Enza Iannopollo, principal analyst at Forrester, recently answered some of the pressing questions we’ve received when it comes to data security, and more importantly building the foundations of your data security strategy. Today we’re looking at what Enza had to say about layered security solutions, and the benefits to this approach.
Q: What is the benefit of layered security?
Enza: Security and privacy teams are getting used to managing multiple tools to deliver the degree of data protection that their organizations require. In fact, even if some capabilities, such as data discovery and classification for example, are increasingly available as embedded features of other solutions, companies globally continue to invest and adopt standalone solutions. Our research shows, for example, that companies continue to invest in email, cloud, database, and endpoint encryption; to solve key security and privacy use-cases, companies are also expanding their investment in DLP tools; discovery and classification, rights management, and more.
These companies see the benefits of layered security. Those that are still wondering about the value of layered security must understand whether what they have meets their needs and use cases, or if they are better off with a more layered approach. Take the case of data discovery and classification technologies as an example. To determine the value of layering these solutions on top of what they have, an organization should consider the additional automation and consistency, the reduction of fragmentation and increased reliance on less error-prone approaches delivered by these solutions.
Companies that are looking for a comprehensive approach to data security, should also consider how these solutions would help them move beyond more siloed approaches, typically delivered by products that embed discovery and classification as a feature, often limited in scope to specific data repositories or sources for discovery, and varied in their purpose for classification (identifying and categorizing data versus tagging).