“I'd do both gateway and endpoint DLP,” says Wright, noting he’s focusing DLP evaluation efforts mainly on vendor products that can do both.

Despite the challenges of DLP today, it seems likely the enthusiasm for it is going to project DLP way beyond its first-generation existence on the gateway and desktop.

In fact, Ouellet even predicts the future will eventually usher in “the content-aware enterprise” where DLP is seamlessly linked into digital rights management and identity and access management. And DLP could provide the foundation for more efficient e-discovery of electronic records.

That’s the vision anyway, and a number of security vendors are eager to embrace it, with pledges of integration with other products frequently heard these days.

“At the end of the day, it’s about information control,” says Gijo Mathew, vice president of security management at CA. “Once you’ve analyzed the information accurately, you can do a lot more than just block it. You can tag it for retention and encryption. There's management of that information, and it could be the foundation for e-discovery systems in litigation.”