communication;
  • craft policies from pre-built templates to help adherence to specific regulations;
  • inform employees of actions that can lead to regulatory issues; and
  • document efforts to help demonstrating regulatory compliance with simple management and reporting.

While Websense doesn’t yet have the visibility like Symantec and McAfee, it matches Symantec’s DLP solutions nearly feature-for-feature, at a much lower price. According to Forrester, most enterprises want “DLP express” products to help solve regulatory and toxic data problems without complex integration challenges or high prices. And Websense is the vendor best positioned to cross the chasm into the mass market.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: