Data Security Demands the Whole Enchilada

It's time for users and vendors to move beyond point products alone

I'm here in Washington this week speaking to multiple groups of people about cybersecurity. One of the biggest priorities that keeps coming up is data privacy and security. Like the private sector, Federal Agencies struggle with data discovery, classification, confidentiality, integrity, and availability.

So what's new? Like most enterprises, Federal agencies view data security as an enterprise concern that demands an enterprise solution. In other words, they need data security policies, processes, monitoring, and enforcement across IT and not on an individual technology or location basis alone.

What does this change in attitude mean?

1. Enterprise solutions win, tactical solutions lose. It's no longer about DLP, eRM, and encryption -- large enterprises need all three. Winning vendors will have an integrated solution supported by strong professional services. Tactical players will need to partner with bigger vendors or focus on the SMB market alone.

2. Individual products will need a wide-angle lense. This means that vendors who can support lots of applications, file types, devices, or use-cases also win. For example, PGP's encryption suite that spans from desktops to the mainframe will be far more attractive than point solutions.

3. Data security meets business processes. To avoid data breaches while still maintaining productivity, data security strategies and security products must align with business processes. This extends beyond the enterprise to business partners, suppliers, contractors, etc. Therefore, data security must work in a Federated environment.

All in all, enterprises like Federal Agencies recognize the scope of data security and want to work with vendors who can help them on a broad basis. This is a reasonable request, it is time for the security industry to respond.

• Information assurance
• security