Yes, I worked on a product with a DLP feature we touted yet it would fail to identify credit cards if you put extra characters between sets of numbers.
It sounds good, and because compliance is about by making good-sounding things mandatory (weekly password rotation, yay! /s) it got mandated in a lot of places.
And it did catch mistakes, like accountants sending the wrong files or to external addresses. Which I guess is justification for it right there.
But it's billed as a stronger (ie hacker) protection, for which it's useless, so I never liked it.
I think the world would be safer with an email plugin that helped you by suggesting that you should not send a document to a given address, based on rules and observations. It'd only be a suggestion so nobody would expect miracles, but it'd stop all the unintentional mistakes our system stopped, for a fraction of the price.
It sounds good, and because compliance is about by making good-sounding things mandatory (weekly password rotation, yay! /s) it got mandated in a lot of places.
And it did catch mistakes, like accountants sending the wrong files or to external addresses. Which I guess is justification for it right there.
But it's billed as a stronger (ie hacker) protection, for which it's useless, so I never liked it.
I think the world would be safer with an email plugin that helped you by suggesting that you should not send a document to a given address, based on rules and observations. It'd only be a suggestion so nobody would expect miracles, but it'd stop all the unintentional mistakes our system stopped, for a fraction of the price.