DLP and DAM solve different problems

By Brian Prince  |  Posted 2008-02-06 Print this article Print

"We think its critical customers can discover sensitive data automatically, even on databases they don't know they have," Julian continued. "Network appliance-based solutions just aren't practical in this regard, simply way too cumbersome and expensive." 

According to Bill Bartow, vice president of product management at Tizor, DLP and DAM solve very different but related problems.

"Longer term, it's possible that the two areas could converge but, frankly, we see DAM as a much larger market than DLP," Bartow said. "Lately, we are seeing more and more DLP customers deploying DAM for a more complete data security strategy."

Some database monitoring products already include blocking capabilities, such as Guardium DBLP, which Guardium says locates and classifies sensitive data, then monitors traffic to and from database servers for unauthorized or suspicious activity.

It can also block transactions that violate policy if the appliance is configured as an in-line database firewall or as a passive monitoring device that initiates other enforcement actions such as TCP reset blocking, automated logouts of database users and VPN port shutdowns.

"DLP and DAM are important controls that most organizations should consider in their priorities," Proctor said. "If you have DLP at the network and endpoints you will likely still need DAM controls inside your database."

Gartner analyst Mark Nicolett said some DAM vendors are definitely enhancing the content awareness of their products, and may look to gobble up smaller companies to do so.

"We expect a few acquisitions of DAM vendors by large vendors that have DLP technology," he said.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel