Webinar Recording

How Digital Transformation Meets Risk Governance and Compliance Demands

Log in and watch the full video!

KuppingerCole Webinar recording

Log in and watch the full video!

Upgrade to the Professional or Specialist Subscription Packages to access the entire KuppingerCole video library.

I have an account
Log in  
Register your account to start 30 days of free trial access
Subscribe to become a client
Choose a package  
Good afternoon, ladies and gentlemen, welcome to our webinar. How digital transformation meet risk governance and compliance demands, including at eight fundamentals for risk mitigation. This webinar is supported by interlinks. The speakers today are me Martin Ko. I'm the founder and principal Analyst of Ko a Cole and Richard Ensay who is CTO EA of drillings. So before we start some general information, some I was keeping information Ko. A Cole is an Analyst company. We provide enterprise it, research, advice, services, decisions, approach, and networking for it, professionals through our research services, our advisory services and our events amongst our events. There are the European identity and cloud conference, which will be held this year, May 10th to thirteens Munich against our 10th anniversary. And it's lead conference around these topics in Europe. And then we have the digital finance world, which will be, which will run in September, 2016 in Frankfurt.
So this is then more focused around FinTech, blockchain, and a lot of other related topics. Before we start some guidelines for the webinar, you are muted centrally, so you don't have to mute or unmute yourself via controlling. The, these features. We will record the webinar and the podcast recording will be available tomorrow. We also will provide the slide X of the two presentations we have today for download. And then that will be a Q and a session. At the end. You can enter questions anytime using the questions feature in the go to webinar control panel. Usually we pick these questions by the end of the webinar. In some cases, we might answer one other question directly, but usually we do it in the Q and a session at the end, the agenda for today, I will talk about the eight fundamentals for not only for, but also for risk mitigation and digital transformation and its impact on secure information sharing.
And the second part, then Richard ssay will talk about change programs that involve digitization of processes and approaches for accelerating efficiency of communication channels. And the third part, then we have, as I've said, the Q and a session, so I want to directly start with the eight fundamentals. I've created them a while ago and they are, from my perspective, have a report. They are from my perspective, some essential aspects. When we look at the entire, very, very popular topic of the true transformation. So first of all, the digital transformation affects every organization. So believing that this is something which only affects whatever manufacturing or so is that correct? We have so many areas where we see the transformation. We see the smart watches, which on one hand affect clearly the industry of watchmaker. They also affect a lot of other industries which consume information from these smart watches.
We have to connected vehicles. We have to smart homes affecting also many different industries, smart grids for the utility industries eBooks. And I think this is a very interesting example because so shows that the transformation is nothing which started maybe two years ago, but it started several years ago and some industries we talk about eBooks. We talk about digital music. They already are heavily affected by that they have fundamentally changed over the past years. Online retail is another good example of something which was happening for a while online payment. I don't know how for how many years I'm already using PayPal and manufacturing as well, where we currently probably see one of the biggest changes also with smart manufacturing, with IOT at every level of manufacturing. So every organization, every industry is affected and the digital transformation also is not something which is just a high, which general will disappear.
It's something it's, which was here to stay. And when I started with talking about these, these fundamentals, I just picked up some of these growths. Some of them might be familiar to you. So the former term Kaiser will choose that. I believe in the horror, the will, the automobile is trust, passing phenomenon. He was wrong. Ken Olson of deck. Does anyone remember D there's no reason anyone would want a computer in their home? I don't know how many I had over my year. Over the years, Charlie Chaplin didn't believe in the cinema. Also also someone from 20 century Fox didn't believe in television, the variety magazine didn't believe in rock and roll. The British post office didn't believe in the phone and so on. So we can goes through masses of these quotes. And I think the point is really, we will have the same situation here.
It's Anex it's so next it's an ubiquitous change we are facing for products. So our products are changing. They become connected. They change the way they are. We have additional services, which is a great opportunity for every business, which also means our business models might fundamentally change from a product to a service or to combine business. Our organizations have to change. So we have different partnerships with, for instance, the producers of connected things, where they, we consume data, whatever else our ecosystem finally is changing. So it's here to stay and it's something which affects a lot of areas. And it's more than just, I T so as for, for points here. So digital transformation is already a reality in many industries and in several of them, it's not about the connected things. It's something where we in fact have other types of transformation, which happened at a totally different level. And one of the most important areas, which frequently also associated with connecting things at the end, for instance, sensors, etcetera. So more in the manufacturing side, but industry for those or smart manufacturing is particularly about connecting manufacturing environments and the operational technology in there. So quite big things you also could say in some respect, these are things. Yes, but it's not really the OT thinking we have here.
