Why Content Security Matters

“Lately it occurs to me what a long, strange trip it’s been.”

Before cloud collaboration came Enterprise Content Management (ECM). Before ECM, fileshares and desktop productivity. Before the desktop PC, we had typing pools. And before that, stenographers and clerical workers captured and codified information. Over time, one thing remained constant – the content created daily at our desks and now on our phones is still the core currency of business. It defines our ideas, our strategies, and the agreements that define our economy.

The sheer scale of the content we generate is staggering. There are a little more than 1 billion Microsoft Office users worldwide, both professional and personal, and together we generate half a trillion documents, presentations, and spreadsheets annually. From just one productivity suite, that’s 500 documents per person, per year. And, a recent Ponemon Institute survey co-sponsored by Skyhigh Networks found that 62% of companies reported employees use personal cloud accounts like Dropbox, Google Drive, and OneDrive for collaboration purposes.

When most of that cloud usage is unsanctioned (even if it’s well-intentioned), we need better ways to secure, monitor, and control all that content.

This rapid digital transformation is only increasing the requirement for content security. Documents are not just the place where information and ideas are captured, they’re the primary vehicle we use to share these ideas with others. And this transformation is about more than scale. Collaboration today is defined by a wide variety of content types – more than text files and office documents alone. We’re creating images, videos, and interactive presentations to communicate our ideas in more compelling, engaging ways. And looking ahead, we can expect the content we’re familiar with to undergo constant, unexpected change.

Benedict Evans of Andreessen Horowitz recently wrote an excellent analysis of this transformation, where he dives into the content and application implications of a shift from a labor-driven productivity model to a more agile, digital one. We’re taking the first step away from making existing processes a little more efficient with technology, and instead rebuilding completely new ways of working that improve productivity by massive step-functions.

“What kills [a] task is not better or cheaper (or worse and free) spreadsheet or presentation software, but a completely different way to address the same underlying need – a different mechanism.”
– Benedict Evans

Evans’ point is that the apps we use are fading towards the background, revealing the ‘verbs’ that define the work they enable (think Visicalc making way for Excel, then Slack). In the enterprise, it really starts to get interesting with companies like Stripe, who are working to connect these social verbs to business. The day before Dreamforce, Stripe announced their next new product, Relay – essentially a way for any business to extend their reach through other apps. ‘Buy’ becomes a verb that works in any context, creating new opportunities for process and commercial productivity.

How will it look? We don’t know exactly, but we can make some educated guesses. We can imagine a tool that allows us to share sales data, in a neatly packaged report, with a single click. Steelbrick is headed in this direction by establishing quoting and contracting as verbs that can operate independently of the underlying sales process. Intercom is taking this approach for customer insight, acquisition, and onboarding.

Back to content, this means we must adapt information security to protect data in a future when the scale of the information we generate exceeds our capacity to understand how to manage it. In short, we must address the triple threat of too much text, in too many tools, and too little time.

At Vera, we’re working to help our customers rethink how they provide content security. There are two key concepts we believe are critical to success. First, when the velocity of data creation and collaboration is rapidly accelerating, we need to move the point of security down to the data itself. It’s no longer sufficient – or desirable – to focus data security on the perimeter or the endpoints. When collaboration and productivity are continuous, these artificial constraints serve only as barriers to progress. And at worst, they provide unnecessary incentive to work around existing systems (the source of that personal cloud growth I noted earlier).

Second, a successful content security strategy can only be successful if it doesn’t force unnatural changes to how individuals want to work. Just like productivity apps, we cannot continue to take the road well-traveled. Continuing to seek improvement by optimizing for old processes only ensures one thing – relegation to the trash bin. When the nature of content is changing daily, and the tools we use to communicate and collaborate are converging, any friction in the tool will cause people to abandon it. Which effectively destroys any chance of securing that information.

The benefit of this is that it can eliminate fear from many of these daily decisions: Will my company find out I’m using Dropbox? Did I send that confidential report to the wrong person? Can I trust my partners will protect my content with the same care I will? Content security is important because it answers all of these questions with a definitive “Yes.”

We’re at an exciting inflection point as we step into this next era of a collaborative economy, and we believe that the most important enabler for it is content security. Simply put, to protect our ideas, we must first and foremost protect the content that we all create.

Written on September 23, 2015
by Grant Shirk
Tags:
  • Industry, 
  • Security