Focus believes that information is arguably every company’s most valuable and critical asset. Recent and past incidents of information theft or loss underscore the damaging and potentially fatal consequences to a business of unprotected or under-protected information. In contrast, information that is consistently secure yet readily accessible to authorized users can increase business agility and improve customer care, revenues and profits. The approach to information security taken by Covertix may provide an effective adjunct or alternative to traditional IT-empowered security solutions for many companies.

This analysis is presented to align with the key solution and vendor characteristics identified as critical to buyers in the Focus Research Methodology. These include product, cost and vendor considerations.

Product Considerations: Covertix has created a solution that focuses information protection efforts on individual specific business documents and the files containing them. The Covertix CxSense System includes a “SafeZone Manager” and analytics, dashboard, monitoring and reporting features. The “SmartFile” technology on which the Covertix solution is based enables information to protect itself, at rest or in transit, within and beyond corporate firewalls, according to Covertix.

A Document Governor provides policy-driven control over all protected documents and files. Examples of the types of protection offered include control over the right to copy, paste or print content or to capture screen prints. Specific operations and permissions can also be controlled based on specific dates, times, locations or network or host characteristics, such as VPN (virtual private network) connectivity. An Information Risk Analyzer presents auditing, tracking and other “forensic” information on who uses what files, when and where to help to identify and avoid information-related risks. The Covertix solution intends to provide a policy-driven approach to information security that combines DLP (data loss/leakage prevention) and ERM (enterprise rights management) techniques, according to the company.

The first time a user receives a Covertix-protected document and attempts to read it, the user must download and install a free, small software component, as they often must do to read Adobe PDF files. From that point onward, the Covertix solution is designed to operate transparently and non-disruptively. The solution avoids forcing users to learn or use additional security applications or to add steps to their usual workflows to protect “their” information. Focus believes that such features are essential to fostering the adoption levels necessary to maximize the business value of any information security measures.

Cost Considerations: Pricing for the Covertix solution is per-user, per-month, and varies with configuration and capacities. However, Focus expects overall costs to users to be at least competitive with more traditional solutions for functions such as encryption.

Vendor Considerations: Covertix is basically a startup, its partner ecosystem in its earliest stages. However, its founders have years of experience in finance, insurance and telecommunications, arenas where information security is a paramount concern.

The Focus Research Methodology has identified three basic Buyer Types for offerings such as information security solutions. These are Basic, Intermediate and Advanced Buyers, differentiated by characteristics including company size, available relevant expertise and complexity of the business challenge.

Focus believes that all active and prospective buyers of solutions such as those offered by Covertix should make a careful assessment of business needs a first step of their buying processes. In the case of information security, such assessment should, where possible, include a dollar value for information, or at least an estimate of the costs involved when information is lost or stolen. Such figures, even when only estimates, can help considerably in efforts to promote implementation and adoption of information security measures and tools, especially among senior executives and other business decision makers.

Focus Market and Comparison Guides are designed to aid in efforts to assess and prioritize business needs, and to use these to evaluate candidate solutions and vendors. Careful assessment of needs and resources can also help you to decide the Focus Buyer Type that most accurately describes your company.

Basic Buyers who are new to or just getting started with data, information and/or IT security solutions should begin by assessing the security features and options already available to them, as part of or separately from the needs assessment process. Basic Buyers should then look closely at business needs and user behaviors at their companies to determine which incumbent features and options, if any, can be invoked to improve information security with minimum user disruption.

For example, increasing the rigor and easing the changing of user passwords often requires little more than modification of existing policies and processes, with no additional IT investment needed. However, if users are required to remember and manage too many passwords, adoption of the modified policies may be insufficient to offer adequate protection. Basic Buyers must therefore weigh carefully the effects on users and the value to the business of any changes in information security policies, processes or tools.

Intermediate Buyers, especially those already using appropriate incumbent security features and/or security-specific solutions such as encryption, should contact Covertix to see if a trial of its solution is appropriate. Those Intermediate Buyers should also question Covertix closely about locally available support and interoperability with incumbent security solutions, business applications and information repositories.

Advanced Buyers already using comprehensive information and/or IT security measures and solutions should look at the Covertix solution as a possible adjunct to incumbent resources. If the features, pricing and/or channel partner support of the Covertix solution warrant further consideration, Advanced Buyers should seek a trial deployment from Covertix. Those Advanced Buyers should also seek details of Covertix’s product and partner ecosystem development plans, under non-disclosure agreements NDAs if necessary.

Regardless of whether Covertix’s solutions are appropriate for your company, Focus believes that they represent a logical evolution of and potentially significant improvement over traditional approaches to information security. Such approaches have largely tended to focus on specific IT infrastructure elements such as networks or servers. Many have also placed undue burdens on users, forcing them to “jump through hoops” to protect the business information they need to do their jobs.

However, many modern security solutions have become more user-centric, role-based and process-driven, focused more on securing users and their resources than on securing machines or connections. Similarly, the Covertix approach promises to help to focus security efforts on the information being protected, wherever and by whomever it is being used. Focus believes this “document-centric” approach may be more easily adopted at many organizations.

The transparent tracking and auditing features of the Covertix solution may also help organizations to improve their overall information security. Those features can help to provide important knowledge about how information is used, where it goes and how, when and where breaches happen. Focus believes that all Buyer Types should seek out similar features and benefits in any information security solution under serious consideration.