Choosing the right data security solution

Jean Le Bouthillier, CEO of Canadian data security startup Q​ohash​, says that organizations have had many issues with solutions that generate large volumes of (often) not relevant and not actionable data.

“My first piece of advice for organizations looking for the right data security solutions would be to consider whether they provide valuable metrics and information for reducing enterprise data risks. It sounds obvious, but you’d be surprised at the irrelevance and noisiness of some leading solutions — a problem that is becoming a nightmare with data volumes and velocity multiplying,” he told Help Net Security.

They should also analyze the pricing model of solutions and ensure that they are not presenting an unwelcome dilemma.

“If the pricing model for protecting your data is volume-adjusted, it will mean that over time, as data volumes increase, you’ll be tempted to reduce the scope of your protection to avoid cost overruns,” he noted. Such a situation should ideally be avoided.

Another important point: consider returning to basics and ensuring that you have a solid data classification policy and the means to automate it.

“Data classification is the fundamental root of any data security governance because it provides clarity and authority to support standards and other programs like user awareness efforts. In the context of data governance, data visibility and, ultimately, data-centric controls can’t work without data classification,” he explained.

“Think back on the millions of dollars spent on artificial intelligence projects that didn’t result in operational capabilities because little attention was paid to data quality, and accept that data protection projects – like any other ambitious project – can’t succeed without rock-solid foundations.”

With data volumes and velocity multiplying, how do you choose the right data security solution?