If you were talking to someone whose organization is considering Forcepoint Data Loss Prevention, what would you say?
How would you rate it and why? Any other tips or advice?
With the Forcepoint DLP suite, you are assured of DLP on the network and on the Endpoint of the corporate network.
You can run a discovery scan on the network (servers) as well as on all endpoint devices with the endpoint agent installed. Remediations can also be done from the result of your discovery scan.
Aside from predefined policies which are quite granular, custom policies allow different classifiers ranging from Regular Expressions for unstructured data to Dictionary, key phrases, and structured data (File type)
Inbuilt tagging technology with Forcepoint (called Fingerprinting) enables rules to be applied to file servers, repositories, and shared folders. This is accurate!
With the Forcepoint DLP Cloud Apps, you can extend your DLP policies/rules from on-prem to the cloud with a single click and manage from a single point.
We were on Office 365 on the cloud. It wasn't enough. Since then, we've described our policy to Apple Mail and have elaborated out information classification. Afterward, we invited the business and the strategic entity to workshops to classify the data effectively and try the solution after implementing the DLP. We use a hybrid deployment model and acquired the solution with the hybrid functionality to help protect our sensitive data in the inter-managed hybrid space. The solution has been good, and it has responded to our needs. As a group, we were afraid of the safety around our sensitive data which was exchanged in our mail. We had an obligation to protect the data classified as confidential or restricted. The solution, since implementation, has helped us to protect our data and mitigate risk effectively. ForcePoint also offers a bundle that includes modules that cover URL filtering and app data for other DLPs. It's very good. Based on my experience, I advise any other organizations to test, try, and to be convinced by the solution before fully implementing it. Users will need to define exactly what it is they need from it and what their exact needs are to effectively deploy it. I think every user will appreciate that solution. We've experienced a lot of cyberattacks, so the DLP is necessary for us and would be beneficial to any company that has critical activities or has staff that exchanges sensitive data. I'd rate the solution nine out of ten.
Advice that I would give to someone looking into implementing Forcepoint DLP is to take care and compare it to other solutions. Other solutions may have a more established reputation because Forcepoint is a new name on the market. But I would recommend taking a look at all the technical features and the pricing as part of their consideration before making a decision. On a scale from one to ten where one is the worst and ten is the best, I would rate Forcepoint DLP as a nine-out-of-ten. The thing that would make it a ten for me would be for the company to improve the technical implementation. It should be better organized.
My advice would be to use these same components. I would rate this solution an eight out of ten.
It is better to use this solution first, before using others. Overall it's a nice product. I would rate this solution a nine out of ten.
I'm a Forcepoint reseller. I typically handle the on-premises deployment model, but I do have a client who is currently moving to the cloud. I would rate the solution nine out of ten.
My advice would be to make sure that you do a BOT at the beginning before you take any DLP decision, do a BOT. If you're going with Forcepoint, ensure that you have the prices locked down properly, and the user licenses clearly defined. Then finally, ensure that you sign the right support, you get the right support contract, or support flavor with them. Then you do your sizing properly, especially if you are using Office 365, because Office 365, the mini-environment, has huge performance issues around solutions. So be sure to do your sizing properly. I rate this solution a seven out of ten. I am really impressed by the interface and management console but the requirements are very high and the response time is too slow.
If I were to give some advice, I would say don't try to do it all at once, it won't work. Know that you're going to go. It's different from building line-of-business solutions. Whereas from a line-of-business solution you work from the outside in, with security programs you work from the inside out. You have to get your data governance in place, as well as information security governance. You need to assign who will be responsible. Decide who to send information to if something does happen. All that has to happen before you begin trying to bring in a system. You have to know your organization well enough to be able to configure a product to make effective use of it. Don't do it unless you have the guts to do it. I would rate this solution as eight out of ten. There are better solutions, but this was better when it came out. When it did come out, this was the best solution we could find. At the same time, I don't know if I would rate anything else higher than that now, either. Every security tool that we have seen has pluses and minuses, advantages and disadvantages. Another reason we didn't go with the IQ or any management type of component is the deconstruction and the reconstruction of existing security roles. The biggest problem information security has today is the decoupling and deconstruction of active directory designated accounts which for all practical purposes were based on functionality. One role can have multiple pieces of functionality associated with it, so going to a role-based type of solution muddies the waters. The vernacular needs to change to be more adaptable if they're gonna put out the configuration types of solutions.
I suggest that before implementing this solution, people should decide which servers they want to keep at which location. This is a good strategy because after implementation and deployment, changing the server position creates problems. Proper homework is necessary before the full deployment. This is one of the best solutions in the world but without support for our local language, Bangla, I cannot rate it ten out of ten. Overall, I would rate this solution a nine out of ten.
Go for it. I would recommend this solution.
The first advice is that you should know what data you need to protect then you can implement everything. If you know what you need it'll be a lot easier. You also need good hardware and resources in the computer hardware to be able to implement. I would rate it an eight out of ten. An eight because you need to have a lot of security experience to properly implement it, in order to know what you need to activate. It's not a plug and play solution.