DLP is one of those categories of software that didn't even really exist a decade ago. In today's world, it has become a very important software category for many companies, especially any company that has IP or PII that they don't want to be leaked. We use Digital Guardian on all of our Virtual Desktops, as well as all of our laptops and desktops. This helps make sure that users are not able to exfiltrate sensitive data from the company, for any number of reasons.
- Email data leaks - DLP software must prevent certain actions to work well. Let's say you try to copy and paste an SS # to an email, or upload sensitive data to your personal email account. Guardian Edge can prevent that, and then alert administrators that it happened
- Unauthorized file copies - Guardian Edge can also prevent users from copying files from a sensitive restricted area to somewhere else where they might be able to more easily exfiltrate it. A good example would be from a company file share to a less secure server or their own home drive
- Alerting Administrators of suspicious activities - Any time a user uploads a file to an upload service or personal email, it is logged and reported as an event to be reviewed. If it found nothing in scanning the data, it will still notify you that it happened so you can review it yourself to confirm it wasn't a false negative.
- Program Conflicts - DLP software can often cause undesirable effects in programs, and Digital Guardian is no exception here. We had substantial issues with it locking up Microsoft Outlook and Microsoft Excel.
- Excessive false positives - If you don't tune the software properly, you may end up reviewing a lot of non-critical items, and that can lead to lots of extra admin time for fairly benign occurrences.
- Frequent program updates - Digital Guardian issues hotfixes and patches for their software frequently, and often times those updates will fix one problem, but cause another problem
- Reverting to older versions - We frequently had to revert to older versions after testing a fix for an issue, because the new fix would break something else. This became very frustrating to end users, administrators, and management.
When Digital Guardian works well, it really is fairly seamless. You may notice a tiny bit of additional lag on some programs, but for the most part, when it functions properly, it's fairly unobtrusive. Therein lies the rub...when it functions properly. We had frequent program conflicts with Digital Guardian. We had one issue that caused Digital Guardian to completely cripple Microsoft Outlook, and similarly cripple Microsoft Excel. It took Digital Guardian weeks to even release any kind of fix for the issue, and the first several fixes did not, in fact, resolve the issue. We ended up having to completely remove it from our environment and are still waiting for a confirmed more stable version, as it simply caused far too much disruption to our user base, and also consumed an extremely large amount of time from our admins dealing with user issues related to these problems.