(Ghostwritten for Roman Foeckl)
Business leaders interested in professional IT solutions for enterprises will likely turn to the technological research and consulting company Gartner, Inc. and their famous Magic Quadrant reports before making any purchases. For many industries and specializations, the Magic Quadrant is one of the primary tools used for the initial evaluation of the market offering that lets the potential buyer become more aware of what’s available and have an independent view of available products as well as a comparison of their functionality.
This was also the case for many years for the data loss prevention (DLP) market. However, those interested in enterprise DLP may be surprised that typing “Gartner Magic Quadrant Enterprise DLP” gives them a report from 2017 and nothing newer. What happened? Where did the Enterprise DLP Magic Quadrant go?
In 2018, Gartner abandoned the Magic Quadrant for Enterprise DLP and decided to continue with Gartner Market Guide instead. This decision was made on the basis of the evaluation of the market development in preceding years – Gartner believed that it’s now too mature and stable to warrant yet another Magic Quadrant.
Gartner Magic Quadrant vs. Gartner Market Guide
The Gartner Magic Quadrant and Gartner Market Guide are different approaches to evaluating a specific market. The Magic Quadrant is meant for dynamically developing markets that already have some stability. Its primary focus is a competitive comparison, and it makes sense only if there are shifts among market players or new players entering the market. If the positions are not likely to shift and the same names occupy the same quadrants year after year, the only competitive comparison would be a simple repetition of what was said the year before.
The Market Guide focuses less on the products and more on the market as a whole. Instead of comparing and helping you choose the best product based on its features, the Market Guide analyzes the direction of the market and suggests the best approaches and best ways to benefit from any product chosen from that particular market. This is more fitting for markets that are too young and volatile, where players have not yet established themselves and shift multiple times during a year, as well as to markets that are stale, with the same players seen for several years in a row.
Enterprise DLP vs. Integrated DLP
Gartner also believed that the situation in the DLP market became stale and warranted a change of methodology because of a general shift from traditional enterprise data loss prevention solutions towards integrated DLP. According to the analysts, most market leaders in this segment offer enterprise DLP solutions that are simply too vast, too complex to deploy and manage, too expensive, and apt to produce too many false positives. This leads to customers shifting away from such products and looking in the direction of integrated DLP.
Integrated DLP is a term used to describe solutions or service providers where DLP capabilities are simply a subset of other security-related functionality. Integrated DLP tools, not dedicated data security tools. For example, an email security gateway product may have DLP functionality for email transmission only. As such, it would be able to provide automation for content-aware data classification and content inspection in real-time, as well as prevent loss of PII, intellectual property, and other sensitive data through email. On the other hand, it would do absolutely nothing to prevent data exfiltration through portable media or data movement via instant messaging.
The shortcomings of integrated DLP are not just limited to the medium through which the data flows. For example, a cloud access security broker (CASB) product with integrated DLP may prevent data breaches due to SaaS cloud service misconfigurations and some other typical cloud security issues leading to potential data loss but might be unable to help prevent intentional user activity (insider threats) or sensitive information loss due to phishing. Therefore, even if you have integrated DLP for every single communication channel, it does not mean that you can expect full data security coverage for your business.
Why Do Some Businesses Turn Towards Integrated DLP?
The primary reason why integrated DLP is a choice for many businesses, even large enterprises, is the fact that a lot of them purchase security solutions for one primary reason – to meet compliance requirements. Their first priority is not to fully secure their systems but to be able to conduct business according to the laws and regulations in place in specific regions or industries, such as GDPR or HIPAA.
Integrated DLP makes sense for their use cases because it offers the minimum DLP security services to meet compliance requirements and doesn’t bring in any extra costs. There is no need to purchase additional products, no time-consuming configuration, and integration, and the checkboxes are ticked during an audit.
On the other hand, businesses that are security-focused and seek a DLP solution not just to meet compliance but to actually implement data security, data protection, and risk management, soon realize that integrated DLP may be a good start, but on its own, it’s not a sensible long-term solution for a comprehensive zero-trust security policy. That’s when they start looking back at the enterprise DLP solutions available to complement their existing integrated DLP.
At the same time, such businesses are often not willing to invest large amounts into a monolith, overly-complex traditional DLP solutions built for enterprises by the biggest market players. Instead, they choose to supplement their integrated DLP with more specialized, slicker, less expensive, and much easier-to-configure specialized enterprise solutions such as the Endpoint Protector.
The Way Forward to Benefit from Gartner Analysis for the DLP Market
If you’re looking for Gartner support in making a DLP technology purchase, first have a look at the latest Magic Quadrant from 2017 to have a preliminary list of DLP vendors. You can expect that in the last few years, those in the growing quadrants, such as CoSoSys, have continued to develop and come up with next-generation initiatives such as the use of machine learning or user and entity behavior analytics (UEBA). On the other hand, you could expect that products from representative vendors in the top-right quadrant, such as Symantec, stayed pretty much the same way that Gartner described them back in 2017 – complex monoliths.
You could also have a look at the Gartner Market Guide to find general recommendations as to the market, the applicability of enterprise DLP tools, and the current situation in regard to enterprise DLP vs integrated DLP. In addition to Gartner, you will find other market analysis leaders, such as ESG providing valuable information and various resources, including reports and webinars, to make the right choice for your business.
Whichever sources you choose for your initial analysis, further down the line, we welcome you to book a demo of Endpoint Protector so that we can show you how our solution fits in your particular use case and how it will work together with other security solutions in your comprehensive cybersecurity strategy.