Data has been called the “new oil” and more recently compared to fundamental resources like air and water. Whatever the descriptor the proliferation of data continues to explode as enterprises look for ways to achieve better results and gain real-time insights from customers over a variety of physical, virtual and mobile channels.
Popular collaboration applications like Slack, Box, Dropbox, and Zoom are challenging Microsoft’s multi-decade enterprise dominance even as the behemoth tries to reinvent itself with Azure, Office365, OneDrive and Teams. It’s never been easier to collaborate with colleagues, business partners, your supply chain and literally anyone. However, doing this “securely” in a way that does not break the workflow of the team is a huge challenge. That’s where VERA comes in.
I believe three things must be true to secure collaboration today:
- Products that denigrate the customer experience are destined to fail: Knowledge workers don’t want nor are they often able to install yet another endpoint agent in order to do their jobs. IT does not want to be the “Department of No” and are struggling to enable the business without locking down users and data. How do organizations track, secure and control sensitive information but do it in ways that are transparent to customer teams? How do organizations work across legacy files with modern applications from multiple vendors?
- Organizations are moving to embrace Zero Trust and Data is THE Focus: Multi-factor authentication, flexible encryption, and identity as a service have made it possible for organizations to roll out Zero Trust architectures where users need to verify themselves prior to accessing applications and data. This is a great start, but a big Zero Trust blind spot today is defining flexible access control policies for data and files. For example, encryption has made it possible to secure data between intended recipients. This has been welcomed by leading organizations, but this only addresses part of the challenge. What happens when your recipient decrypts and then shares the data with others (maybe even those you had not intended)? How do organizations secure information when it is shared with business partners and teams outside of the corporation? And, how do you control which teams can share this information and with whom the recipients can share it with?
- Data security operations need to be automated: There are many different forms of security automation. My view is data security today is intrinsically manual and needs to change. Too frequently connecting different services and products together today is daunting and quickly escalates into custom, costly integration projects. For example, tagging sensitive data individually introduces the possibility of multiple human errors in an already tedious, manual security process today. Automating this process whereby the system automatically discovers and tags sensitive data with high efficacy is a great approach to removing the drudgery and errors from the process. Complimenting this with an ecosystem built around open APIs whereby the integration of multiple vendor capabilities is what leading organizations demand to power and instrument and orchestrate this automation.
Vera’s approach to protecting data encompasses the above and much more. The VERA team is comprised of an amazing group of software and cloud industry veterans that have come together to not only address these problems but also do so by taking a new approach and focusing on the customer experience.
I’m excited to start the VERA journey and share more. Protection that follows the data wherever it goes not only makes intuitive sense but has been an unfulfilled promise of a myriad of security products for a long time. Thanks to VERA that is no longer the case. If you are attending the RSA Security Conference (aka “The Circus”) I’d love to meet – you can find me at 2260, South Hall, all week for a demo and discussion. If you are skipping The Circus this year, reach out as I’d love to tell and show you more.