What's been happening at InfoWatch?
InfoWatch is actually a group of companies now, which works in the security field. We provide different solutions for enterprise security. Our main focus is on data leakage prevention (DLP) with our product, InfoWatch Traffic Monitor. This solution was created in 2001. At that point InfoWatch didn't even exist and the product was initiated by Kaspesrky Labs. InfoWatch was then created based on the idea that we would protect the information that leaks out of the enterprise.
Since then, we've added a few solutions to this main product and in 2011 we acquired German company Pegasus Software - they specialise in end-point security.
What do you think should be the main considerations for companies when it comes to DLP?
DLP is actually a very complex class of product because it's not a software as such. When we talk about DLP we are not talking about a solution. We're talking about something that companies should analyse deeply. What does a company want to achieve? What does it want to protect? And what kind of rules will it apply? When I hear a company say that it has implemented DLP because it has bought a certain product, it sounds very strange to me. In my opinion, there is a need to undertake a huge amount of preparation work before we even begin to talk about any DLP implementation. Preparation can involve discussing how this information will be treated - will it cease to be confidential after three months, for example. We need to decide exactly who will be allowed access to this information. Will we block information or simply monitor it then investigate any incidents?
At InfoWatch we have created a process for DLP, which consists of three steps. First, we have the preparation stage, called pre-DLP. Our consultants talk to the clients, analysing the customer needs and deciding what needs to be done. The second stage is the easiest stage - the implementation of the software. The third stage is where we identify any violations, eliminate the incidents and bring those responsible to justice. For this, we must collect the relevant information that can help us investigate the incident thoroughly and prepare evidence to put before the courts.
Only when the preparation has been completed thoroughly can you expect a DLP implementation to work well.