Home > Information Centricity > No Good Deed Goes Unpunished (Or Why NextGen DLP Is a Step On The Information Centric Ladder…)

No Good Deed Goes Unpunished (Or Why NextGen DLP Is a Step On The Information Centric Ladder…)

Rothman wrote a little ditty today commenting on a blog I scribbled last week titled "The Walls Are Collapsing Around Information Centricity"

Information centricity – Name that tune.

Of course, the Hoff needs to pile on to Rich’s post about information-centric security. He even finds means to pick apart a number of my statements. Now that he is back from down under, maybe he could even show us some examples of how a DLP solution is doing anything like information-centricity. Or maybe I’m just confused by the uber-brain of the Hoff and how he thinks maybe 500 steps ahead of everyone else.

Based on my limited brain capacity, the DLP vendors can profile and maybe even classify the types of data. But that information is neither self-describing, nor is it portable. So once I make it past the DLP gateway, the data is GONE baby GONE.

In my world of information-centricity, we are focused on what the fundamental element of data can do and who can use it. It needs to be enforced anywhere that data can be used. Yes, I mean anywhere. Name that tune, Captain Hoff. I’d love to see something like this in use. I’m not going to be so bold as to say it isn’t happening, but it’s nothing I’ve seen before. Please please, edumacate me.

I’m always pleased when Uncle Mike shows me some blog love, so I’ll respond in kind, if not only to defend my honor.  Each time Mike "compliments" me on how forward-looking I am, it’s usually accompanied by a gnawing sense that his use of "uber-brained" is Georgian for "dumbass schlock." ;)

Yes, you’re confused by my "uber-brain…" {roll eyes here}

I believe Mike missed a couple of key words in my post, specifically that the next generation of solutions would start to deliver the functionality described in both my and Rich’s posts.

What I referred to was that the evolution of the current generation of DLP solutions as well as the incremental re-tooling of DRM/ERM, ADMP, CMP, and data classification at the point of creation and across the wire gets us closer to being able to enforce policy across a greater landscape.

The current generation of technologies/features such as DLP do present useful solutions in certain cases but in their current incarnation are not complete enough to solve all of the problems we need to solve.  I’ve said this many times.  They will, however, evolve, which is what I was describing.

Mike is correct that today data is not self-describing, but that’s a problem that we’ll need standardization to remedy — a common metadata format would be required if cross-solution policy enforcement were to be realized.  Will we ever get there?  It’ll take a market leader to put a stake in the ground to get us started, for sure (wink, wink.)

As both Mogull and I alluded in our posts and our SOURCEBoston presentation, we’re keyed into many companies in stealth mode as well as the roadmaps of many of the companies in this space and the solutions represented by the intersection of technologies and solutions that are becoming CMP are very promising.

That shouldn’t be mistaken for near-term success, but since my job is to look 3-5 years out on the horizon, that’s what I wrote about.  Perhaps Mike mistook my statement about the fact that companies are beginning to circle the wagons on this issue to mean that they are available now.  That’s obviously not the case.

Hope that helps, Mike.


Categories: Information Centricity Tags:
  1. March 19th, 2008 at 16:00 | #1

    That does help to clarify things a bit. I took your post to mean that the solutions were "here today." That's what I objected too.
    And uber-brained really means uber-brained. Though a 600HP engine pointed in the wrong direction does get to the wrong place very quickly. The good news is that your navigator is pretty OK too.

  2. March 19th, 2008 at 17:57 | #2

    Cool. Figured as much. Sometimes what I'm thinking doesn't always surface as such in my writing — gaps in the ol' neuronal/blog synaptic connections. My bad.

  3. March 19th, 2008 at 19:19 | #3

    I think you got the word "schlock" wrong. You would not call someone a dumb ass schlock. Give Mike or I a call and we can clarify for you ;-)

  4. March 19th, 2008 at 19:54 | #4

    Although you've corrected me many a time on my poor/inappropriate use of Yiddish, this time, I'm not using a yiddish word, I'm using a varietal slang from my homeland.
    So whilst I agree schlock in this regard (cheap, trashy, etc) doesn't make sense, it does as I choose to use it because it's not the yiddish derivation.
    I trust you will, however, continue to monitor me for incorrect spellings and usage of Yiddish.
    My life would not be complete without you looking out for me ;)

  1. No trackbacks yet.