How do I select a data control solution for my business?

Data transparency allows people to know what personal data has been collected, what data an organization wants to collect and how it will be used. Data control provides the end-user with choice and authority over what is collected and even where it is shared.

Together the two lead to a competitive edge, as 85% of consumers say they will take their business elsewhere if they do not trust how a company is handling their data.

To select a suitable data control solution for your business, you need to think about a variety of factors. We’ve talked to several industry professionals to get their insight on the topic.

Michael Fritzlo, Executive Chairman, Ironsphere

Key to creating an efficient and effective data control solution, a very broad term, is to establish a data security and control framework that fits the specific needs of the organization. This starts with identifying and evaluating where and how each organization stores and processes data, and how data is accessed by staff and shared with external parties.

Following this analysis, security leaders put measures in place to defend the data, from endpoints to data storage, and transmittal of data on networks. When those measures include automated privileged access management solutions, organizations can not only see what is happening in real time, but can address breaches, for example shutting down accounts where credentials appear to have been shared or otherwise compromised.

Having a grasp on data across large companies, government agencies, healthcare systems and other organizations is becoming increasingly complex given the growing popularity of multi-cloud environments and third-party data generation and sharing agreements.

The more privileged users, whether employees or contractors, organizations have on board, the more difficult it becomes to track, record and respond to activity related to data in a 24/7 world. This is also a question of each company’s risk appetite.

Colm Healy, CEO, Corrata

Data overages are an issue for many businesses that cause huge unnecessary monthly expenses. With many employees now working from home, increased cellular data usage outside of controlled office networks is on the rise.

Another possible cause is a small handful of employees racking up overages using non-work apps such as social media or high bandwidth sites such as YouTube.

The good news is that data overages and ‘bill shock’ are easily avoidable with a robust data control solution in place. When choosing a solution look for these important features:

• The ability to set data caps for both domestic and roaming use
• The option to block high bandwidth sites such as Netflix
• The facility to set flexible usage policies tailored to different employee needs e.g. from the office to field
• The ability to whitelist business critical apps so that employees can still access their emails and other services after their data limit has been reached
• The option to disable certain applications on domestic or roaming but allow on Wi-Fi
• Respects employee privacy and anonymity

Not only will a data control solution eliminate data overages, but it will give a company better visibility and insight into the websites and apps that are consuming the most data.

Patrick Walsh, CEO, IronCore Labs

When thinking about data control, you have to consider where the data might go and how far you’d like your control to extend. Classic data loss prevention assumes a perimeter model where your data stays nicely inside your network, but we all know that model can’t work in a modern cloud environment with distributed data centers and hundreds or thousands of cloud apps being used by your organization — some with the consent of the security team and some without it.

A better model for thinking about data control comes from our friends in the networking space and the push toward zero-trust networks. Rather than bringing identity to a server level, we recommend companies think about how they can bring identity and access controls to the data level.

Data control in the 2020s is about monitoring access to data, deciding who has that access and being able to revoke it even when the data lives on someone else’s servers, devices, or offline backups.

When considering data control solutions, first consider your data control strategy and how it might extend across your ecosystem of vendors and partners. Then select the solution that fulfills the full promise of data control—the one where the data stays controlled regardless of borders and storage backends.