When implementing a data loss prevention solution into an IT risk management program, it's important to consider all three states of data, one expert recently told eWeek.
According to Securosis analyst and CEO Rich Mogul, data loss prevention efforts will fail if they are focused on just one of the three states of data. Solutions, he said, should encompass data in motion, data at rest and data in use.
"A sound DLP strategy will consider all three of these against the needs of an organization, whether these are regulatory, operational or cultural," the eWeek report stated.
Focusing on just one state of data will leave a company vulnerable when it comes to the other two. For example, according to eWeek, DLP methods that work well with data moving through the network may not cover threats that are aimed at stealing data when the information is at rest in a database.
The consumerization of enterprise IT is also putting pressure on data loss prevention. According to a recently released IDC whitepaper, companies must balance the benefits of consumer-based technology alongside the risks such devices pose.