Data Loss Prevention Compliments Information Governance
Published:
November 04 2009, 01:53 PM
by
Greg Clark
Over the past year, market and customer requirements around data security and information governance have been converging. By its very nature, data loss prevention (DLP) techniques for applying and enforcing policy for data at rest and in motion compliment and support a myriad of good information governance practices.
For instance, in the email archiving space, we’ve long had policies and analysis capabilities that helped organizations govern information to remain in compliance (regulatory or otherwise). With growing volumes of information flowing in and out of the enterprise the governance problem is compounded. Analyzing data in motion and applying policy for the purposes of auto-categorization can enable better retention practices, smarter archiving methods, more efficient storage practices and better information governance overall.
These same automated capabilities can be leveraged in a couple other critical areas of information governance -- specifically around electronic discovery and records management. For eDiscovery, the review process is clearly time consuming and expensive. Auto-categorization and tagging electronically stored information can improve the quality of review, reduce review time and reduce costs. This automation can also assists in early case assessment which enables decision makers to estimate risks associated with the litigation event faster.
In relation to records management, policies for data at rest or data in motion can enforce corporate records policies and automate the processes for records candidacy, automate records declaration and assist with retention and disposition regardless of whether the content resides on a desktop, a file system or a document repository like SharePoint.
Data loss prevention capabilities for policy enforcement and automation can help improve technical and organizational efficiencies, enable greater compliance and provide methods for more comprehensive information governance.