The global data loss prevention software market is hotter than ever, thanks to shifts in how and where workers access corporate data and the ever-present push to the cloud. Predicted to grow at a CAGR of 19 percent, analysts estimate the market will reach $7 billion by 2027. Amid recent disruption, concerns about information security have grown as the number of employees working remotely has increased. Combining this new paradigm with the movement of data from on-premise data centers to the cloud has generated a new wave of interest in DLP software not only from enterprise customers, but also from vendors ranging from industry stalwarts to up-and-coming challengers.
As a result, NPI analysts have seen an uptick in the number of clients evaluating ZTNA and SASE solutions. These two technologies are frenemies in the DLP space. ZTNA (Zero Trust Network Access) is the network model that basically says everyone is under scrutiny regardless of who you are, and seeks to greatly limit which parts of the enterprise and which applications end users are given access to. Under this paradigm, the access for each individual is greatly reduced. In a ZTNA model all access to the company’s applications must pass through a gatekeeper of sorts, and access is granted or denied based on profile. Complimentary to this technology is SASE (Secure Access Server Edge) or the idea of enabling security controls for all users, regardless of location.
Identify Overlapping Functionality
One challenge companies run into as they compare these solutions is deciding which are complimentary and which are competitive. Many of the protections these solutions bring to bear overlap, and paying for these redundancies creates unnecessary cost. To avoid paying twice for the same functionality, it’s important to fully explore the depth and breadth of these solutions. Keep in mind, however, that’s not often a straightforward task. Many solutions are sold in levels or bundles and buyers need to parse which features are included in each bundle and which products are available a la carte.
Having a granular view into solution functionality will help buyers stretch the corporate budget by choosing best-of-breed data loss prevention software solutions that compliment each other without unnecessary overlap. While some customers choose a single vendor approach, NPI advises to proceed with caution. There are times when buying more technology from a particular provider makes good financial sense in the short term because the vendor is charging less out of the gate. But pricing is rarely flat from year to year, particularly as the industry shifts from perpetual licensing and maintenance to subscription-based models.
Get Rid of Obsolete Toolsets
The ZTNA and SASE purchasing journeys often reveal areas of the infosec technology ecosystem that are obsolete or irrelevant. Companies must identify these toolsets and either fully remove or dial back usage to only the pieces that need to remain in place. In some cases, it may be a matter of simply turning off a function in a dashboard and informing the vendor so they stop charging you for that service. In more complicated situations though, this may take a discussion with the vendor(s) to convince them to reprice your existing agreement in a non-punitive fashion. Having the conversation early to avoid surprising the vendor at renewal time can often lessen the blow and allow runway for the buyer and seller to work out a mutually-beneficial outcome.
Remember – no supplier in today’s subscription-based world wants to see numbers go down. That said, most would rather see some revenue rather than nothing at all, and parts of their solution stack may still be important to your enterprise.
As Data Loss Prevention Software Demand Increases, So Does Risk of Wasteful Spend
As mentioned earlier, old and new vendors alike are eager to tap into increasing demand for data loss prevention software – and that has translated into a buying landscape that can be overwhelming. The risk for companies to overspend is large, but can be eliminated by having visibility into what the enterprise owns and what’s being used. This will provide IT buyers a clear baseline from which to compare and negotiate any net new DLP solution purchases.
- Blog: Enterprise IT Security – Should You Pay For an Incident Response Retainer?
- Blog: What Happens When Your Vendor Won’t Budge on Price During IT Price Negotiations?
- Bulletin: 8 Ways IT Sourcing Can Enable Business Resiliency and Continuity in 2021
- NPI Service: IT Price Benchmark Analysis & Contract Negotiation Intel