Critical

18 Jan 2010

The data centric security focuses on protecting the data itself rather than the systems in which it resides. More and more information leakages are occurring as a result of unintentional operation of the internal personnel. In the past year a major effort concentrated in Data Loss Protection (DLP) solutions that protected the organization against unintentional data loss. However, the DLP solutions suffer from the inherent weakness of not protecting the information after it left the organization boundaries. This weakness is amplified in the age of cloud computing and collaborative business processes that involve several organizations. Moreover, DLP provides only limited protection against intentional attempts to leak confidential information.

The major concept of Data Centric Security is to protect the information through its entire life-cycle: Storage, Use and Transfer and the solution that poses most of the required characteristics is the Enterprise DRM or ERM. DRM systems keep the information encrypted during storage and transfer stage and protect it by a fine grained access policy during usage. Despite having many ingredients to become a major success, the ERM industry was not able to achieve its full potential. Administration complexity, user dependency and lack of automatic classification were among the factors that slowed ERM adoption.

However, ERM weaknesses are exactly the strengths of the DLP systems. Thus, an ERM solution, that will be enhanced with already existing DLP capabilities such as automatic data classification can be a killer application in the Data Centric Security space.

Arie Orlovsky, Industry Technical Manager, from Critical Software will be at the Information Security 2010 event, from IDC, on the 28th of January to address this issue and present Critical Software's answer.

You can enroll here. 

Share this

• Tweet