CIO Perspectives with Mark Settle: NextGen DLP-Data Misuse Protection
“CIO Perspectives” is a white paper series by Mark Settle that explores the top-of-mind technical issues confronting today’s CIOs and IT leaders. Mark is a seven-time CIO most recently at Okta, a three-time CIO 100 award winner, and a two-time book author. His most recent book is Truth from the Valley, A Practical Primer on IT Management for the Next Decade.
Conventional Data Loss Prevention (DLP) solutions were never designed to deal with the data sprawl, ubiquitous cloud services, regulatory restrictions, and end user behaviors that constitute the modern working world. They were built to detect the unauthorized transmission of sensitive information across key infrastructure boundaries. They’re frequently unable to detect internal uses of data that are illegal, unethical or inconsistent with the terms under which data was originally acquired.
Data Misuse Protection (DMP) is a broader conceptual framework for securing data in the future. It encompasses the prevention of data loss, but also includes safeguards to ensure appropriate data use and handling. The next generation DMP solutions envisioned in this report will provide data assets with more sophisticated means of protecting themselves. Instead of applying security tags and regulatory policies to data assets, the assets themselves should ‘own’ a rich set of metadata characteristics and subscribe to services that protect their integrity and control their usage.
In the wake of customer complaints about false advertising and neighborhood complaints about customer misbehavior, we’re reminded:
“The world moves at the speed of trust.”
— Brian Chesky, CEO of Airbnb, in a message to his employees
As we enter the 2020s, trustworthiness is rapidly becoming more than a corporate virtue — it’s becoming a corporate necessity. Effective DMP is a foundational operational requirement of every enterprise that seeks to survive in the 2020s. Exceptional DMP will be a source of competitive advantage.