London, February 15, 2012 -- Varonis Systems Inc.,  provider of comprehensive data governance software has identified a critical missing component to traditional Data Loss Prevention (DLP) processes - enterprise context awareness – i.e., knowledge of who owns the data, who uses the data, and who should and shouldn’t have access to the data. Traditional DLP solutions that focus on endpoint and network protections commonly fail to fully protect critical data because they focus on symptomatic, perimeter-level solutions instead of addressing a much deeper problem — the fact that users have inappropriate or excessive rights to sensitive information. "For DLP technology to be successful, you must inventory and classify all of your sensitive data and understand your information flows," advises Forrester. "This is hard to do if you have hundreds, possibly thousands, of terabytes of unstructured data[1].

"Think of it this way, the network and endpoint DLP solutions are like security guards that detain every single patron as they try to leave the bank with cash in hand, without any clues to help sort out the criminals from the customers." said David Gibson, Director of Strategy for Varonis. "Server DLP dutifully points out that there is a lot of money in the bank, stored in a lot of places but what’s needed is intelligence and automation for the tellers, empowering them to correctly and efficiently govern the dissemination of cash."

Managing and protecting sensitive information requires an ongoing, repeatable process. The analyst firm Forrester refers to this as protecting information consistently with identity context (PICWIC).

The key to providing the necessary context lies in metadata: To collect and analyze required metadata non-intrusively, to automate workflows and auto-generate reports, and have a reliable operational plan to follow. With the recent advancements in metadata technology, data governance software is providing organizations with the ability to improve DLP implementations by not only automating the process of identifying sensitive data, but also simultaneously showing who has access to it, where it is exposed, what data is in use and who is using it – i.e. provide the needed context for comprehensive DLP.