1 Management Summary

The KuppingerCole Market Compass provides an overview of a market segment and the vendors in that segment. It covers the trends that are influencing that market segment, how it is further divided, and the essential capabilities required of solutions. It also provides ratings of how well these solutions meet our expectations.

This Market Compass covers vendors that provide Enterprise Information Protection (EIP). Information protection has quickly climbed to a high-ranking priority in enterprise security. At one point in time, enterprises hosted most major communication and documentation on-premises, without the complication of multiple devices, insecure communication, and extensive interface with entities outside the organization. This intricate pattern of internal and external interactions is now the reality of daily operations. Users login via mobile devices – private and corporately owned – and are often not on corporate premises as they access corporate information. User access must be managed in order to protected resources, but must be flexible enough to accommodate the extensive sharing of protected information. Perimeter protection is no longer adequate, leading to the release of many EIP solutions.

There are multiple trends that impact EIP: the recent mass migration to remote work, the need to manage user access to protected resources, the increasing need to accommodate the sharing protected information, and stringent regulation protecting the private information of individuals.

The market is still heterogeneous, with many vendors offering a variety of solutions to address similar use cases. The major use cases for enterprise information protection include protecting intellectual property, protecting PII data, and increasingly as an enabler for secure collaboration at a distance. A strong solution is one that protects enterprise data with flexible control of data that can accommodate the way that enterprise staff, business partners, and customers prefer to interact. Encryption is generally used to protect documents either at the folder level – in which all documents use the same encryption key – or at the file level where individual keys can be assigned on a per document basis. Document repositories can be used to protect information, and can be held on-premises or increasingly in cloud storage. Information protection that facilitates collaboration on documents is well-suited to a rights management solution where an author can determine who may access a document and what they can do with it. It is possible to manage access to documents by explicitly defining the rights of users to edit, save or print. These controls travel with the document and apply on internal infrastructure or cloud environments.

Solutions in this market segment often have robust rights management encryption capabilities, applicable at both the folder and file level. A policy framework and key management should also be part of the solution. Sensitive data often resides in multiple places in an organization, and is incorporated into files at rest, in motion, and in use. This requires high compatibility with file sharing platforms, many cloud providers, and file types. Full auditability should be available for any EIP solution. Advanced capabilities for this solution include data classification abilities along with the detection of sensitive information. In some cases a secure file repository may provide additional security. Email should also be protected, most commonly with encryption. Document versioning should also be supported.