I have just read this interesting article, called “Microsoft, RSA Partner to Develop Next-Gen data Loss Prevention”, by Lawrence Walsh:
“The alliance between Microsoft and RSA will move data loss prevention technology into the fabric of the IT infrastructure and improve protection by associating data with identities and classifications. Analysts are already calling the idea a "game changer.””
The main message I got is that we need to move away from bolt-on solutions, towards “built-in DLP approaches”. I tend to agree with this approach, despite being much harder to achieve.
This has some interesting analogies with privacy and the way privacy management is currently carried out, at least with most of current privacy-enhancing technology (PET) approaches. I believe that we need to move toward built-in approaches too, that require deep understanding of the interconnections with the relevant “IT infrastructure fabric”, related business processes (and needs), along with involved risks and their potential impact.
So, I believe this is something to consider very carefully, for example, in the context of the “Consent and Revocation Management” R&D area, within the TSB EnCoRe project.
--- NOTE: my original HP blog can be found here ---
No comments:
Post a Comment