Check Point CEO claims that DLP solutions are not satisfactory and reflects on a year since the launch of software blades
This week I was fortunate to get some time with Gil Shwed, chairman, founder and chief executive officer at Check Point. Although he was not able to attend his company's annual European conference due to an injury, he was able to talk about the new blades for data loss prevention (DLP) and unified event management.
During my interview with Shwed, the subject of how Check Point entered into the DLP area came up. With its background in the firewall market, and the introduction of the software blade infrastructure last year, this seemed like a logical step for Check Point.
He commented that the development came about because of a lack of satisfaction with existing solutions. He said: “I hope our solution is going to change the DLP landscape, with all of the solutions today from vendors I have a lot of respect for, all of the solutions are very complicated, very expensive, usually do not work in present mode, just in detect mode, so give you a lot of reports but do not actually block things.”
Now a CEO claiming that their new technology is better than other available solutions is hardly breaking news, but with data loss such a notable topic at the moment, with the Information Commissioner introducing fines last week for data loss, and recent research by DeviceLock revealing that a third of companies are failing to deploy DLP, perhaps Shwed feels that there is a need for other vendors to step up to the mark.
I asked him if he felt that solutions from other vendors were not working properly? He said: “I think most solutions do not actually block the URLs, they can do that but customers are not using it that way as there is a lot of false positives that do not go through, and it is not very acceptable, and it is easy to understand why.”
He pointed at the embargoed press release about the new technologies, and said that when it was sent on the day previous to its release it was confidential and the DLP should have stopped it.
“Today we send it and it is public information. So how are we to know it?”. He also claimed that the new technology ‘multi-spec' is more sophisticated than found in other DLP solutions, as it looks at multiple parameters such as a collection of words or a collection of numbers, and not just a specific pattern like other users.
He said: “It will look at a combination of things and see a combination of names or the word 'confidential'. New technology we have a patent in is for form recognition, so everything in a form should never leave the company.”
Over a year since the software blade architecture was rolled out, I asked Shwed if he felt it had been a success, and were there plans for further new technology and is there space to move forward?
He said: “Absolutely, and today we can enter into a new space with DLP and there are plenty of benefits and plenty of opportunity and there is a huge benefit in the fact that it can be added on to any Check Point system by any customer who would use the software blade architecture.
“There is a huge benefit in that and we have demonstrated that in the last year as we launched ten blades at the beginning and I think we now have 30 different blades already available. Success so far has been good and new customers are buying the software blade solution, so overall I think it is proving to be a success so far.”