[Update, November 9, 2010: For more on this topic, read Gartner's 2010 Content-Aware Data Loss Prevention FAQs report, compliments of Proofpoint.]
NetworkWorld's Ellen Messmer has a really interesting article posted yesterday at NetworkWorld, reporting from Gartner's Security & Risk Management Summit (where Proofpoint is exhibiting, booth #27, BTW). In "Too many data-loss prevention tools become sheflware, says analyst", Messmer relates highlights of a presentation by Gartner DLP, security and encryption analyst Eric Ouellet, in which he talks about the challenges that many organizations face when deploying enterprise DLP solutions.
Of particular note, Ouellet discusses how many DLP deployments go awry because there's not enough involvement from business units who actually own responsibility for setting up and enforcing policies. "Organizations underestimate the need for the involvement of non-IT business units," Oullet says.
The whole article is worth a read and it provides an interesting "proof point" for something that we've been noting for quite a while... That multi-channel, enterprise DLP deployments (that involve the deployment of endpoint, network and discovery tools) are often more difficult and costly for organizations than they can really manage.
As an alternative, Proofpoint has long argued for a more pragmatic approach to DLP whereby the biggest risk vectors are addressed first (and, as I've noted many times, email continues one of the most significant channels for data loss - and one of the least controlled).
Rather than belabor that point here, I'd refer interested readers to this replay of an April 2010 web seminar featuring Proofpoint's Ken Liao, where Ken talks presents on precisely this topic:
Register for Brighttalk webinar replay: A Pragmatic Approach to Compliance with Policy-Based Encryption
Back to the NetworkWorld article, analyst Eric Ouellet is also quoted on the issue of "enterprise DLP" versus "channel DLP" (that is, addressing the DLP concerns in a specific protocol/channel, such as email):
... the market has evolved over the last year to include a second track for DLP that Gartner is calling "Single Channel DLP," which often focuses on the sole task of monitoring e-mail and attachments and ensuring e-mail encryption is properly used. "It provides you with enough to get you by," he said. Costs in this "Single Channel DLP" area can be in the $5 range for e-mail monitoring per employee.
The distinction between enterprise and channel DLP is discussed briefly in Gartner's 2010 Magic Quadrant for Secure E-mail Gateways, which also gives some detail on the DLP capabilities of each vendor in the email security market, including Proofpoint. You can view a copy of that magic quadrant, compliments of Proofpoint, by visiting: