[Gartner] Magic Quadrant for Enterprise Data Loss Prevention (February 2017)

Security and risk management leaders purchase on-premises enterprise DLP to solve for either organizationwide regulatory compliance or to better protect specific types of intellectual property, while monitoring emerging cloud DLP capabilities.Research image courtesy of Gartner, Inc.

Strategic Planning Assumptions

 By 2022, 60% of organizations will involve line-of-business owners when crafting their data loss prevention (DLP) strategy, up from 15% today.

By 2020, 85% of organizations will implement at least one form of integrated DLP, up from 50% today.

By 2022, a majority of DLP market revenue will be driven by integrated DLP products, as opposed to enterprise DLP systems.

Market Definition/Description

 Gartner defines the DLP market as those technologies that, as a core function, provide remediation for data loss based on both content inspection and contextual analysis of data:
  • At rest on-premises, or in cloud applications and cloud storage
  • In motion over the network
  • In use on a managed endpoint device.

DLP products can execute responses — ranging from simple notification to active blocking — based on policy and rules defined to address the risk of inadvertent or accidental leaks, or exposure of sensitive data outside authorized channels.

DLP technologies can be divided into two separate categories:

  • Enterprise DLP products incorporate sophisticated detection techniques to help organizations address their most critical data protection requirements. Products are packaged in agent software for desktops and servers, physical and virtual appliances for monitoring networks and agents, or soft appliances for data discovery. Leading characteristics of enterprise DLP products include a centralized management console, support for advanced policy definition, event management workflow and reporting. Enterprise DLP functions as a comprehensive system to discover sensitive data within an organization and mitigate the risk of its loss at the endpoints, in storage and over the network.
  • Integrated DLP products offer a limited DLP feature set that is integrated within other security products including, but not limited to, secure web gateways (SWGs), secure email gateways (SEGs), enterprise network firewalls (ENFW), intrusion detection and prevention systems (IDPSs),email encryption products, enterprise content management (ECM) platforms, data classification tools, data discovery tools and cloud access security brokers (CASBs). Integrated DLP usually focuses on a narrow set of regulatory compliance and basic intellectual property use cases where the data targeted for protection is easily identifiable and the policy for remediation is straightforward.

Integrated DLP will not be the primary focus of this Magic Quadrant; however, some products are specifically identified to highlight the differences between enterprise and integrated DLP approaches.

[to continue, click HERE]

Leave a Reply