The data security game is a tough one. Often, it seems like the bad guys are winning: High-profile hacks and incidents have dominated headlines in recent years. For many organizations – especially startups and midsized businesses – it can feel like you are a one-person team facing fully stacked opposition.
One factor complicating the modern security climate is a lack of collaboration – between solutions as well as between teams. If an organization’s security plan focuses only on the endpoints of its data, it’s rendered essentially useless when an intruder breaches the perimeter. Other technology industries solve such problems with an ecosystem approach, in which vendors, partners, customers, and influencers work together to integrate their solutions and solve a problem from end to end. The data security ecosystem is still immature, but it’s time for it to grow up and start playing in the big leagues.
To accomplish this, organizations will need to support and interact with the growing security ecosystem. Below are ways in which an ecosystem approach can help companies go to bat against data security threats and hit a home run.
Understand the Playing Field
Ecosystems thrive on the idea that the sum of multiple participants’ expertise is greater – and more valuable – than its parts. Major technology organizations, including VMware and Amazon Web Services, have used an ecosystem approach to dominate spaces like vitrtualization and public cloud.
However, data security has no rules, boundaries, or borders. To control threats and get ahead of the curve, organizations should be very familiar with the risks they are facing, particularly if those risks are compounded by industry-specific factors like regulatory compliance.
Define the Stakes of the Game
Baseball teams enter preseason and World Series games with different mindsets, as they know that the stakes of each outcome are wildly different. To approach security with the same dedication, every organization should frequently ask, “If we suffered sensitive data theft tomorrow, how would it affect our customers? What would it take to win back their trust? Would the damage be irreparable?”
Security strategies are unique and tailored to meet the needs of the companies they protect. As organizations build them, they should listen to customers’ concerns, work with services and products that can integrate and cover all bases for sensitive data, and avoid leaving critical areas of infrastructure exposed. IT and security teams also should consider how organizations with profiles similar to their own have been targeted and affected by recent data breaches, and use that context to create security plans.
Know Which Side You Are on
Players that switch positions mid-season usually aren’t a strong bet. You can say the same for vendors that lock customers into using only one brand of technology, effectively limiting integration and innovation options.
To avoid unforced errors, work with solution providers and vendors that commit to furthering the security ecosystem as a whole. Palo Alto Networks and Cisco are firewall vendors that use open APIs, enabling additional IT solutions and devices to contribute feedback and ultimately strengthen the firewall. Threat information collected by security information and event management (SIEM) solutions is more valuable and up to date when it draws security insights from various points throughout IT infrastructure.
As a result, next-generation SIEM solutions can actively defend against threats, using the security ecosystem to extend beyond the technology’s original aim. By focusing on integrations and open APIs, IT and security providers can better protect their customers’ sensitive data while positioning themselves to keep providing value and growing as the ecosystem evolves.
Play as a Team
There’s one downside to every major ecosystem: When too many players are on the field, it simply gets crowded. Ecosystems can bring together tens, or hundreds, of solution providers that intend to work toward the same goal. To achieve it, it’s critical for those companies to uphold the same standards for quality of service, technology, integrations and more.
As part of this deal, single-use products and businesses have no place in an IT or security ecosystem. Vendors must aim to create products that contribute to a bigger picture and ultimate market goal.
Refine your Competitive Advantage
With an opposing team as massive, resourceful, and relentless as cybercriminals, organizations can’t simply play to tie. To protect sensitive data, companies need to be more than evenly matched against threats. They need an advantage.
It’s imperative for companies to take a proactive approach to supporting ecosystem growth and improving security postures. To do so, they can borrow an idea from athletes who hang their personal inspiration in their lockers. Outlining your goals and ensuring the entire organization knows what success looks like in terms of thwarting security threats can help make those aspirations a reality. At the end of the day, data security isn’t just a game. Winning involves protecting valuable assets and preserving the integrity, success, and future of a company.
Paula Long brings more than 30 years of experience in high-tech innovation to DataGravity. Prior to DataGravity, she served as vice president of product development at Heartland Robotics. In 2001, Paula co-founded storage provider EqualLogic, which was acquired by Dell for $1.4 billion in 2008. She remained at Dell as vice president of storage until 2010. Prior to EqualLogic, she served in engineering management positions at Allaire Corporation and oversaw all aspects of the ClusterCATS product line while at Bright Tiger Technologies.
Subscribe to Data Informed for the latest information and news on big data and analytics for the enterprise, plus get instant access to more than 20 eBooks.