The past few months, I was able to go see a few Cirque du Soleil events: one in Las Vegas, the new Beatle’s Love, and the other was when all the shows came to Los Angeles to promote the Las Vegas shows with various performances.

Watching them perform – below is a short clip I took in Los Angeles – is amazing. The intricacy of the performances is amazing, with everything being done in exact timing with the other members of the troupe. The minutest details are practiced over and over, to make sure that everything is perfect, and that safety is always top of mind.

In a way, that is what Palisade Systems does for small and medium sized enterprises. We’re your performers, we enable you to sit back and enjoy the show that we help you put on to protect the SME landscape. With many SME institutions, the director of IT has to wear many hats. He or she has to find a data loss prevention solution that is going to fit best with the corporate structure – whether it’s hosted internally or through a managed service provider – is easy-to-use and is easily implemented. The IT director needs to be able to sit back and enjoy the show, not worrying about whether or not the job is getting done.

Palisade is that show. We take care of the minutest details – as well as the big ones – to make it look simple. We provide a full data loss prevention system that integrates into other aspects of the server (Web filtering, email monitoring, data monitoring during down time, full compliance for our SME customers), and provides a beautiful routine. We are our client’s Cirque du Soleil – we make it look easy, we do it well, and let our customers sit back and enjoy the knowledge that its data is protected.

As more and more companies jump into the Twitter craze, there are a lot of interesting issues that are coming up: it’s only for B2C corporations, it’s for celebrities only, it’s only a customer service vehicle, it’s not a real conversation, or it’s not for B2B companies.

All of these are false, of course. There are many great opportunities for a B2B technology company like Palisasde Systems to be engaged in the conversation on Twitter.

We launched our Twitter account – PalisadeDLP – a few months back. Since the launch of our new Website and blog, we have upped the ante by being more active on Twitter.

Here’s what we are doing on Twitter, and what we are using.

1. All the people that blog are also part of the PalisadeDLP Twitter account

2. Overall we use Hootsuite, but some of us use Tweetdeck or Brizzly – this is, though, not to be considered an endorsement of any Twitter application, just what we are using

3. With the search function, we have been able to join the conversation on security and DLP, offering our insight and point of view on the industry and what we are doing

4. Using Twitter, we have been able to let our followers know about latest products and services, new blog posts, and share thoughts on Data Loss Prevention

5. With Twitter, we are able to follow – and have follow-back – technology pundits, industry analysts, security Twitterers, DLP executives and pundits, and more

6. By building these relationships, we were able to have a discussion with an industry analyst to let her know about what we are up to, and to share information about how Palisade is about the small and medium enterprise

7. With Twitter, we have had DLP pundits direct message us to compliment us on our use of Twitter, saying this is how B2B companies can use Twitter

8. And, we have been balanced by not being only self-promotional, but being a part of the conversation with @ replies, direct messages and just conversations with people

As you can see, as a technology company that services other technology companies, we are part of the conversation with analysts, reporters, and our current and potential customers. Please join us in the conversation, so we can talk about how to make DLP a better understood (and needed) technology, and we can talk about how we can help you.

Today, Robert Half Technology – a provider of IT professionals for project or full-time engagements – came out with a survey on how Chief Information Officers are looking at social networks, and how much time they are allowing their employees to spend on Facebook, Twitter and other social networks.
From the survey,

CIOs were asked, “Which of the following most closely describes your company’s policy on visiting social networking sites, such as Facebook, MySpace and Twitter, while at work?”

Their responses:
•    Prohibited completely: 54%
•    Permitted for business purposes only: 19%
•    Permitted for limited personal use: 16%
•    Permitted for any type of personal use: 10%
•    Don't know/no answer: 1%

It is an interesting take on social networks, and one that corporations need to think about as they institute policies and implement DLP solutions; as many corporations are at a cross roads in social networking and social media – do we monitor, do we allow our employees to become spokespeople for the company, how much leeway do we give – it is interesting that more than 50 percent of CIO’s are already prohibiting employees from using social networks at the office.

This is an interesting juxtaposition with the recent comments made by President Obama regarding being careful on Facebook. As noted in the Gartner blog, Obama became part of the data leakage worriers.

