"DLP" the term has been getting a lot of attention, especially with the continuing coverage of data loss events.  And as the term is tossed around in hallway discussions, it is important to keep a clear understanding of what DLP is, particularly as you evaluate solutions and write RFPs for technologies to help protect your environment from data loss and misuse.

CSOonline.com recently did a series offering an in-depth look at DLP.  A podcast with CSO Senior Editor Bill Brenner and Rich Mogull, analyst and CEO for Securosis, gives one of the most accurate views of the DLP market and one analyst's take on what DLP is and is not.  The podcast can be found here.

Below, I discuss five capabilities that either reinforce or supplement what CSO has outlined in an effort to help to clarify what DLP is not. 

• A solution that controls access to data by locking down a platform, available tools, or other means is not DLP. This describes an Access Control solution. Combining Access Control with DLP can be a very powerful approach to securing the enterprise.
• A solution that only blocks access to websites or filters inbound emails is not DLP. DLP enables a firm to prevent data loss (just like its name suggests!). Data Loss Prevention solutions aren't necessarily concerned with what website a user accesses, or what emails are coming from certain domains (although DLP can often perform those tasks). DLP is interested in what a user is doing with information and data on a website and in an email.
• Strictly speaking, encryption solutions are not DLP. Encryption provides important security safeguards to an enterprise. However, a user can still use an encrypted thumb drive to move sensitive data out of the enterprise. In this example, the user can remove data from the enterprise in a form that only they can use - which could suit their corrupt purposes just fine! Encryption is another category that is complementary to DLP, but is not DLP.
• Solutions that monitor and report on data use violations are DLP - minus the "Prevention"! A "Data Use Monitoring" solution stops well short of where a Data Loss Prevention solution intervenes with end-users to stop sensitive data from being leaked.
• Solutions that discover and classify data - without controlling it - are not DLP. Finding and inventorying your data is important. However, DLP takes the next step and uses the analysis to control the files. And, during the file scanning effort itself, DLP can move or replace a file to protect it.

Are you struggling with what DLP is and is not?