DLP: Data In Motion vs. Data At Rest (DIM vs. DAR)

Posted on November 13, 2010 by Wedge Co-founder, CEO & CTO
No Gravatar

The Debate column (P15) of the November, 2010 Issue of SC Magazine covers a very interesting topic– For or Against:  “DLP for data in motion is more effective than DLP that secures data at rest”. Two top executives, each from a security solution provider, are invited to comment “For” or “Against” this statement.

Joe Leonard from Global Velocity is “For” this statement. He convincingly argues that “ultimately, a solid, well planned ‘data in motion’ approach can gain 80 percent of the bang for 20 percent of the buck, while providing additional operational benefits.” In other words, he thinks Data In Motion (DIM) is a better approach than Data At Rest (DAR) for DLP.

Todd Feinman from Identity Finder is “Against” this statement. His key argument is that “Data-at-rest DLP searches files and emails with deeper analysis to determine the context of sensitive information, while eliminating false positives”.  In other words, he believes Data At Rest (DAR) is a better approach than Data In Motion (DIM) for DLP.

Both have good arguments. However, adding 1+1, it is very obvious that Mr. Feinman provides a good specification to the underspecified term “solid” in Mr. Leonard’s statement, defining a “solid” DIM approach as one that can perform deeper analysis with no false positives.

Why do experts, such as Mr. Feinman, not believe that DIM can do deeper analysis with no false positive? The answer is rooted in the conventional technologies used for the data in motion approach. These technologies scan packet streams and look for offending patterns. The problem is that most sensitive information can only be comprehended at the content level, not at the packet level. Scanning packets cannot detect information that span many packets and, very often, that are packed in an archive. It is analogous to inspecting atoms and molecules to detect if an object is a tiger or a rabbit. To implement the requirement of deeper-analysis-with-no-false-positive, the industry needs Deep Content Inspection for Data In Motion, i.e. DCI For DIM.

About Wedge Co-founder, CEO & CTO

Hongwen Zhang, Co-founder, Chief Executive Officer & Chief Technical Officer Co-founder of Wedge Networks, Inc., Dr. Zhang previously co-founded the 24C Group Inc., which pioneered the first digital receipts infrastructure for secure electronic commerce, and was a principal of Servidium Inc., a global leader in agile development methodology. He holds a Ph.D. in Computer Science and a M.Sc. in Computer Engineering. Throughout his 25+ years career and leadership in the enterprise software industry, Dr. Zhang has been instrumental in launching several commercially successful cyber security and safety products into the global market. This has resulted in successful customer adoptions; from his involvement in the Digital Receipt Infrastructure (with the 24C Group, and later AxWay), through his work with companies such as Valmet/Telvent (now Schneider), and Servidium (acquired by Thought Works Inc.). Dr. Zhang served as the Chair of the Metro Ethernet Forum’s (MEF) Security-as-a-Service working group, which defined the practices of Managed Security Service Providers (MSSPs) for many of the largest telecom service providers in the world. He is a well-respected speaker and writer in the areas of security and cloud computing. As a co-founder of Wedge Networks, Dr. Zhang has led the design, implementation, and launch of the firm’s patented, award-winning Deep Content Inspection and Security Services Orchestration platform.
This entry was posted in Industry News, Latest Security News. Bookmark the permalink.

7 Responses to DLP: Data In Motion vs. Data At Rest (DIM vs. DAR)

  1. India GoeringNo Gravatar says:
    November 28, 2010 at 3:32 AM

    i must say your blog deserves the high ranking it has got on google.nice post.the perfect writing approach on this topic.

    Reply
  2. Greg D. AmmerNo Gravatar says:
    November 30, 2010 at 10:50 AM

    Hey thanks for the info.

    Reply
  3. C. ArinioNo Gravatar says:
    December 27, 2010 at 5:48 AM

    I mistyped this website and luckily I found it again. presently am at my university I added this to favorites so that I can re-read it later regards

    Reply
  4. Kimberley MagnusNo Gravatar says:
    December 30, 2010 at 12:10 AM

    You made some good points there. I did a search on the topic and found most people will agree with
    your blog.

    Reply
  5. Diego HurdleNo Gravatar says:
    December 30, 2010 at 6:39 AM

    Hello. Great job. I did not expect this on a Wednesday. This is a great story. Thanks!

    Reply
  6. OT OppoveinoffNo Gravatar says:
    January 10, 2011 at 9:11 PM

    Great site. A lot of useful information here. I’m sending it to some friends!

    Reply
  7. BochenskiNo Gravatar says:
    January 24, 2011 at 12:21 AM

    It’s onerous to seek out educated people on this topic, however you sound like you already know what you’re speaking about! Thanks

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

Before you submit form:
Human test by Not Captcha