Lock or Block? DRM vs. DLP
added: 01.12.2015, by Hiro Kataoka
Data Loss Prevention (DLP) solutions monitor transmissions that can potentially result in a data breach or data exfiltration and prevent them by detecting and blocking sensitive data. The fundamental concept behind DLP is to block sensitive data from ever leaving the building. While this is a viable concept from a data security perspective, it imposes restrictions on the workflows of organizations that can have negative impacts on productivity, customer and vendor relations, and competitiveness.
For example, many organizations have legitimate needs to share confidential or sensitive information with both insiders and outsiders. Since the main function of DLP is to block sensitive data, this creates complications for legitimate sensitive data exchange. Furthermore, DLP solutions must be able to scan and detect sensitive data, imposing limitations on the data formats which organizations can use to process information.
While this approach based on blocking and limiting may be effective in stopping data breaches, it comes at the cost of productivity. Digital Rights Management (DRM) tools started out as a mechanism to prevent piracy of digital content such as music, movies, and e-books. More recently, DRM has evolved to become a technology that controls authorized access to data. The type of access and control usually includes who can access the data, when and for how long data can be accessed, and how the data can be used (edited, saved, or printed). Access can also be revoked remotely at the discretion of the owner of the information.
At HoGo, we have employed DRM technology to enable secure sharing of sensitive data. Unlike DLP which blocks data exchange in order to maintain security, the use of DRM enables the legitimate sharing of sensitive information both inside and outside organizations. Sensitive data is kept secure by controlling the access to that data regardless of where that data may reside. In this way, organizations can effectively use the data in the most efficient and productive manner while preventing data breaches and leaks. By maintaining control over the data even after it has the building, security and integrity is maintained with no loss to workflow productivity.
DLP solutions are well-suited for certain situations. However, for many uses of sensitive information, just blocking access does not cut it. Applying DRM to secure the exchange of sensitive information is a new—and better—way to enable workflow, while meeting the security needs of our ever-connected world.