DRM versus DLP

Legitimately sharing filesEnterprise Digital Rights Management (DRM) and Data Loss Prevention (DLP) are typically thought of as separate technologies that could replace each other.  DRM encrypts files and controls access privileges dynamically as a file is in use.  DLP detects patterns and can restrict movement of information that meets certain criteria.  Rather than being competitive, the reality is that many organizations can use them as complementary solutions.

DLP’s ability to scan, detect data patterns, and enforce appropriate actions using contextual awareness reduces the risk of losing sensitive data.  A drawback of DLP is that it does not provide any protection in case users have to send confidential information legitimately to a business partner or customer.  DLP cannot protect information once it is outside the organization’s perimeter.

DLP is very good at monitoring the flow of data throughout an organization and applying predefined policies at endpoint devices or the network.  The policies can log activities, send warnings to end users and administrators, quarantine data or block it altogether.  This addresses data at rest and in motion and can help contain sensitive information.

The challenge is that most businesses need to share sensitive data with outside people.  Considering most data leaks originate from trusted insiders who have or had access to sensitive documents, organizations must complement and empower the existing security infrastructure with a data-centric security solution that protects data in use persistently.  That is where DRM comes in.

DRM ensures that only intended recipients can view sensitive files regardless of their location.  This assures protection of data beyond controlled boundaries, so that an organization is always in control of its information.  DRM policy stays with the document even if it is renamed or saved to another format, like a PDF.  This provides a more complete solution to limit the possibility of a data breach.

By integrating DLP and DRM, organizations can:

• Allow DLP to scan DRM-protected documents, and apply DLP policies

• Enforce DLP policy engines to encrypt or reclassify a file to create a DRM-protected document

• Secure data persistently and reduce the risk of losing it from both insiders and outsiders

DLP alone cannot control data in use by authorized internal or external users.  Adding DRM ensures that vulnerabilities are minimized and that an organization can immediately deny access to any file regardless of its location.

Comments 1

  1. Hi Ron,

    It is the interesting topic. I am working for a client which already implemented the DLP. But, as rules and policy are not set properly, bosses consider it as overhead on budget. Therefore, we are deciding on alternative plan. At this article, u highlighted implementing DRM beside DLP is such a complementary solution. What about replacing DLP with DRM and enforce all documents (or confidential documents) to be encrypted.

    Appreciated to have your idea
    Regards
    Maryam

Leave a Reply

Your email address will not be published. Required fields are marked *