OpenDLP: A review

I don’t tend to read many Slashdot articles these days, but follow the RSS feed in Google Reader.  A recent article covered a product that caught my eye: OpenDLP.

The code is pretty raw right now, it is at version .1 in the cycle so hopefully a lot of growth and change will come to the product.  From the project’s homepage:

OpenDLP is a free and open source, agent-based, centrally-managed, massively distributable data loss prevention tool released under the GPL. Given appropriate Windows domain credentials, OpenDLP can simultaneously identify sensitive data at rest on hundreds or thousands of Microsoft Windows systems from a centralized web application. OpenDLP has two components: a web application and an agent.

The first thing I notice about this product is that it only deals with one area of potential data loss: the Endpoint.  It might be the maturity of the product that the author hasn’t looked into the other areas: Data in Motion (data traveling over the network) and Data at Rest (data in storage).

The other issue I have is that right now the database is not encrypted which would be a major data loss issue if the DB was compromised.

The good thing is the product does cover the endpoint and seems to cover it very well.   Looking forward to following the development and will try to contribute to it as much as I can.

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s