The leakage of proprietary and/or confidential data is a continuing problem for organizations such as corporations, governments and universities. Contemporary ubiquitous remote network access to an organization's computers increases productivity and is convenient, but at the same time creates ever greater challenges for protecting the data from being accessed by unauthorized parties such as competitors or criminals. Leakage of enterprise data can result both from intentional activity by unscrupulous employees, as well as unintentional but negligent actions of employees not following robust security procedures.
The problems inherent in Data Loss Protection (“DLP”) are exacerbated by the rapidly expanding use of mobile computing. As it becomes ever more common for individuals to own and carry mobile computing devices such as smartphones and tablet computers, people want the freedom to use their own devices for work in addition to their personal use (this approach is sometimes called the bring-your-own-device model). Users are familiar and comfortable with their own devices, and do not want to learn how to operate and carry a second device for work. At the same time, enterprises have a legitimate need to control the handling of their confidential information when it is accessed and processed on non-enterprise devices.
Organizations lack visibility into the access and flow of sensitive documents and information in general, and by and across mobile devices in particular. Administrators lack tools for tracking data access and usage, much less detecting anomalous patterns. With the increasing prevalence of mobile computing and the so called bring-your-own-device policies, tracking the access and flow of enterprise data and preventing leakage are more difficult than ever. Yet, organizations rightly want to limit the access and use of confidential data according to an enterprise-level information control policy.
It would be desirable to address these issues.