What is our primary use case?
Mainly, I'm in charge of pre-sales, so we are currently doing a POC. The solution is primarily used for data loss prevention.
We will use if for our customers in manufacturing that are in rather high tech sectors. They want to prevent their internal employees from taking their IP, their intellectual property, to their competitors.
How has it helped my organization?
There are a lot of stories of IP being stolen in the manufacturing industry, so organizations, like the one we are working closely with, are quite concerned. I am responsible for many high tech customers in the manufacturing industry and I use Digital Guardian to prevent their employees, especially the RD team, stealing items. It's typically easy to do so, due to the fact that the IP in many IT teams is right on their desktop (more so than their notebook). They try to steal the IP in many ways, including via USB or email, or through their own BYOD devices. When I'm doing the POC, I try to figure out all the ways they can steal in the existing environment, especially on their laptop. Doing so will protect a company's most valuable asset - its IP.
What is most valuable?
The feature we call desktop recording is the most valuable aspect of the solution. Not only can we collect data from the user's usage, but we also capture his screenshots when he is trying to steal the data.
We can go back seconds to minutes before the action happened using a buffer technology. When the user is trying to steal the data, we can go back to maybe one minute before and do this action. We can collect the visual evidence so we not only have the log that we collected, we only have the action that he is doing on his desktop. The evidence can help our customers when they try to go to the court to pursue their ex-employee for this kind of action.
What needs improvement?
We're a distributor of the solution. I personally handle pre-sales.
Some web upload actions need to be improved due to the fact that DG is a very strong technology on the endpoint. For the network DLP site, Digital Guardian also has a solution, however, this was acquired by Digital Guardian from another company. Therefore, it's not integrated with its endpoint DLP solution closely. We've just started using it, however, we have noticed it's not integrated very closely. If Digital Guardian can improve this network DLP site, it would be perfect for both the endpoint and also the gateway site.
Some features on Mac and Linux are not complete currently. For example, some device control features haven't been transferred over to the other systems. If they could have their Windows features also available on Mac and Linux, that would be perfect. Some of our customers have a Mac environment for their RD environment. Having the solution fully capable of handling everything in a Mac environment is crucial.
For how long have I used the solution?
We've been using the solution for about three months.
What do I think about the stability of the solution?
The solution is quite stable on the endpoint side. It's much more stable than competitors such as Forcepoint and Symantec. Users will find it reliable.
What do I think about the scalability of the solution?
The solution is scalable. I know that, for Symantec, you have so many different kinds of roles of modules for different kinds of technology all over. However, in DG, they are always in one server. This includes the DB and the management server for the endpoint in one box.
We can set up the endpoint manager into the DMZ or the branch office, for managing the branch office's endpoints. It's definitely scalable, and, for this kind of setup, it impacts the customer's cost due to the fact that we only count the user's endpoints and not the management servers.
How are customer service and technical support?
From my experience, the solution's technical support is good. I can open a ticket directly with the partner or through the email directly to their technical support. On average, they will respond in one week. I can then go through everything with their technical support team to have a further investigation done on the case. It's good. We're satisfied with the level of support.
How was the initial setup?
When I was in Symantec, I also handling Symantec's DLP solution. Compared to the Symantec DLP, for the policy, for the rule, DG is a little bit complex due to the fact that you have many kinds of use cases.
Therefore, DG is a bit more complex. It's even more complex than Forcepoint. That said, it has very comprehensive coverage and control.
What's my experience with pricing, setup cost, and licensing?
For the price in the market, it is a little bit higher than Symantec and Forcepoint. However, I believe, especially in the manufacturing industry, it is the only solution that makes sense for them. If an organization really wants to do the data loss prevention, there's no other choice.
What other advice do I have?
Overall, for the endpoint DLP and especially for the manufacturing industry, I would rate the solution nine out of ten.
Which deployment model are you using for this solution?