Had a very interesting call today with a client in the pharma research space. They would like to protect clinical study data as it moves to researcher’s computers, but are struggling with the best approach. On the call, I quickly realized that DLP, or a content tracking tool like Verdasys (who also does endpoint DLP) would be ideal. The only problem? They need Windows, Mac, and Linux support.
I couldn’t remember offhand of any DLP/tracking tool (or even DRM) that will work on all 3 platforms. This is an open call for you vendors to hit me up if you can help.
For you end users, where we ended up was with a few potential approaches:
- Switch to a remote virtual/hosted desktop for handling the sensitive data… such as Citrix or VMWare.
- Use Database Activity Monitoring to track who pulls the data.
- Endpoint encryption to protect the data from loss, but it won’t help when it’s moved to inappropriate locations.
- Network DLP to track it in email, but without the endpoint coverage it leaves a really big hole.
- Content discovery to keep some minimal tracking where it ends up (for managed systems), but that means opening up SMB/CIFS file sharing on the endpoint for admin access, which is in itself a security risk.
- Distributed encryption, which *does* have cross platform support, but still doesn’t stop the researcher from putting the data someplace it shouldn’t be, which is their main concern.
While this is one of those industries (research) with higher Mac/cross platform use than the average business, this is clearly a growing problem thanks to the consumerization of IT.
This situation also highlights how no single-channel solution can really protect data well. It’s the mix of network, endpoint, and discovery that really allows you to reduce risk without killing business process.
Reader interactions
4 Replies to “Is There Any DLP or Data Security On Mac/Linux?”
Rich, the only cross-platform DLP solution available on the market at this point is developed by CoSoSys. The product is called Endpoint Protector 4. It works on all Windows and Mac versions, and it supports also some Linux distributions. The detection of sensitive content is captured at the endpoint level, so even https data transfers are blocked/reported by the application.
Good luck!
Verdasys has Linux support, alas no MAC support yet.
[…] happens when you need endpoint DLP on Windows, Mac and Linux all at once? The answer, nothing easy Is There Any DLP or Data Security On Mac/Linux? | securosis.com Tags: ( dlp […]
I’‘d be interested in what people find as well, Rich. The whole DLP arena is something I’‘ve been looking into for my organization, which is very Mac heavy. Thanks for bringing this up.