Prat Moghe

Prat Moghe is SVP Strategy and New Markets, and General Manager for the Data Compliance division at Netezza 

Matt Benati

Matt Benati is Director of Marketing for the Data Compliance Division of Netezza. 

Subscribe By Email

Your email:

Links of Interest

Blogroll

Browse by Tag

Keepers

Data Auditing Blog

Current Articles | RSS Feed RSS Feed

DLP and Data Activity Monitoring: Trains on two data protection tracks

Posted by Prat Moghe on Wed, Dec 19, 2007
  | Share on Twitter Twitter | Share on Facebook Facebook | Submit to Digg digg it |  Add to delicious  delicious |  Submit to StumbleUpon StumbleUpon |  Share on LinkedIn LinkedIn | Submit to Reddit reddit 

I spend quite a bit of time with enterprises describing the difference in philosophies between classical DLP and Data activity monitoring (DAM).  While it is tempting to think of DAM as a core-level data protection (which it can be and is in fact very efficient at), in reality DAM solves a broader problem around business data governance than just leak prevention. The concept of risk, theft and fraud in DAM are much more elevated and contextual than they are for DLP. My previous posts on this went into some detail on this topic. Check out:
Data Auditing and Protection vs. Data Leak Prevention.

Rich Mogull has succinctly described this in his recent post, Definitions: Content Monitoring and Protection And Application and Database Monitoring and Protection

He puts it so well, that I am just copying his words verbatim (he uses the acronym ADMP in place of DAM):

"More on this later, but I'm starting to see the data security market splitting along two lines. One focused on protecting content in user workspaces and productivity applications. It's starting with DLP but moving towards what I call Content Monitoring and Protection.

On the other side of data security is protecting content in business applications- from your web application stack to internal applications and databases. I'm starting to call this Application and Database Monitoring and Protection, and Database Activity Monitoring is where it's starting.

Since we need definitions, here's my first stab for ADMP: "Products that monitor all activity in a business application and database, identify and audit users and content, and, based on central policies, protect data based on content, context, and/or activity."

For CMP, I'm sticking with my DLP definition (DLP is a terrible term, but I'm not going to fight the market): "Products that, based on central policies, identify, monitor, and protect data at rest, in motion, and in use through deep content analysis."

From Rich Mogull, www.securosis.com

 

 

 

Tags: 

Comments

Currently, there are no comments. Be the first to post one!
Post Comment
Name
 *
Email
 *
Website (optional)
Comment
 *

Allowed tags: <a> link, <b> bold, <i> italics