Data-leakage protection uses software that monitors what goes out of the data center and attempts to prevent the inappropriate export of sensitive data. It is attracting a lot of attention as companies shift focus from strict concentration on threats coming in, to what's going out of their organizations. "Protecting data by making sure it doesn't exit the company inappropriately is the key," says Quin, adding that data leakage protection is "outside the norm as it stands now but certainly something that has a great relevance to every organization."
Most of the companies in the DLP market were startups, but in the last six to nine months the big security vendors have snapped up many of the independent players in the space. Symantec now has Vontu, RSA has Tablus (now part of the RSA Data Loss Prevention Suite) and McAfee has Reconnex, he notes. "The combination of these tools backed by larger, richer and capable organizations puts these tools and these companies in a leadership position," Quin says.
Other considerations are the size of the company and the resources you have to devote to security. Quin says there are several areas where the most capable product isn't necessarily the best one for small and midsize businesses; in every case, CSOs will have to evaluate functionality versus constraints such as price and manpower requirements.
You must comply
Controlling access is a core aspect of data-center security management. Identity-management systems that can be set to control what legitimate users can access are now well-established, with tools like IBM's Tivoli ID Manager and Access Manager and competing products from Oracle, BMC, CA and Novell.
But an emerging part of access management is policy compliance management, which uses security policies to control access to resources, rather than looking at individual identities. Symantec's BindView and Elemental Security's Elemental Security Platform are examples.
Remember that one aspect of data-center security is that many of the tools have overlapping functions and feature sets. One analyst's log analysis tool is another's security information manager, for instance. That's likely to continue as vendors try to beef up their product lines.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.