Earlier this week, SecurityWeek reported on an initiative from Verdasys to push the term "DLP 3.0" it their launch of Digital Guardian 6.1. On Wednesday, the company pushed that initiative further, by announcing the release of data governance policy packs, with the promise of more in the future.
“Traditional DLP, which focused on compliance, has been eclipsed as a business problem by the ever-growing threat vectors of insider and cyber-threat (outsider threat). With DLP 3.0, a single integrated platform combats these data security threats and enables companies to build a sustainable risk-based data protection program,” a spokesperson from the Waltham, Massachusetts-based information security solutions firm told SecurityWeek earlier this week.
“It will be up to editors, analysts, and ultimately customers to determine whether DLP 3.0 takes off as an accepted product classification,” the spokesperson added.
Verdasys’ policy packs are pre-packaged sets of rules, policies, and reports that can be customized based on each customer’s requirements. In keeping with the DLP focus, the packs contain keywords and regex dictionaries structured content (Social Security Numbers, Credit Card Numbers), and regulatory terms.
They also have risk-based options including prompts for policy justifications, blocks, and deterrence; granular reporting on a range of services, covering online and offline events; workflows that cover best practices, and forensics workflows with evidentiary-sound data collection, case management, and chain of custody re-creation.
“Wherever I go across industries, I see security programs that struggle with operational control and reporting requirements that do not recognize the new and evolving threats or take a risk based approach to preventing it," said Craig Shumard, Principal at Shumard and Associates, LLC, a strategic security consulting company. "As a complete set of data protection best practices that are based on successful programs and specialized by industry or threat, DG Policy Packs will jump-start an enterprise information protection project greatly reducing the threat of data loss.”
Currently, the governance packs cover ITAR / Export Control (Aerospace / Defense), manufacturing, financial services (PCI), healthcare (HIPAA) and malware detection and defense.
Digital Guardian 6.1 is expected to ship on November 30.
Verdasys said that it would also add support for Linux RedHat 6, Ubuntu 12.04 and Suse 11 soon after the initial release, and a version for Mac OS X by the end of 2012.