Most tools offer preset compliance modules that can detect specific types of sensitive data out of the box. These cover areas ranging from sexual harassment and privacy concerns to compliance with federal regulations. The tools are designed to be used by nontechnical staff, such as the legal, governance or human resources departments. But there is one hitch: They can't identify encrypted content. Organizations need to review business processes where encryption is used and develop policies that permit the movement of encrypted files within specific contexts.

Broader Trend

These network-based compliance products, which IDC analyst Brian Burke calls multiprotocol content- filtering tools, are part of a broader category of outbound content compliance products that includes e-mail filters, secure e-mail, instant messaging security and enterprise rights management tools. While IDC expects the overall market to grow to US$1.9 billion by 2009, the fastest-growing segment will be multiprotocol content filtering, with a compound annual growth rate of 70 percent over the next four years, Burke says.

That growth is being driven by privacy concerns and the need to comply with regulations such as the Sarbanes-Oxley Act and the Health Insurance Portability and Accountability Act. Enforcement by regulatory agencies is on the rise, says Trent Henry, an analyst at Burton Group in Midvale, Utah.

While network-based content monitoring tools have been around for several years, until recently most vendors offered only monitoring and alerting functions. Now most have added real-time blocking capabilities, a feature that some companies are experimenting with but most aren't yet using. Some vendors, including Tablus Inc.in San Mateo, Calif., have added products that can also monitor "at rest" content on individual workstations.