Data Loss Prevention (DLP) , Endpoint Security , Governance & Risk Management
OpenText, Google, Varonis Lead Data Security Forrester WaveOpenText, Varonis, Forcepoint Enter Leaders Category While Trellix, Broadcom Fall
A surging OpenText, Varonis and Forcepoint joined stalwarts Google and Microsoft atop Forrester's data security rankings, while Trellix and Broadcom tumbled from the leaders category.
See Also: Live Webinar | Education Cybersecurity Best Practices: Devices, Ransomware, Budgets and Resources
Data protection platforms historically focused on delivering security controls, but leading providers in the space are increasingly looking to address adjacent use cases on privacy, compliance, data governance and data life cycle management, said Forrester Principal Analyst Heidi Shey. Businesses want help discovering and classifying their data as well as obtaining more value from the data they possess.
"The challenge now is that you have multiple markets that are colliding from a technology perspective," Shey told Information Security Media Group. "You already have other tools and technologies that are working toward privacy compliance. You have another whole market that touches on data governance capabilities and use cases as well. But they're all designed and geared toward very different audiences."
Google and Microsoft were recognized as data security leaders in each of the past two Forrester Waves, but their strategy rankings have slipped. Microsoft, Google and Trellix - then McAfee - took the top three slots, respectively, in data security strategy in 2021. But this time, Varonis, OpenText and IBM took gold, silver and bronze, respectively, in strategy, while Microsoft slipped to fourth and Google sank to sixth.
Varonis historically focused on on-premises deployment and securing unstructured data in the data access governance space, but Shey said Varonis greatly expanded its functionality and debuted new services. OpenText, meanwhile, has cobbled together data security from organic investments and acquisitions such as Micro Focus and has brought disparate capabilities together into a single revamped platform, Shey said.
"The challenge now is that you have multiple markets that are colliding from a technology perspective."
– Heidi Shey, principal analyst, Forrester
In Forrester's strength of current offering category, Google continues to lead the pack, while OpenText - then Micro Focus - jumped from fourth to second and Forcepoint catapulted from 10th to third. Broadcom and Trellix - then McAfee - took silver and bronze, respectively, in 2021. The last Wave focused only on unstructured data such as files, while the current rankings also factor in structured data such as what's found in a database.
Both Google and Microsoft have built data security functions into their technology portfolio rather than selling it as a stand-alone offering, and Google has embedded data protection in Google Cloud Platform and Workspace. Forcepoint, meanwhile, has long been a major player in the data loss prevention space and most recently built out a broader data security platform, according to Shey.
Data security providers historically focused on safeguarding either structured databases or unstructured files, but over the past two years, vendors have increasingly looked to offer both from a single platform, Shey said. Different controls are needed to protect structured and unstructured data, and Shey said big vendors in the space have either debuted native features or partnered with others for a broader story.
"If I look at large providers, data security capabilities will increasingly be a feature functionality," Shey said. "There will still be differentiation within these capabilities, but it is increasingly going to be a part of a broader thing people purchase. I would expect to see some more innovation coming from smaller players that would try to fill the gaps that are there as well as some niche or really specific use cases."
Outside of the leaders, here's how Forrester sees the data security market:
- Strong Performers: IBM, Imperva, Broadcom
- Contenders: Proofpoint, Fortra, Thales, Netskope, Lookout
- Challenger: Trellix
How the Data Security Leaders Climbed Their Way to the Top
|OpenText||Micro Focus||$5.8B||January 2023|
|Micro Focus||Covertix||$1.9M||May 2018|
|Micro Focus||HPE Software||$8.8B||September 2017|
|Forcepoint||Bitglass||Not Disclosed||October 2021|
|Forcepoint||Deep Secure||Not Disclosed||July 2021|
|Forcepoint||Cyberinc||Not Disclosed||May 2021|
|Microsoft||CloudKnox Security||Not Disclosed||July 2021|
|Microsoft||ReFirm Labs||Not Disclosed||June 2021|
OpenText Gives Unified View of Structured, Unstructured Data
OpenText's Voltage platform now gives customers a unified view of all the structured and unstructured data in their possession, as well as the risk factors surrounding it, said Reiner Kappenberger, director of product management for Voltage data privacy and protection. This will give organizations a holistic view of risk across their entire ecosystem rather than an isolated silo-by-silo view of risk, Kappenberger said.
The company has long done format-preserving encryption and data hashing to protect against breaches, and Kappenberger said OpenText starts by understanding what company data needs to be protected or de-identified. More recently, OpenText infused security for structured data into its cloud offering to better cope with data spikes and brought its discovery and protection tools together, Kappenberger said (see: The Cybersecurity Dilemma for SMEs).
"You can bring data that you have discovered from other solutions and integrate it into Voltage," Kappenberger told ISMG. "You can do this in any cloud, any on-premises environment or even private clouds. It is an all-encompassing solution that can discover anywhere you have data and is not strictly bound to a particular environment."
Forrester chided OpenText for lagging in data loss prevention and lacking broad coverage for stateless tokenization and sector-specific innovations such as a crypto custody solution in banking. Kappenberger said OpenText's tokenization tool is used by leading payment processors. He said the company has explored the crypto custody market but feels it's too niche and has deliberately avoided the DLP market since it limits workflow.
"What we're trying to doing with our tokenization and encryption solutions is enable workflows to happen without impacting the business," Kappenberger said. "The approach is different, but the end result is very similar to DLP."
