The product requires a client agent on each PC or laptop you want to monitor. When a user logs into Salesforce.com, the agent monitors the data in the browser and applies IT-defined policies, such as not allowing data to be copied to the hard drive or a USB, or cut and pasted into Web mail. A server component monitors user access to the Salesforce.com applications.
If the policy does allow for data to be saved to the local drive, Downloaded Data Guard can encrypt it using a 128-bit Blowfish algorithm.
The product also provides logs of user activity, and can alert administrators to suspicious or unwanted activity.
As you'd expect from a startup, the product has some significant holes. For instance, if users access Salesforce.com applications from a computer without the client software, the product can prevent them from downloading data to the hard drive, but it can't stop them from copying the data directly out of the browser and pasting it into an e-mail.
"We could disallow [remote users] from using Salesforce.com, but no one has said they would want that," says CEO Chris Elbring. "So far, customers are willing to accept cut-and-paste losses."
The product also lacks granularity. In its present iteration, the ability to attach Salesforce.com data to a corporate e-mail is either allowed or not. Thus, companies whose employees share data via e-mail will run the risk of leakage. OutProtect says it will address this issue in a subsequent release.
OutProtect will expand the program to other SaaS providers, but its first release targets Salesforce.com. Downloaded Data Guard has been certified by AppExchange, the Salesforce.com program that lets outside developers create programs and tools.
Downloaded Data Guard starts at $15 per month per seat. OutProtect was founded in 2005, and is privately funded.