Also, we need to understand that connecting things for the sake of connectivity does not create business. What we need to understand is it's this change in business models and the, and the change in services and the new services we provide that make the business. Finally, I believe that most, not all, but most businesses providing things will earn more with services than with the things themselves. So in tendency, we we'll see a shift towards a service business. All these changes also mean that we have to change the way we do. We set up our organizations. So we need to become more at trial and we need to communicate differently. We need to share more information with different parties. And that will be one of the, sort of the second main topic of this webinar. So the one is clearly digital transformation for itself. The other is what does it mean for communication, for sharing information and in this far more distributed supply chains and ecosystems, we have, we need to find out ways for sharing information.
So no success without agility. We need to be very flexible in a way innovativeness means we need to reinvent our businesses, our companies, we need to cover the, the challenge of rapid go to market. So not to miss opportunities. So it's very important that we are very flexible in, in, in going out to the market. When there are new things happening, we need to have a continuous improvement, which remains secure. So we need to have dev DevOps with a sec in their security part in there. And we need to look at business. It integration beyond alignment. So for years there has been to talk about business. It alignment. It's not about alignment. It's about integration. Alignment is not sufficient anymore. And all this always involves a lot of changes in communication. A lot of differences in the way we act here. So we have to change a lot of things.
And that means as we have new and changing growth in the organization, we might have a chief business development officer who drives innovation and go to market. We look at a CIO. So the role of CIO is changing. So managing traditional business, it traditional OT and the business integrated it of this new digital, digitally transformed environment, the CSO who has to cover security for everything, business, it OT, product, it, the product, it which needs to become fully integrated to this business. We can't do product it in a separate it department anymore. And by the way, we can't do security in a separate security department anymore. We have to integrate, we have to support this. We have to move forward. So our organizations will change, or we don't have the room for silos anymore. Everything, and everyone become connected as part of this transformation. So I've brought up this picture for so many, many times, which is around this computing track, how we called it, cloud computing, social computing, mobile computing, Marty wise, more deployment models, more types of users, not only the internal users using the PC for access to and premise systems, but far more stronger connected role.
And this is ever-changing, it's becoming even more complex right now with organizations, people's devices and things which are connected, which are depending on each other, which have a lot of very different communication channels. We need to, to, to manage that we need to securely share information, such environment. We need to understand who owns which device, how can we work with that device? How can we share information, et cetera, and all this runs done increasingly through APIs. So a lot of communication in the background. So the new ABC sort of agile businesses connected, we have the area of security and safety, which is another fundamental we need to understand this is another dichotomy. So it's not about, and, and some of you might have had this discussion with people, particularly from the operations technology security, which for good reasoning and safety of humans and equipment and reliability and availability while traditional it information technology, people think more in confidentiality, integrity, availability, but in fact, we need to solve both areas.
So this brave new world of smart manufacturing, it's about understanding that we have to be safe and secure. So we need to protect against attackers. We need to ensure that updates don't kill our systems or even affect people. And one of the challenges we clearly have is when we look at smart manufacturing, so we have people which will use 30 wise to access some types of services, which at the end control manufacturing, it means just that we have a direct access and there will be typically a bidirectional communication. So what is the status of my good that I have ordered? So I want to change something of which I have order trust before production, redirection communication. Once you're connected, you're under attack. So to speak. So systems are at risk and we have to merge OT and it security and the sync security. We have to cover this more complex world right now.
It's not about safety versus security. It's about safety and security. So time to sync OT as well, which is a more side topic here, another aspect, which I found very interesting. I will come back to that later. Again, many people perceive security currently as a risk. In fact, it's a risk, but it's also an opportunity so we can done right. We can enable in agility. And I've heard a lot, lot of block posts around that, which are around security by design equals at, by this design, we can enable the connected enterprise. That's something we need to do. We need to work in a far more complex ecosystem. It helps us in risk mitigation, product security puts your business case, your reputation and more at risk. And we need to mitigate these risks helps us in cost saving, compared particularly to doing nothing, supports us in collaboration and communication.
Again, there, the word is getting more and more complex. It helps us achieving compliance, avoid breach notifications. So there are a lot of things where it really helps us. So information security means business value if we do it right. And I think that days where, where we saw that information, security only costs money and doesn't have business benefit there passed if we do it right, then we can really become far more agile, far more, better, far more competitive in our business by doing information security, right? And then finally, our last fundamental is in fact, seven fundamentals, something I blocked about quite a while ago, seven fundamental for future identity and access management. I go through them RAA quickly. So it's to look at these fundamentals, it's we have more humans right now. We need to understand the identity of things, devices, services, and apps. We will have multiple identity providers, which provide identity information.
