A major focus at this year’s Gartner Security & Risk Management Summit in National Harbor, MD was on reframing and simplifying security to drive your business, not inhibit it. There was a lot of talk about zero-trust architectures and how they are critical to real security as more of us work from home and the threats to our sensitive data grow exponentially.
One area of concern is how to find and protect sensitive data without impacting how employees, business partners, and customers work. With a hybrid workplace becoming the norm for many, this has taken on a new urgency.
At the Fasoo booth, a lot of people talked about the challenges of combining different technologies to address data security in the cloud, in the office, working at home, and sharing with partners and customers. Companies are looking to consolidate capabilities to fewer tools and focus on more of a platform approach to address their needs. A constant problem is setting different policies in many tools that still focus more on protecting the location of data rather than the data itself.
One executive from a manufacturing company talked about how difficult it is to manage all the systems to protect identity and data in so many places. She has one set of rules for her DLP system that alerts when sensitive documents are shared outside the company. She has another set of policies to govern CASB to manage cloud access. And a third set of policies for partner access to data repositories. But none of them really protect the data since once a user has access, they can do whatever they want with it.
Fasoo Presentation on True Zero Trust
On Wednesday, June 8, 2022, Anthony Juliano, CTO & General Partner of Landmark Ventures; John Herring, President & CEO of Fasoo, Inc.; and Ron Arden, Executive Vice President, CTO, and COO of Fasoo, Inc., presented “Fasoo: Build a True Zero-Trust Data Security Platform“. John talked about the challenges we’ve had in the last few years as people moved to hybrid work and the threats to sensitive data keep growing. Documents have a habit of multiplying and getting into all sorts of places without security that protects the data itself.
Anthony focused on data security platforms (DSP) and Gartner’s research on the need to eliminate the patchwork of silo-specific controls that actually increase risk rather than minimize it. Simpler policy enforcement and unified approaches will prevail as companies choose a DSP with high levels of flexibility that work throughout the entire data lifecycle. This includes eliminating redundant, obsolete, and trivial (ROT) data to minimize the threat surface and simplify protection.
Ron talked about the capabilities of a true zero-trust platform that enables universal control of data at rest, in transit, and especially in use, while continuously validating that a user should have access to that data every time they use it. Rather than focusing on pieces of a solution, the Fasoo Data Security Platform helps organizations discover, classify, manage, protect, share, audit, monitor, and analyze sensitive data. Since the fundamental principle is to protect first by encrypting and controlling the use of the data, it removes many of the concerns of protecting every location the data travels.
Gartner Presentations Reinforce Fasoo Approach
There were a lot of Gartner Analyst presentations that focused on zero-trust, data security, and data security platforms. One session highlighted that “60% of organizations will embrace Zero Trust as a starting point for security by 2025.” Many of the sessions directly reinforced Fasoo’s approach to zero-trust and below are some of the highlights:
Andrew Bales: Outlook for Data Security
- Andrew addressed Gartner’s prediction that “By 2025, 30% of organizations will adopt a Data Security Platform (DSP), due to the pent-up demand for higher levels of data security and the rapid increase in product capabilities.” The presentation reviewed the evolution of data security capabilities and their convergence into a centralized platform. Fasoo leads the industry in unstructured data product consolidation with its Zero Trust DSP.
Michael Hoeck: How to Secure Your Data Using Data Security Platforms
- Michael identified a category of DSPs that are more narrowly focused on use-case driven needs, in particular for unstructured data, that do a better job than more broad-spectrum platforms. Fasoo’s DSP specifically addresses unstructured data security and privacy use cases.
Neil McDonald: A Pragmatic Approach to Implementing a Zero Trust Security Architecture
- Neil highlighted the importance of data encryption at rest and in transit in a zero-trust architecture. Fasoo extends this to control over data in use and is a critical element of evolving security service edge (SSE) architectures, which focus more on security capabilities and less on network connectivity and infrastructure.
Anthony Carpino: Technical Insights: Dark Data, Data Security’s Biggest Miss
- Anthony reported that “Dark data could be between 52 to 90% of the data our business stores and know very little about its content including the risk that could be lurking within it.” He identified discovery, classification, auditing, and data protection as key features to shed light on dark data, all of which are core processes in Fasoo’s DSP.
During the course of the summit, a lot of attendees and analysts came to the Fasoo booth to understand how Fasoo’s zero-trust data security can meet security and privacy regulations and protect sensitive data from both internal and external threats.
One IT manager wanted an easy way to protect IP from going out the door when employees left the company and also needed to share sensitive information securely with customers. He liked how the Fasoo Data Security Platform could help with both in one solution.
A number of visitors commented that Fasoo technology is very robust, balances security with usability, and integrates with an organization’s existing infrastructure. A common strategy is to make the technology almost invisible to users unless they try to violate a security policy. I remember one person saying, “I was a little skeptical during your presentation, but convinced once I saw it in action.”