Selecting DLP technology can still be very confusing, as various aspects of DLP have appeared in a variety of other product categories as value-add features, blurring the lines between purpose-built DLP solutions and traditional security controls, including next-generation firewalls and email security gateways. Meanwhile purpose-built DLP tools continue to evolve – expanding coverage, features, and capabilities to address advanced and innovative means of exfiltrating data.

Even today it can be difficult to understand the value of the various tools, and which products best suit which environments – further complicated by the variety of deployment models. You can go with a full-suite solution that covers your network, storage infrastructure, and endpoints – or focus on a single ‘channel’. You might already have content analysis and policy enforcement directly embedded into your firewall, web gateway, email security service, CASB, or other tools.

So the question is no longer simply, “Do I need DLP and which product should I buy?” but, “What kind of DLP will work best for my needs, and how can I figure that out?” This paper provides background on DLP to help you understand the technology, know what to look for in a product or service, and find the best match for your organization.


We would like to thank Digital Guardian for pushing us to update our Understanding and Selecting DLP content. Time moves forward quickly, and things change in technology even faster, so we need to revisit our basic research every couple years. As always, our research is performed using our Totally Transparent research methodology. This enables us to publish research that matters, while being able to both pay the bills and sleep at night.

You can download the paper (PDF).

No Related Posts