We will have multiple attribute providers, which provide additional data. So we will not have the one single directory anymore. We will have sit the situation that many of our users, our customers will have different identities. They might come in with that social login today. And with the other social login tomorrow, we still need to understand this is that person. This is Martin Kuppinger. I handle him at treating always as the same person, multiple indicators, as I've said, that could be more than one social login, identity relationships. We must map humans to things. We must understand which the wives belongs to whom also to protect information we share. And we need to understand the context, so identity and access, whereas in context. And so this is basically these fundamentals for digital transformation. And a lot of this is at the end of the day of doing stuff, right?
Doing information security, right? Constructing your software, right way, et cetera. And all this is at the end to protect an organization's ground tools. So what are these ground tools? It's brand reputation. So when something went wrong a while ago, at the end of the day, you ended up maybe at page 17 of a computer magazine today, you have a good chance if you lead customer data, to be the headline in the news, on TV in the evening. So customer data very important because it's one of our competitive advantage is always to know our, our customers better than the others, to the LA intellectual properties. Particular. When you look at manufacturing organizations, etcetera, and finally the people. So work is the people the right way, communicate with them, enable them also that's one part of the crown tools. And when I look at all this, and I think this is a, probably a little bit more technic view for than what I talked about was all connected, everything before.
So the world has changed. So 10 years ago, we had a security parameter. Most of the stuff happened within the parameter. We had few people out, few mobile people out, but it was really more parameter thing. And right now the world looks different. We have branch offices, we have data centers in the cloud. We have remote data centers. We have hackers rains, and we have the social networks where people come in, we have far more mobile users with far more types of devices. And we need to still to understand, we have to handle that environment. We have to protect information in that environment. And this is what leads us as a consequence of this ever changing and ever, ever, ever growing complexity of, of our ecosystems. We have to move forward in, how can we communicate? But also how can we share information? How can we just read information in a secure way?
And that leads us to something I would like to call the awareness challenge. And it's a very interesting thing because finally, it's, it's that interestingly and positively, the sea level is aware of the need for secure information sharing and information protection. They are the ones which come and say, we need to do it. The negative side is that even many it people from what I see in conversations are not aware of that. We can solve this challenge, that we have the tools available to securely share information, to secure the operate in whatever way we need in this ever-changing environment, where we have very agile ecosystems, different types of partnerships, cetera. So the positives of that is the, the C level, the people with the budgets, the people who drive it, they expect this to happen. The negative side is that there's still a lack of awareness that the technology for doing that for securely communicating for securely collaborating is mature enough today to use it.
I wanna, before I close, I want to come up with two graphics, which I find particularly important when we have these discussions and one of the points which we frequently see when it comes to also solutions around secure information, sharing other types of security solutions frequently is that there's a solution proposed. And then there's someone that's coming up from the it security side and says, oh, it's not security enough. There's no hundred percent security never ever, because there are so many other ways to PA bypass security by blackmailing by whatever at the end, there's no 100% security. And the other thing we should keep in mind is the limit of security cost for security moving towards 100% is infinite. So there's an exponential cost. The close will be move to 100% security of the murder cost crows. And the other side of this equation, it's sort of the same picture.
The other way around it's fee don't do anything. We have to full risk, but we never will achieve 0% risk. What we need to understand is that there's a cost of risk mitigation, which exponentially grows the closer we come to 0% risk, but we need to also understand what is the cost of our incidents. And there's no reason in investing more than an incident can cost. So it's not about one per 0% risk. It's about mitigating the risk in a perfect way. So when we finally look at this and in the context of the children information, secure information, sharing something, which is extremely important, it's available, it's mature and there are no alternatives. So we have the vendors with their partners. We have the major problem solved, and there's no other way to really project your crown tools and your organization. Was that a hand over to Richard? Well, let him a moderator and unmute him. So Richard, it's your term.
Thank you, Martin. Thanks very much. Good afternoon, everyone. And thanks for that insight. I'd now like to take the discussion further about this balance between the need for digital transformation and the challenge of maintaining regulatory compliance while doing so I'll talk about some of the ways that we've helped our customers achieve both at the same time and hopefully provide some insight and some things to think about when embarking on this challenge, I'll try to keep to 20 minutes or so, and leave some time for the questions at the end, in the spirit of legal compliance. Of course, I need to offer the standard disclaimers, which I'm sure you've all read and internalized before we go onto the main content. I have a single slide to explain interlink credentials in this space. For those of you who haven't heard of us before interlink is a pioneer of software as a service, we've been facilitating secure sharing of highly sensitive and market moving information since 1996, which is long before most people would do their shopping online.
