Dell adds data in motion protection capability to Dell Data Protection

The new Secure Lifecycle offering is expected to have a limited market at first, as companies digest a novel approach to the solution.

brett-hansen-2

Brett Hansen, vice president, Dell Endpoint Data Security and Management

Dell has announced Dell Data Protection | Secure Lifecycle, a new version of their integrated solution that provides unified data encryption, file access monitoring, DLP (data leakage prevention) and DRM (digital rights management). The new offering covers data at all stages of its lifestyle, by adding protection of data in motion to data at rest.

“Today, the product protects data as it remains at rest, on endpoints, and public clouds,” said Brett Hansen, vice president, Dell Endpoint Data Security and Management. “The opportunity we see with this product is thinking beyond data at rest to encompass the full lifecycle. It’s how we evolve our thinking so that we aren’t just addressing an element of the data lifecycle, but the entire lifecycle.”

Hansen said adding this capability was a major technological advance.

“This was very hard, a multi-year effort with our organic code,” he said. “Several things made it challenging — the key management, and the creation of self-protecting data. How do you do that in a way that’s lightweight enough to avoid degradation, while being effective enough that you can ping back out if you are behind a firewall.”

In addition to adding on the ability to protect data in motion, the new offering also adds contextual access control.

“It makes a determination based on what network the user is on, and what they are trying to access, to provide a level of control that goes beyond protected and unprotected,” Hansen said. “Now, if you give access rights to data, it can be opened anywhere, at the office, at home, in a Starbucks. We want to make that access more granular.”

These granular policy controls allow different individual digital rights for different users viewing the same document. Organizations can manage exactly who can read, edit, print or share data, as well as set embargoes, and prevent the data from being opened before a certain date, as well as expiry times after which the data cannot be viewed. Rights can also be immediately revoked with the management console.

“Digital rights management is not a new phenomenon, but tying it together with a data security solution is a new approach,” Hansen said.

“I think the most interesting part of this is full visibility,” he added. “You can track data no matter where it goes, so you know where every file is, and you get an aggregated view and analytics beyond that. It lets you see files being opened in Belarus if you don’t have any employees there, and lets you target an individual employee’s actions if you suspect a leak.”

Hansen also emphasized that being able to protect data in motion is becoming increasingly important in a world where collaboration is becoming more common.

“We have a different approach than DLP, which is all about plugging holes, trying to keep data in,” he said. “Our approach is that approach is not the world we live in, because collaboration is a key part of business, and the way employees work has changed dramatically with collaboration tools and mobile. Those elements of the new employee work life are embedded now, and applying DLP to this is really quite impossible. This is a natural evolution in our eyes. Data is going to roam.”

Hansen acknowledged that Dell Data Protection | Secure Lifecycle will initially be sold for specific use cases, rather than become the new flagship for the solution.

“I wish I could say it will be the common one, but it’s still a fairly novel and aggressive idea,” he said. “The expectation is that this will roll out more over time, but that many companies will have to take some time to get their heads around it. It will start initially in industries you would expect, with very high security requirements, like finance and health care.”

For now, the Dell Data Protection | Secure Lifecycle solutions sold through the channel will go primarily through partners who are more focused around clients, who have been the principal route to market for Dell Data Protection in the past.

“Most of the partners selling this at first will be more client-centric, but this is not a simple transactional sell,” Hansen said. “Partners will need a background in cybersecurity, and hopefully data security as well.”

Longer term, this will be opened up to partners on the EMC side, with the delay being around the process of aligning the process through the new channel program.

“There’s a lot of wonderful dialogue occurring with the new assets,” Hansen stated. “We’ve already taken steps to start to align these different businesses. We haven’t announced how we will align that, although work is under way. It will take time to sort out. Likely in the future, we will have something around RSA, Mozy and AirWatch, and we are very actively working on additional channel opportunities beyond the Dell channel.”

Dell Data Protection | Secure Lifecycle will be available in the U.S. and select countries around the world, including Canada, starting December 1, 2016.