- Services & Solutions
- By Business Need
- Business Technology
- Transforming the IT Function
- Cost Optimization
- Risk Management & Compliance
- Corporate Responsibility and Sustainability
- Merger & Acquisition
- Global Sourcing and Industrialization
- Application Lifecycle Services
- Business Information Management
- Finance Transformation
- Supply Chain Management
- Human Capital Management
- Customer Interaction
- By Industry
- Consulting Services
- Outsourcing Services
- Technology Services
- Local Professional Services
- By Business Need
- Insights & Resources
- News & Events
- About Us
Capping IT Off
« Do not block please | Main | Tech Predictions 2009: "Open" is the new "Closed" »
Tech Predictions 2009: A more sensible approach to de-risking data loss
This is one that should have happened a while back, given that all the technology pieces are in place and readily available, but fear not, 2009 will be the year for comprehensive information rights management. Yes, I said it.
The technologies that can be used to provide persistent protection for enterprise content have existed for several years as a product, or suite of products, known as Enterprise Digital Rights Management (ERM), or more recently Information Rights Management (IRM). Unfortunately, the take-up of these products has not been as robust as might reasonably be expected for such a useful enterprise capability. It quickly became clear that these types of defensive technologies, which do not generate immediate / obvious revenue, are relatively expendable in pursuit of the bottom line. Perhaps, as a consequence, the industry recently underwent consolidation, (mostly through acquisition by larger players), into a handful of information lifecycle management solution providers that offer Enterprise DRM / Information Rights Management solutions among their arsenal of products and capabilities. Key players now include: Adobe, Microsoft, Oracle (via acquisition of Stellent / SealedMedia), EMC (via acquisition of Documentum & Authentica) and Liquid Machines.
So what has changed, and why should 2009 be any different?
- Well for one thing, the frequent reports of data loss incidents mean that the corporate world has had to start looking at ways to prevent future mishaps. However, even current initiatives like wholesale corporate data encryption and data loss prevention strategies are not totally fool proof; therefore many organisations are still likely to need a more effective approach towards managing and securing information, especially one that will work even after data is lost or misplaced.
- Secondly, there are signs that ERM vendors are waking up to the key role they have to play in creating the ecosystem of solutions required to tackle data loss issues head-on. For example, some vendors have begun integrating their ERM products with existing Data Loss Prevention systems in order to provide effective control of information, both within and outside the enterprise security perimeter, (i.e. in the Jericho philosophy of deperimeterised security).
- Finally, although ERM is a direct offshoot of media Digital Rights Management (DRM), and provides similar capabilities for content control, it is unlikely to face the same fate as the latter, (see more on this from my DRM blog), for the simple reason that they serve very different markets / needs. A recent study of the ERM market shows a steady increase in awareness and adoption by organisations in various sectors like finance, healthcare and IT consulting among others
In light of the above, I believe it that we shall start to see more examples of holistic security and information management as a major step towards mitigating the risk of data loss. The solutions, like the problems they solve, are not restricted to one product, channel or strategy; therefore it would most likely be achieved via a combination of components that include: ERM / IRM solutions; DLP systems; enhanced Information Security Policies; and the traditional corporate security and perimeter defence mechanisms.
Posted by Jude Umeh on December 17, 2008 | 
Digg this | 
Seed Newsvine
TrackBacks
TrackBack URL for this entry: http://www.capgemini.com/cgi-bin/blog/mt-tb.cgi/730
Listed below are links to weblogs that reference Tech Predictions 2009: A more sensible approach to de-risking data loss:
» Does eDisclosure / eDiscovery really equate to eDisaster? from Capping IT Off
According to the British Computer Society’s Information Security Magazine, eDisclosure is a time bomb waiting to happen, and the key question for many organisations should be: "... [Read More]
Post a comment
Subscribe
RSS news feed
Add to Technorati FavoritesRecent Posts
- A New Landscape: SAP in the Amazon Cloud
- Too much thought will kill you
- Weekly digest of week 5 2010
- Nobody cares about browsers
- New smart use case stereotypes for service oriented architecture
- Afterall Social Media is about... being Social
- Star Wars and Social CRM – use the Force
- Using Gravity to collaborate on processes in Google Wave just made SAP a whole lot sexier
- Weekly digest of week 4 2010
- Cloud and Social: the tectonic plates of IT 2.0
Comments
# on December 18, 2008 11:50 AM, Mark Nankman said:
Nice prediction. Very plausible and very necessary.
Btw, thanks for personally informing me (by phone, which is by far the most secure way, or isn't it?) that you were going to publish this. ;-)
# on December 18, 2008 11:46 PM, Bill Rosenblatt said:
Jude,
Excellent article and thanks for plugging DRM Watch and my ERM study for Gilbane.
I think your prediction is right on the money, and in fact it's echoed in the speech that John Thompson, CEO of Symantec, gave at this year's RSA conference - text available at http://www.symantec.com/content/en/us/about/media/leadership/John_Thompson_RSA_2008_Speech_with_QA.pdf. I have been expecting Symantec to make a move into the ERM space, such as acquiring one of the remaining independent ERM vendors like Liquid Machines.
# on December 19, 2008 7:41 AM, Anuj said:
Hey Jude .. excellent take on the ERM market and on the comparison of IRM with DRM I recently read Vishal Gupta's take ( http://edrm.blogspot.com ) on this and I quite agree with his views
There are a couple of companies which are doing pretty well in this space in Asia i.e. Fasoo (www.fasoo.com ) and Seclore ( www.seclore.com ). I have seen some of the Seclore implementations and the technology is maturing.
# on December 22, 2008 10:11 PM, Jude said:
Thanks for the kind comments. I really think this will come to pass sooner rather than later, so should be interesting one to watch.
# on December 24, 2008 9:56 AM, graham colclough said:
This is a long slow hill that we must climb, Jude. However it is vital that we do if we are to build the trust between provider and customer.
This is that much more vital in interactions we have with public administration, where the trust is so much lower and volumes of sensitive data is so much higher (thus risk). and of course where the press hounds love to stalk!
It's only through persistence in dealing with the issue, and highlighting where we've got it right that we'll get over the perception 'tipping point'.
Keep advertising the art of the possible!
# on January 29, 2009 10:25 PM, Simon Thorpe said:
Jude
Good comments, I responded in kind via my own IRM blog at http://blogs.oracle.com/irm/ We are in Oracle seeing an increase in activity in this space and have been talking to some very large clients who have been in the press recently with some data loss incidents. With the recent changes in the economy people are becoming more protective of their sensitive data and realise that a small investment in IRM can offset huge losses from fines and stock price fluctuation.
# on February 5, 2009 4:06 PM, Jude Umeh said:
Thanks Simon. Really glad to see that this resonates with the big vendors too. It will be interesting to see how things develop, for both the vendors / organisations, by this time next year.