99% of the fortune 1000 companies have used our platform to share some of their most confidential assets beyond their organizational boundary. And we've worked throughout the most highly regulated and risk adverse industries, including financial services, life sciences, energy, and utilities, and so on the use of our services grown significantly over the last 20 years and continues to grow another leading Analyst firm, whose name I Sean mentioned has ed it. Number one by revenue in their collaboration and social software suites category. For the last nine years, we have a strong European presence, including major offices in Frankfurt, Paris and London. We have European data centers and they're currently expanding our presence, opening new data centers in Germany next quarter. So that's who we are. I think that qualifies us to talk about this challenge of balancing the needs of regulatory compliance with the huge benefits of transforming processes and external interactions for the digital world.
Moving on from Martin Kaiser, Wilham quote. My first line uses the words of Mr. Darwin to highlight the essential need, to be able to adapt to change. And I'd urge you to think about this in the context of your organization. Will you win because you have the strongest products or the smartest experts in your field, are you agile enough to adapt to the new world surroundings? I actually thought about this slide in the call. I just came from, which was with a global bank that will remain nameless. The subject was the support of their windows XP estate. Now the death of windows XP should not have taken anybody by surprise, but it can be very difficult as a large organization to adapt. And the rate of change that we're experiencing at the moment is really quite incredible. I dunno, if any of you followed the proceedings of the world economic forum in Davos earlier in the year, maybe some of you are there your sounds in January for anyone on the call who isn't a billionaire in one of the discussion points was that we could be seeing right now of fourth industrial revolution.
The idea is that if the first industrial revolution was driven by steam power, the second by electricity, the third was then driven by software and personal computing. The idea is that perhaps we're now seeing a fourth industrial revolution, and there seems to be no real agreement on precisely how to label it. It could be cloud, it could be internet of things or something else I'll stick with calling it the, the interconnectedness of everything. The fascinating thing about that progression from one to four is that with some approximation, the steam revolution took place over maybe a hundred year period. Arguably the revolution of electricity and electrical devices was perhaps over 50 years, the software revolution took place over 25. And so this is an exponential progression suggests the next revolution would follow a period of 10 to 12 years, which is this incredible rate of change that we've seen at the moment.
And the nature of industrial revolutions is that through each one, the entire economy needs to completely retool and reskill. And that was painful enough in the first revolution that took place over a hundred years. But as the timeline shrinks, the disruption caused becomes greater and greater, and it should be noted that the same challenge exists for those who regulate industries as for those who operate within them, how to keep, keep up with the retooling and re-skilling to remain relevant throughout massive change is a huge task. If you have any doubt about the effect of this rate of change. And I think this slide speaks volumes, a taxi company with no vehicles, an accommodation provider with no real estate and the media provider creating no content would've seemed completely impossible a short time ago. You may have seen this list before, but the thing that ties these points together for me is the fact that the success of these entirely new companies that barely existed 10 years ago is all driven by this interconnectedness that I mentioned from the fourth revolution. Uber connects people who need a lift to somewhere in the area who can drive them. But interestingly, the model works equally well, if it's a self-driving car rather than a driver, because it's all about the connections, not the end points. And this is the key characteristic of this interconnectedness of everything changed that we're going through. The same thing could be said about Airbnb connecting those who need a place to stay with an empty bed and so on.
So the fourth industrial revolution also turns what was the third it revolution on its head in the previously control of it. Resource and capability was really reserved for the corporation. If you, I mean, you had to go to the office, you went to the office to get access to computing resources that were far greater than anything that you could conceivably afford at home. However, many employees now are more interconnected and powerful in their personal lives than they are in their professional ones turned that balance entirely on its head. And so employees and customers are demanding the same level of interconnectedness in everything they do. And if you can't provide it, then they'll simply go to someone else who can, and for established large and especially regulated organizations, this pivot can be very tough to navigate. So you gotta think how interconnected is your organization. And really part of the problem is that we've spent the past 20 years or so building up boundaries effectively, we've built firewalls and segmentation and silos.
We've put barriers up that prevent connections. And then we realize that the humans are also weak link in network security as Martin suggested. And so we kind of retreated back to the data center and built more walls around our data and applications. And all the time we were driven by these notions of risk and compliance to assume that everything that was on premise and held inside was by its nature more secure than anything that was outside, which may look no longer be true. We also made it harder in the process to move information around to where its value can be realized, but to properly leverage the value of your information. It needs to be in motion. It needs to be shareable and potentially also needs to be retractable needs to be cleaned up and probably needs to be disposed of at a similar rate to that at which is being created. And all the time, the threats to our data have evolved and mutated to the point where we, every large company starts to need an army of it, security and encryption experts to protect the core business from the perceived threat. And so this digital transformation under the scrutiny of regulation and compliance starts to sound like an almost impossible goal.
