Welcome to the KuppingerCole Analyst Chat. I'm your host. My name is Matthias Reinwarth, I'm Lead Advisor and Senior Analyst with KuppingerCole Analysts. My guest today is Annie Bailey. She is Senior Analyst with KuppingerCole Analysts. Hi, Annie. Good to see you.
Hi, Matthias. Great to be back.
Great to have you, as usual, and as always. We want to talk about some recent research that you just published. It just went public a few days ago and you did a Market Compass around the topic of secure collaboration. And me as an advisor, usually when we start a new project, it's always a challenge to find a way of communicating with our customers in a secure manner, to exchange data that might be critical, that might be secret, that does not should not be made available to anybody else. So secure collaboration is something that I see in daily life. Where else do you see secure collaboration? So why is this an important topic?
Well, you've already listed a couple really important pieces there of figuring out how to interact with and move data securely. And that's more important now than ever. There's a lot of different contexts that have changed for the enterprise. You can think about this in a lot of different ways. If we think about this multi-cloud, multi hybrid, in a post perimeter age, this is affecting a lot of organizations at whatever stage they are in moving towards or through cloud. You also have a work from home context, which affects some enterprises more than others, but also things like bring your own device and device sprawl as employees are using more and more different devices, sometimes personal devices to be accessing systems. Then you also have this need for collaboration and the exchange of information not just within the organization but across organizations. So you bring in partners, contractors, suppliers and any other externals who may need to work closely on a project. Then you also have edge computing, non-human identities, all of these different factors which are complicating the fact that it's difficult to have an overview on who has access to what, where data travels, where it resides, And that brings us really to the core of this secure collaborations topic, is that there's intellectual property, there's private information, and there's enterprise data that has to be transacted with in order for business to continue. But how do you do that in a secure way? Because information is really the foundation of business today. It's driving our modern economy. If we take this at a very high, majestic level, but it's also essential as daily processes and tasks just to get your daily work done. So it goes from the biggest extreme to the smallest, most mundane tasks that we need to exchange this data securely. But we also, instead of just looking at this from the security standpoint, it also needs to be mobilized, need to be enabling data to move more freely and to more parties, even external parties. So that's where we have this balance of security and collaboration
Right. So if we think of the term secure collaboration, there is one use case clearly in this term, and this is what I mentioned in the beginning as well. So collaborate securely with data, with partners, with our customers. What other use cases I might not think of right now are in those products in that market segment, secure collaboration?
Yeah. So those ones you think of very quickly, OK, a data centric security approach that's very clearly seen in the name also enabling internal and external collaboration. Again, we can pull that easily from the name, but things like having audit trails and conducting analytics on the access to sensitive files and understanding who has access to what sensitive files, being able to monitor any unauthorized access that happens. So really building the transparency and the auditability of the sensitive information, this is a great use case for secure collaboration. Also building compliance and maintaining and proving compliance for the range, moving from GDPR through maintaining compliance for NIST standards, CCPA, HIPAA, FDA, there's a whole range of regulations that may or may not apply to the business depending on their industry. And also this modernization challenge. So thinking about the cloud, moving towards hybrid or multi cloud, but in general modernizing the data structure of the organization of having better insight into what data you have, where it travels, how it can be best used again for facilitating collaboration as a proactive step towards enabling business to happen.
OK, understood. Very, very interesting. So the question is, I've come across a range of solutions in my daily life from secure data rooms and which are really very much restricted, up until teams with some Azure information protection which is much more user friendly and usable. What qualifies a product to be listed in your secure collaboration Market Compass. What defines, what makes up a secure collaboration solution?
So this is a segment which is really goal oriented and less restrictive based on the type of technology being used. So that means the goal that we're looking at is securing data anywhere it resides, where it travels or is used, and also facilitating the collaboration with the many different parties that may need to handle that data. So there are different technological options to achieve that goal. And so that's why you've seen a range of solutions that could be categorized as this. But we're seeing some some trends shake out, and we see that the majority of vendors are using a three fold approach, and that's starting with data discovery and classification. And that's to help the organization understand what data it holds and to apply security policies to that data, particularly to sensitive data. This is accompanied often with fine grained access management to either files or at a data level or to a data set level. And so this is controlling who and under what circumstances can access which data. And then this is often paired with encryption, again, looking at data at rest, in motion and in use. So this sort of three pronged approach which is becoming more and more common. And it's not exclusively these options so we will and we do hope to see more and different technologies entering the market. So this is still a market in development where we do hope to see improvement.
Right. You've mentioned improvement, and I've hinted at some solutions being very restrictive. And sometimes a bit clumsy to use. Others are very user friendly, as I've mentioned before, and it is a moving market segment, as you said, an evolving market segment, an emerging market segment. And you mentioned improvement. Where should they improve? What is from your opinion as an analyst, having had a look at the market as of now, where is room for improvement?
I think on a large arc, you can see this market moving from restrictive data policies and data control, very security heavy to enabling and to facilitate business to continue without barriers and hindrances. And so that's an overall trend that we see but we're not quite to the end of the spectrum yet. We could see a little less restrictive poor user experience, difficult, difficult to use security and a little more facilitating of collaboration. So we're somewhere in the middle on this process, but we've definitely made progress and see a lot of solutions that are well integrated into commonly used applications that are less of a hindrance that move smoothly through normal workflows. So this is definitely come a long way, but we do hope to see more innovation on that. An other way that this industry could improve is coverage for structured and unstructured data. So vendors do tend to focus on either one or the other and only a few providing adequate coverage for both. And in general, interoperability does remain a challenge here. And the more solutions you employ, of course, the more challenging it is to get them to interact seamlessly. So this is definitely an area that we will continue to cover and there will be more developments in the next years.
Right. But right now we are in the position that you've just published this Market Compass and to make the audience a bit more interested in what is in there, let's have a short glimpse on the types of vendors that are in there, and maybe some names of the vendors that you had to look at during the evaluation process.
Yes. We had a good collection of vendors, some names that you would likely recognize. Microsoft for one and others, such as Micro Focus, HelpSystems, Exostar, archTIS and others, which are building off of commonly used systems. So some which are building off of Microsoft and extending those capabilities, some which are building off of SAP, extending those capabilities, some which are working on bringing these data rights management solutions for CAD. We have a wide collection of vendors who are coming at this problem from different ways. Some of these other vendors that I was just describing include SealPath, NextLabs, Seclore, Secude, Virtru and Zoho.
OK. So it's a wide range from the large established vendors to two very specialized upcoming vendors that focus on solving specific issues within organizations. So again, the Market Compass is published, it's available, and it's of course for those who have a subscription with KuppingerCole included in their subscription. But there's also this 30 days test subscription, but the subscription is affordable anyway. So if you're interested in reading what Annie has just delivered as research for this market segment that we've been talking about, just head over to kuppingercole.com and have a look at this Market Compass document. Thank you very much, Annie, for sharing your insights here. As this is an evolving market, you've already mentioned that we will cover this in the future as well and we expect to see lots of change there as well. Any final thoughts? Anything striking about that market segment that you came across?
I think that the alignment here between data security, data centric security, data governance and overlaps towards data privacy, these areas are now not necessarily converging but depending on each other more and more heavily. So this will follow this theme in our research more heavily over the next months and year. So you can be sure to look for that.
Great. Thank you very much. And thank you for your time and for giving that insight and for providing that great research. Thank you, Annie.
Thank you, Matthias.
Bye bye.
Bye.
