Services Opportunities For Data Leak Prevention

/**/ /**/

Jamie Bjerke, director of technical services at Information Security Technology, a St. Paul, Minn.-based solution provider, discusses the services offerings that the channel can wrap around data leak prevention technology:

RISK ASSESSMENT: Front-end DLP services are mainly in risk assessment, which includes evaluating what products can 'see' within the environment and figuring out where data is flowing. Risk assessment enables the DLP solution to be placed at a specific point where you can collect data about what sensitive traffic may be leaving the environment. This is a real eye- opener for many customers who have never truly seen what types of data are leaving their environments.

DISCOVER THE DATA: Regulated companies, of course, need to get a handle on their sensitive data. But for nonregulated organizations, there is actually more to the discovery phase since these organizations lack compliance mandates stipulating which data needs to be kept safe. In addition, there's a lot of work involved with discovering sensitive information in unstructured data like spreadsheets, Word documents and e-mails.

ADDING VALUE: In most cases, adding services value to a DLP deal is a matter of what the customer wants to protect and how you position products and solutions to achieve that goal. Once you've done that, then the value is in helping the client roll out the solution, which is where you tackle issues like incident workflow, setting actions, and either blocking traffic or letting it through.

TAKING ACTION: There are concerns about false positives blocking valid traffic, so a lot of our services efforts are based around detection, tuning and what actions to take. There are also services around operationalizing DLP, which is where you get into asset protection, dealing with incidents and general care to make sure data breaches don't happen.

unit-1659132512259

type