Earlier this week, I was briefed on Dell Data Guardian—a new offering from what is now arguably the biggest tech company in the world, focused on making file level security braindead-easy to use. Big companies making things easy for users doesn’t happen that often, largely because the bigger a firm becomes the more focused on volume buyers, regulations/compliance, and politics it gets and users tend to drop into noise. So, when a firm of Dell Technology’s size brings out a tool focused to make a critical corporate requirement—security—easy for users, I find it interesting and a behavior we should all work harder to encourage. Apparently, and this should be no surprise, according to a recent Dell security survey the lack of an easy tool to better secure shared information is limiting collaboration both inside and outside the company. Dell’s Data Guardian solution is targeted at fixing the problem of secure file sharing both inside and outside the firm.
Let’s talk about Dell’s Data Guardian this week.
Encryption at scale for users is all about key management. The encryption part is easy—if a bit resource intensive, but making sure the encrypted files can be easily accessed, shared, and yet still remain secured has been one of the biggest problems keeping encrypting at a file level far less than a universal practice.
Like most tools in its class, Data Guardian is policy driven. But, by default, employees within the same domain automatically have access to the keys for encrypted files created within that domain. This means that an employee can create and send an encrypted file to a co-worker in the same domain pretty much the same way they do now with an unencrypted file. There is no extra process.
However, if they want to send the same file to someone outside of the domain they have to give that person access to the key and that is done through special permissions applied while sending the related email. That means an extra step that should remind the employee they are responsible now for sharing what may be confidential information, but the recipient’s path to working with the file is still pretty easy. However, if that recipient sends the file on, that file cannot be opened. They can click on a link to request permission from the file owner, and—assuming that person is around and amenable to the request—get access in a short period of time.
Data Guardian has embedded permissions that enable or restrict printing and cutting information, making it much harder to bypass its security features. The only ongoing security exposure outside of this system would be some kind of photographic screen capture process that still could bypass this (and most other forms of file level protection). Unfortunately, right now, the best way to prevent against that is to only allow files be viewed in areas that are monitored specifically for that kind of activity. You could do that through the policies of this service but, with the exception of the most secure firms, I don’t see it as practical.
With the growing concerns surrounding securing company data given the level and visibility of an increasing number of large breaches, the premise that collaboration is being adversely impacted would seem inherently obvious. But a solution not only needs to be comprehensive, it needs to be transparent or employees won’t use it.
For a company of Dell’s size to focus on a user problem at this level is unusual and creating a tool that appears to both address the problem and meet those user ease-of-use requirements more unusual still. Yet Dell’s Data Guardian appears to do exactly that and could become a critical part of a plan to assure employees can safely collaborate both inside and outside the company. In the end, what makes this tool special is its simplicity, I wish more companies would realize that a far better focus on simplicity could result in far more usable, and far more widely used, solutions.