Digital Guardian – Protecting Your Data From Both Inside and Outside Threats
Most efforts at security today focus on keeping out the “bad guys” and building strong walls to prevent attackers from getting within reach of sensitive corporate assets. However, what happens if attackers do manage to break through the various barriers? What if the attackers are already legitimately inside the corporate rings of defense? Most security solutions today do not address these issues. As Mark Stevens, SVP of Global Services at Digital Guardian explains, his company’s approach is to assume that the bad guys are already on the inside and to provide a platform that still manages to prevent the loss of sensitive/confidential data, regardless of where that data is physically located.
Please tell me a little bit about yourself and your background.
I have been with Digital Guardian for six years (the company has been around for 14 years). The company focuses 100% on one single problem – corporate data protection. As SVP of global services I come in contact with all of our customers, from their first interaction with Digital Guardian through ongoing support and services.
I saw that your first position out of university was spending three years as a Presidential Management Fellow. What exactly is that?
It is a special national training program. It is a very tough selection process, but once you get through that, you are assigned to a rotation. I did a three year rotation with the White House working with computer software companies and helping them get into new markets around the world.
Most security products focus on preventing attacks and protecting a company’s network, but your platform seems to focus on protecting a company’s data once an intruder is inside. Is that correct?
Yes, that is correct. Our focus is on the point of risk, once the perimeter of the organization has already been breached. We want to protect the actual confidential data, such as spreadsheets, algorithms, special formulas, etc., from both external and internal threats. We believe that breaches are inevitable, but that losing data is not.
While having safeguards around the perimeter of an organization is still important, it is very hard today to build a completely secure wall, so its value has been diminishing and you need to have a plan for once attackers are already on the inside.
What are the most common methods of data theft?
I separate it into two different actors or categories: insider threats and outsider threats.
- Accidental – Most common.
- Malicious – For financial political gain (very small percentage).
- Malware / Ransom – Big issue today.
- State-Sponsored – e.g. China, Russia.
- Corporate Espionage – Stealing technology or other intellectual property.
- Some of these attacks are very sophisticated.
Your platform is comprised of multiple components. Please tell me a little about them and how a company goes about choosing which components it needs.
The Digital Guardian Platform provides DLP (Data Loss Protection) components to protect your data wherever it may be located. We offer the following data protection components:
- Endpoint DLP – Laptops, servers, mobile devices
- Network DLP – Network access, mail servers
- Cloud DLP – Amazon Web Services (AWS) and Microsoft Azure
In addition to offering our platform and components for on-premises installation, we also offer them as a managed service. The managed service is priced by the number of endpoints and users. The minimum contract is for $84K per year, which is only $7K per month, but often goes well beyond that depending on the project’s scope.
The managed service approach is the fastest growing part of our business and currently makes up 60% of our revenues.
One of the more unusual elements of your platform is Context-Aware Data Loss Prevention – identifying and eliminating threats from people inside an organization. Please tell me more about that.
As I mentioned earlier, this is a common threat, although it is normally accidental and not meant to be malicious. In one case, we worked with a large insurance company and simply configured a prompt to the user whenever they were about to send a document with sensitive information to a private email address. This alone made a big difference in preventing sensitive data leaking out of the organization.
Another common insider scenario is the user of cloud storage devices, such as Dropbox. Users today will simply work around corporate policies and restrictions to make their job easier. The Digital Guardian platform protects against such data leaks as well.
How do you define your market? Who is your specific target audience within that market?
We are a 100% horizontal play. That means that it makes no difference to us what industry you are in – if you have confidential or sensitive data that needs to be protected, we have a solution for you.
We typically sell to large enterprises, but we also have smaller (i.e. 30 person) companies as customers. Within a company, we will usually work with the CISO (Chief Information Security Officer) or the CIO (Chief Information Officer).
How many active customers do you have today? Where they are mainly located?
We currently have over 600 customers, including 25 of the Fortune 100 companies, all around the world. We are strongest in North America and also very strong in Asia. We have posted many case studies on a variety of different companies and industries on our web site.
Why do you have such a strong presence in Asia?
The reason for that is because all big manufacturers have some facility or presence in Asia and they want to be sure to protect their products and processes. We currently provide 20-30% of the data protection programs in Asia.
What methods do you normally use to attract and engage with new customers?
We attend a lot of industry events and meet many potentials customers at those events.
In addition to our blog, we also publish a large amount of quality and practical information on our web site in a variety of formats, such as case studies, infographics, webinars, white papers, videos, and industry analyst reports. This results in a lot of inbound leads from site visitors.
Who do you see as your main competitors?
There are several other companies in the data loss prevention space, such as NortonLifeLock and Forcepoint. However, we are the only remaining private company focused 100% on data protection.
How do you see your tools as different as and/or better than theirs?
I think we differentiate ourselves in two main ways. The first is in terms of service, especially with our managed service offering. The second difference is that we come at the problem in a different way than other companies. Where their approach is driven by compliance, our approach is driven by visibility.
How do you see the enterprise security market evolving in the coming years?
From a customer’s perspective, the malicious attacks are only going to get more numerous, more frequent, and more sophisticated.
What are your future plans for Digital Guardian?
In the short term, we are about to release a new analytics and reporting platform which will provide new insights for our customers.
In the longer term, we continue to make huge investments in technology and development in order to ensure that the Digital Guardian platform stays ahead of the attackers and protects our customers.
What are your top 3 tips for organizations to prevent data loss?
- Take a behavioral approach to security; don’t just focus on static documents and data.
- Take advantage of crowd sourcing knowledge. Work with others against the attackers, because you can’t fight this battle alone.
- Engage your users in the problem and process. Educate them so that they truly understand the problem.
How many employees do you have today? Where are they located?
We now have close to 400 employees worldwide, in 6-7 major offices across the globe.
How many hours a day do you normally work? What do you like to do when you are not working?
Because we offer 24×7 support around the globe, I usually work a good 10-12 hours a day.
When I am not working I like to hang out with my kids and play golf or other sports.