So let's look at the, the, the opposing forces and, and what are the, the forces that, that are fighting against each other here effectively. On the one side side, we have risk and governance. We have these really strong customer privacy locations that seek to control the flow of data. Everything is secret and less otherwise specified. We almost require friction to make this happen. And we become very internally process centric. We focus on liability and kind of resist change in order to avoid the reputational damage. But on the other side of the balance, we have this need at the heart of digital transformation to really drive the customer experience, which is the heart of digital transformation. We need to share information fast. We demand transparency and, and seek to reduce friction at every, every opportunity rather than being process-centric. We need to be customer-centric and fo focus on the opportunity that comes from embracing this change and in order to positively enhance the reputation.
And, and so these may seem like entirely opposite and intractable forces, but the good news is that we've got some great examples where we've managed to achieve that, that change to effectively satisfy both of these similarly competing forces. At the same time, I've got some proof points here. We've got hundreds of proof points of examples like this. I pulled out just a few really in order to, in order to highlight some examples, what we're talking about. So one classic example is customer onboarding. This is where you have some kind of application cycle. You, you are trying to attract new customers, but in order to onboard them, you need to collect a whole set of information, perhaps paper based information, like perhaps you need to collect proof of earnings, or perhaps you need to have some proof of identity. And in reducing friction, you really need to make that as seamless as possible for the end users.
And so we are working with a number of customers to find ways in which they can engage with external customers who all have smart phones and good connectivity in order to collect digital information as part of an onboarding process. And to bring those directly into a customer process. Another example is the need for secure email alternatives. So we have a number of customers that come to us and really worried that their customers are demanding communication via email, and yet the risk in compliance folks deem that to be entirely impossible. It's just too risky. You can't use email for confidential information. And so there are some great solutions to that problem using secure client workspaces that can effectively remove this liability associated with transferring secure information over email, you can use email as an alerting mechanism to tell people when something's changed, but using a, a secure client workspace metaphor, you can really achieve the same goal of, of email, but layering on a significant, additional security to the process in order to keep the risk and compliance people happy. Another area we've seen great interest is in outsourcing and joint ventures, where often there is set of projects, many of which are actually quite secret in the sense that internal employees may be including internal it staff who have very high level privileged access and, and high privileged passwords. We may be dealing with information that is even secret from those people. And we need to get engage with external parties in order to kick off these projects, perhaps to do outsourcing or create new joint ventures.
In addition to that, those relationships, they have a life cycle themselves. And so there's a huge need to be able to clean up and to remove data, to take data back from external parties, with whom you may have shared it. And we're seeing huge interest in projects associated with really grasping their increased interconnectedness of people externally being able to rapidly and quickly get through the legal difficulties associated with working with external parties, including the ability to, for example, have external parties sign off effectively on an NDA as part of entering the workspace to share information, and then being able to pull that information back afterwards when the, when the relationship is finished. And that really goes on to the fourth use case I've got here, which is around reversible document sharing. We have some examples. The one that Springs to mind is in, in automating communication with a, a network of franchisees where it's really important to be able to rapidly communicate data, which is often quite sensitive, that must not be really taken away or shared with competitors potentially.
And so we've been engaging in a set of projects that enable companies to share this data data externally with their franchisees, and to be able to pull it back afterwards, to be able to rescind the permission, to see that data to effectively remotely shred or, and share that data and all the time, being able to maintain an audit trail to say who saw what, and when as a set of, of examples, we've got many more of those that, that we could talk about, but we don't have a huge amount of time on the call. So I'm gonna move on to my last quote, which moves on from Mr. Darwin to Jack Welsh. There's a, an excellent quote here, which is that if the change is happening faster on the outside than the inside than the end is now, and, and this is especially critical of the time when the external world is changing so fast and so rapidly that it becomes incredibly difficult for large organizations, especially to catch up and to keep pace with that rate of change. But the good news is that there is a way to do this. There are ways to satisfy both the, the regulators and the need for digital transformation. And so I'd urge you not to be locked in your cocoon of re regulation breakout, and it is possible to, to become a butterfly. And so with that, I'll hand back to Martin and see if you have any questions on the line so far.
Thank thank you, Richard. And so we're waiting for the questions. Hopefully we get some, we have the first questions here anyway, but the more questions they're more lively this discussion. So the first question I have here is can you explain what you mean by reversible document sharing and what technologies involved to achieve that?
Yeah, certainly. So this, this, this idea is that it's often necessary to share information quickly with an external party, but it's at the same time, it's also your responsibility to clean up that data to take it back again afterwards, if that information is no longer needed by the third party or perhaps the relationship changes and the technology that we use for that is called information rights management. We've put a lot of investment into technologies to enable that type of behavior, both within Microsoft office environments and Adobe PDF environments, where the end user doesn't need to have any additional technology beyond, beyond those tools on their desktop and using rights management is possible to share data with somebody else to allow them to have it, to read it locally, not to print it, but to be able to then remove their privilege to that later on using encryption and key exchange and checking back to see what the permissions are at a later time, we're able to effectively revert that information back to an encrypted blob that cannot be read anymore once that engagement has completed.
