Digital Guardian asked a bunch of security experts (including me) for their predictions on where the Data Loss Prevention (DLP) market was going in 2016 and beyond. They collected 21 responses in a report on their blog. It’s an interesting read. A lot of us pointed to cloud, BYOD, and IoT as trends that would require change in how the market approaches the DLP problem. As I put it:
Cloud services for bread and butter functions like email and calendar are getting increased traction, a lot of it driven by Microsoft Office 365 as a replacement for on-premises Exchange servers. … [as] companies leverage the other services that come with Office 365, including SharePoint, OneDrive (cloud storage), Yammer (social media and microblogging), and other services. All of these move enterprise data and disclosure risk out of the enterprise.
In addition, despite policies to the contrary, enterprise users put data into cloud storage services. While Box, Dropbox, Microsoft, and Google all have enterprise offerings that allow companies to set up sanctioned file sharing services, users still persist in storing data in unapproved repositories.
There are a number of approaches out there, either for trying to secure data in cloud services, or baking DLP into enterprise applications such as Microsoft Office.
Clearly there’s going to be a market transformation and shakeout as we move towards DLP 2.0.