If you were talking to someone whose organization is considering Digital Guardian, what would you say?
How would you rate it and why? Any other tips or advice?
If you don't have skilled staff, I would not recommend going with Digital Guardian. If you are looking more into deep-dive, postmortem, or forensic analysis, I would recommend it, but you need to have patience to implement the product. You need to bear in mind that support could be very challenging. The implementation, as I said, takes a long time. So if you have skilled staff, they can evaluate and onboard the solution but if you don't know have skilled staff, I would not recommend it. My biggest lesson learned from dealing with this product is that they commit to something but they don't deliver it. That has been my experience. I would rate it at five out of 10. Technically the product is good but the stability is not there.
I would recommend that you start looking at policies that would come out of the privacy office, or the DPO, the Data Privacy Officer. Most companies don't have a DPO, and that's why they really need to start looking at creating data classification guidelines and policies and understanding the impacts to the business on where their data flows and how it flows because this impacts the configuration of the digital guardian solution. I would rate this solution an eight out of ten. It's not perfect, but it gets the job done.
If somebody wants to implement a DLP solution, they need to understand which data they need to protect and how they would want to classify this data. After that, make the choice in which DLP solution you want. I would rate Digital Guardian with a nine out of 10 because there is no solution that will be fully perfect.