Okay. So is there anyway, if you look at the regulated customers, so how are the regulated customers, you mentioned allowed to use cloud services for confidential data? I know that the sort of the reluctance regarding load cloud definitely has decreased over the past maybe year or so, even the, in the more reluctant region such as central Europe. Anyway. So what does it mean from a, from a highly regulated industry? I know particular finance industry is still somewhat reluctant to rely on cloud services for such sensitive information.
Yeah. So I think the first thing to point out is that there is no contradiction between security and the cloud. It is absolutely possible to build highly secure applications operating through the medium of the internet. And often these solutions are even more secure than things that are held on premise. And there's a huge, a huge swing in, in attitudes taking place right now, where you gonna realize that well, because employees are often such a weak link and employees are on the internal network. Employees are vulnerable to things like advanced system threats and phishing attacks. But in fact, by removing core data and highly confidential data from the on-premise infrastructure, you can achieve an even greater level of security than perhaps your own internal. It is able to provide in some cases now, but,
But Richard, Richard, that's something, you know, and I know theoretically the regulators should know as well, but I still see that situation that, that all of us are aware. So the, at least the experts are aware that probably most cloud services are more secure than what organizations have inside inside in their own it environments. Anyway, how do you, how do you convince the regulators or the customers that this is really true?
Yeah. The interesting thing from, from the interlink perspective is that we've been doing this for a long, long time. We've been working with the banks and in fact, with the regulators as well, we have a number of regulators who use our own platform as part of their submission process. And so there is a lot of precedent out there for using cloud services in a highly regulated environment. There is no regulation that says you shall not use cloud services. There is a lot of confusion about geo location and how that plays into the regulation, but really we are happy to talk to anybody who has questions around that subject in specific jurisdictions for, but there, there is no reason why a regulated industry cannot take advantage of the huge agility that comes from the cloud services. And we we'd to help who has questions about that.
Okay. Yeah. That's a, that's an excellent answer. I I'm, as I said, I'm fully with you and I think things are getting easier these days, but it's still for many organizations. It's still challenge to say, okay, I go to the cloud, another question we have here is where are your data centers located?
Yeah. So we have data centers in the UK. We have two in the UK. We have two in the us, we're in the process of opening another two in Germany. And yeah, we have a list of other locations to follow.
Okay. Do you operate your own data centers or which type of approach do you take here?
Yeah, so we, we effectively, we, we use a, a third party provider really purely for the Rackspace and everything else is ours. Rackspace, not as a brand name by the way, it's a different provider, but so we, we own and operate all of our own equipment, but we use shared data center capacity.
Okay. So what is your, your observation of this market? So when I look at it from an Analyst perspective over the last maybe one and a half or two years, the, the, the topic of secure information, sharing, secure collaboration, information, rights management became far more prominent than it has been in the years before. Do you see the same increasing awareness and perception and demand in the market? We observe?
Yes. I think things are changing very rapidly. Again, I think the, the knowledge of the, of, of the technologies that are available has moved on considerably, even in, in the last three and a half years that I've been been with interlinks. And in fact, I, you know, I came from an on-premise software vendor effectively, previously, and, you know, the, the, the change in the industry and the perception has moved on incredibly. I think that, you know, these, you mentioned information, rights management. It's actually the technology that it's, that has been around for a long time. I, I think there hasn't been a huge amount of awareness of it. And there have been some obstacles in its wider adoption because of the need to install something locally. So previously it was always very difficult to do this when you were sharing with somebody who wasn't in your organization, because you'd have to ask them to install something.
And that was always a huge amount of friction in the chain, but the technology that we're able to bring to market right now removes that obstacle. So it takes away the need to install anything, but nevertheless leverages this very powerful rights management technology that can effectively allow the, the data to protect itself. So there can be a word document out there that is copied, moved around, but in fact, it's only the encrypted version of that document. And it's only at the time that somebody tries to open it, that, that their, their privilege is validated. And we decide at that point in time, whether or not we give out the key to decrypted, if the person can prove that they have they're the right persons, they are permissioned and, and have the, have the authority to see that content. Then we grant them a license to, to have a key for a short period of time to decrypted, but that key then goes away and can no longer be used. And certainly can't be used after the, the user's been decommissioned. And so, yeah, the, the, the technology landscape is moving quickly. I think awareness of it is moving as well. But yeah, there's still a lot of people who don't know that this capability exists and that it's there and available to use for, for these, this type of digital transformation program.
Okay. So to, to wrap it up. So in these days of the digital transformation where we have an ever increasing complexity of our ecosystem of the needs to collaborate with various parties, we have the solutions we trust need to use them.
Okay. Richard, thank you for your presentation. Thank you for your insights. Thank you to all the attendees for participating in this webinar and listening to us and have a nice day.

