I was quite bemused today to read this article in NetworkWorld that Google’s Postini is jumping into DLP.
Google”s Postini division today announced that its e-mail-content-filtering service has been enhanced to detect “logical expressions,” such as credit-card data and Social Security numbers. … Adam Swidler, Postini senior product manager, says the e-mail security service includes filtering of more “sophisticated expressions” that extend beyond Postini”s earlier limits to keywords. “This is for compliance and content-policy management, with content-based inspection for inbound and outbound traffic,” he says. “Today it’s for companies using Gmail, but we expect to extend this to instant messaging, the Web and the rest of Google Apps, like Google Spreadsheets.”
I don’t see why they can’t just call it regular expressions like everyone else. This is a great example of a vendor hopping on the bandwagon by adding a small part of DLP functionality to a product line. Knowing the problems even established, dedicated DLP vendors have with false positives I suspect this will be a bit more challenging than Google/Postini realizes.
Not that a basic DLP feature or two don’t have value in lower-risk environments; something as basic as this might work for some of you out there, as long as you manage your expectations.
If anything, I think this, combined with the Vontu acquisition, might finally nudge DLP to the peak of the Hype Cycle.
Reader interactions
4 Replies to “Sorry Google, Regular Expressions Don’t Make You A DLP Solution”
[…] While I took Postini/Google to task for calling regular expressions on a single channel (email) DLP, the dirty little secret of DLP is that probably 80-90% of deployments today rely mostly, or totally, on regex for content analysis. […]
@Anonymous: no hating, everyone is entitled to a wrong opinion 🙂
@ds: Totally legitimate question. I define solutions based on the business problem addressed and the audience/user involved.
But you’‘re one paragraph summary of the evolution of products is pretty perfect. If you keep ranting like that, I’‘ll start asking you to contribute posts.
Is there anything out there that couldn’‘t be said to be a “feature, not a product”? AV is a good example, and a very sucessful product over time. But one could easily argue that it should be a feature of some other product as opposed to a stand alone (and in many cases, it is just a feature).
But then, the other side complains when a product has too many features (av as part of the OS? gasp! Bloated agent software? Perish the thought!)
This sort of “sloganeering” is useless.
DLP is what it is. An immature solution to a very real problem. Immature solutions start out as products, get aquired and integrated into larger solutions. Then the larger solutions fail because they overcomplicate matters.
Meanwhile, the problem evolves while we think it has been solved or gone away. So we keep watching our data center connections to the Internet with an IDS, while the attackers are using rebinding attacks to attack the servers from corporate workstations. We are never quite as clever as we think we are, and neither are our solutions, feature or product or whatever.
Sorry for ranting.
Hi Rich
I’‘m going out on a complete limb here and saying “well, it’s because DLP should be a feature, not a product.” I believe that there should be DLP elements in everything—it’s how It in general matures.
The hating may now start. =)