Directshow Fix Available from MS

http://support.microsoft.com/kb/971778

Data Protection Basics

There is alot of press around the DLP meaning and concept. There are basic principles one must consider as part of the planning, strategy in putting a plan together.

1. Determine the critical data stores from a business perspective ( Rank your data's value)
2. Identify if the information in item 1 is data at rest or data in motion ( Classify the data type)
3. Determine if the data is on clients(pda's, laptops, servers), network ( communications streams), or hard prints. ( Discovery )
4. Align with financial or brand protection objectives
5. Put your requirements to paper
6. Evaluate your product space
7. Test in a controlled environment with test data!!
8. Deploy in production

Product selection before strategy

It seems to be a recurring discussion i have weekly with peers. The topic tends to be the fact that products/services/technologies are purchased to solve risk and security issues before certain other considerations are complete.

The problem statement: How do we implement this product / solution into our environment.

One might think that a logical approach would be:

1. Strategy Formulation

2. Strategy Implementation/Communication

3. Architecture Review of AS-IS technology and process

4. Review of Strategy and Architecture TO-BE

5. Vendor review and selection

6. Implementation plans

Instead, Sales professionals do a great job of selling a product or service. Companies are then challenged to find a method for worrking on implementation. Basic issue step 6 before step 1-4 have occurred.

Providing technology solutions for problems and issues is only one component of solution delivery.

People, Process and Technology are all to be considered.