Stay Connected

KuppingerCole on social media

Related Videos

Event Recording

Standards & Regulatory Frameworks Are Static, Security Isn't

Current frameworks from Cyber Essentials in the UK, to the NIST Cyber Security Framework, HIPPA, PCI-DSS and even ISO27002:2022 often take at least 18-24 months to agree by their governance bodies. The world is much faster moving that that, the fact many regulatory frameworks will take…

Analyst Chat

Analyst Chat #141: What Defines Modern Cybersecurity Leadership

How do you implement modern cybersecurity leadership between compliance, threat protection, privacy and business enablement? To answer this question, Matthias invited the CEO of KuppingerCole Analysts, Berthold Kerl, who was and is active in various roles as a leader in cybersecurity.…

Analyst Chat

Analyst Chat #129: Market Compass Secure Collaboration

Secure Collaboration solutions focus on enabling data-centric security to facilitate virtual collaboration. Annie Bailey talks with Matthias about this market segment that provides increasingly flexible, interoperable, and therefore even more secure solutions.

Webinar Recording

The Changing Scope of the NIS 2 EU Directive

The NIS Directive aimed at achieving a common standard of network and information security across all EU Member States, with a focus on operators of essential services, is scheduled for an update. Suppliers of utilities, healthcare, transport, communications, and other services need to know…

Event Recording

Marcus Scharra: Why PAM is crucial for DevOps security compliance

How can we help you

Send an inquiry

Call Us +49 211 2370770

Mo – Fr 8:00 – 17:00