But, it IS a valid concern. Corporations – from the small and medium sized enterprise, to the multinational conglomerate – need to think about and prepare for data loss and data leakage, and where that might come from. Companies such as Palisade are the professional worriers: we think about how and where data loss might happen, and make sure that our PacketSure products can catch the bad data before it gets out there, and help protect the company.

While DLP solutions are just one aspect of social networks – the other key part is knowledge, education and sense – it is a good protection on the Web with IM and social networks.

Recently, Internet-Scale Event and Attack Generation Environment (ISEAGE), a testing facility built to simulate any network architecture, benchmarked a number of DLP providers, including Palisade Systems.

While we love it when we are benchmarked against others in our space – we know we are a leader in DLP for small and medium sized enterprise companies, and that we provide an easy-to-use, robust solution – the review itself had a few errors and misconceptions that we would like to correct.

Or, in blog parlance – we're fisking that article. The italicized, indented portions are from the article, with our response in bold.

The DLPs were set up inline (except for Code Green's Content Inspector, which doesn't support in-line mode) between a simulated WAN and LAN and were configured with a set of 10 rules. We then ran about 1,100 files through each device, waiting about a minute between each file, to determine how accurately the device detected and blocked a total of 276 "bad" files and to what degree network performance was affected by the inline DLP.

Palisade Systems' PacketSure product does support an inline configuration but this configuration is not recommended for use in a DLP deployment. In rare cases, it is needed with protocol management features supported by PacketSure. If a corporation is going to deploy a Palisade Systems solution, we make recommendations for the optimal set-up.

Also, in our testing the rules did not always work as expected. For example, one "content analysis checkbox" means packet analysis and another content analysis checkbox actually reassembles the data stream before it analyzes it (similar to all the other products).

The PacketSure appliance supports features for both Protocol Management and Data Loss Prevention, but nowhere in the interface do we have a check box for “Content Analysis” representing analysis at the packet level (protocol management). This phrase is used to represent the inspection we do after streams have been reassembled.

PacketSure seems to have a "phone home" functionality enabled out of the box. After turning on the device, it immediately started attempting to connect to a remote Citrix server (to assist with setup). For a vendor that is providing a device to rein in data leakage, this seems an odd default setting, but this could be a useful tool for optional troubleshooting

Palisade supports a Citrix server plug-in that communicates to the PacketSure appliance. Log messages were misunderstood as a “phone home” when in actuality these messages are the result of the service on the PacketSure that is listening for the Citrix server communication. They have nothing to do with a “phone home” attempt.

PacketSure, possibly because it seems to contain two products in one, was the slowest product, performing at only 55% of the allowable bandwidth.

Performance numbers reflect the “inline” installation, which is not recommended.

… When you combine the two, problems emerge, creating unexpected results. For example when you try to limit content analysis to a certain protocol, you have to choose between using a weaker content analysis system (which won't reassemble the stream) or not limit your blocking based on protocols.

While this is technically true, ISEAGE used the wrong set-up. The Protocol Management features within PacketSure are primarily used to block entire protocols. However, there are extended features that allow for blocking based on total size and custom content on a per packet basis. These features can be used to match connections based on size, and file based on name and type. Theses extended features are not compatible with the PacketSure DLP analysis that allows for matching based on SSN, credit card numbers, PHI, PFI, fingerprinted documents, elements uploaded from a database, custom ERE’s, and custom lexicons. So what you have to choose between is searching for DLP based on size, name and type or based on types of content.

Palisade's PacketSure could set up fingerprinting, but could only do it using flat files.

PacketSure fingerprinting allows for the upload of any file type that Autonomy supports. We have an interface that allows data from a database to be uploaded and matched on, this interface is limited to a flat file.

At Palisade Systems, we take a customer-centric view on our products and services. We fully believe our solution is the best solution for small and medium sized enterprise corporations, to the point that we offer a “taste test” and a post-analysis of the system: what we catch, what you need to monitor, etc.

The review brings up some great points – we are a great solution. Don’t rely on a review that got it half right, but test the system yourself.