Google Delivers DLP Only Where There's Sensitive Information
Google has focused on making data security robust yet nonintrusive, so organizations can continue to strengthen their security posture without adding complexity, said General Manager and Vice President of Cloud Security Sunil Potti. Google has leveraged its own IP as well as signals coming out of Workspace to deliver automated data loss prevention in the flow of configuration with minimal disruption, he said.
Google has leveraged artificial intelligence over the past year or two to get its system to automatically determine which data or workflows in an organization are sensitive and require additional protection, Potti said. Unlike encryption, which Google has enabled by default everywhere, having data loss prevention everywhere would be overkill since 80% of data stored in cloud buckets isn't sensitive, he said (see: Execs Say Google-Mandiant Deal to Merge Threat Intel, SecOps).
"A security operator doesn't have to worry about DLP because the system is smart enough to optimize it so that you're not running away on costs while maximizing coverage," Potti told ISMG. "That is relatively unique to Google compared to any other vendor out there."
Forrester criticized Google for lacking managed services and data discovery, subpar email DLP and rights management functionality, a challenging billing process, and not moving more quickly into new regions. Potti said data discovery was just introduced and that Google has made data protection more adaptable by enabling it only when it's needed, though he acknowledged clients deal with some changes in billing.
"If I'm now attaching DLP to every data action, then you don't need discovery in the classical sense," Potti said. "Traditional DLP was an offline process, and what we're trying to do is to move DLP into an inline process."
Varonis Doubles Down on Coverage, Automation and Remediation
Varonis has focused on adding more coverage and automation to its data protection platform as the faster adoption of cloud stores during the pandemic has made it easier for organizations to spin up structured data, said Senior Vice President of Strategic Programs David Gibson. The company has focused on safeguarding collaborative data stores where lots of users can touch the data, he said.
The company helps customers determine who can access and use corporate data, with an emphasis on prioritizing sensitive data and IP and identifying passwords that appear in clear text, Gibson said. From there, Varonis helps organizations remediate overexposed data, which Gibson said is all about reducing the blast radius if a user or device becomes compromised and starts behaving in an unauthorized manner (see: CEO Faitelson on How Varonis' SaaS Migration Helps Customers).
"When you look at the solutions out there that actually show you who has access to data or where sensitive data is concentrated and exposed, the list gets very small," Gibson told ISMG. "And then we provide the coverage and go deep on all of these data stores and then provide the automation on top of this visibility."
Forrester expressed concerns about the high cost of Varonis as well as its capabilities around datacentric controls such as rights management. Gibson said Varonis has opted to focus on its strengths, which include securing data where it lives, and build integrations with third-party providers such as Microsoft in areas including rights management.
"We are a premium offering, and you get what you pay for," Gibson said.
Forcepoint Pushes Upmarket With Broader Protection Platform
Forcepoint has recently added artificial intelligence and machine learning during the data classification and discovery process to determine the networks, endpoints and databases using a particular piece of data, said Chief Product Officer Rees Johnson. The company can now monitor data in a much broader fashion thanks to its focus on data activity tracing, data masking and data access governance, he said.
Forcepoint traditionally focused on serving midmarket customers with its data loss prevention tool but now focuses on bringing a broader data security platform to Fortune 100 customers looking for an alternative to Symantec. In response, he said, Forcepoint has invested in making its platform more scalable and helping clients use APIs to set and remediate policy as well as automate incident response (see: Forcepoint CEO on How SSE Eases Unified Policy Application).
"We have interweaved together a data life cycle," Johnson told ISMG. "It starts with the discovery of data, the classification of data, the monitoring of data and the protection of data, and then using AI and ML to make that efficient."
Forrester criticized Forcepoint for lagging in data and information governance use cases, data discovery performance and giving customers more customization over end-user prompts. Johnson said Forcepoint released a data governance module in the fourth quarter of 2022 and end-user prompts in early 2023, and it has invested in strengthening the performance of the data discovery module it released a year ago.
"I feel like we've checked the box for notifications and for data governance," Johnson said. "The data discovery is in process and improving and at least validated by one Fortune 100. But I need to get all my Fortune 100 customers implementing it."
Microsoft Uses ML to Help Customers Mitigate Risk Faster
Microsoft has boosted its data security by using machine learning to detect and automatically mitigate risks and dynamic controls that enable businesses to protect their data without sacrificing productivity, said Rudra Mitra, corporate vice president for Microsoft Data Security and Compliance. The company also introduced pseudonymization by default and role-based action controls to prioritize user privacy.
The company's machine learning advances help customers detect and mitigate risk with unprecedented speed and efficiency, enabling them to keep their users and data safe while deploying fewer resources, Mitra said. Microsoft has also made enhancements to reduce false positives and mitigate both inadvertent as well as malicious risks, according to Mitra (see: Microsoft Security Sales Hit $20B as Consolidation Increases).
'What makes Microsoft's data security solutions unique is our cloud-first approach, advanced machine learning capabilities, ability to leverage the Microsoft ecosystem, dedication to user privacy, and determination to helping organizations achieve data security without sacrificing productivity," Mitra told ISMG in an emailed statement.
Forrester and reference customers chided Microsoft for having limited data discovery controls, endpoint data loss protection that’s a work in progress, subpar self-service metrics, a suboptimal screen layout for its management console user interface, and a complex or convoluted licensing process. Microsoft declined to comment on Forrester's criticisms.