Transcript
Mike Matchett: What's what's the friction of doing a better job with that data loss prevention? Hank Schless: Yeah. Think this one will will break up into two two small pieces. The first is just mean. You just look at the the amount of data, right. I mean we we can see we obviously can't see the data itself. But you know there the actions that are going on within our customers, you know, within their consoles indicate that, you know, the average user in our customer base, not even not even just the average admin, not anything like that, but, you know, the the average employee at one of our customers is handling or modifying, you know, over a thousand files a month. And that's and that's just wild. I mean, you think about you think about trying to do that manually. You know, you think about even trying to evolve the way you're doing things. Right. If you have Andy mentioned that, you know, DLP is something that people have been looking at and using for, you know, a couple decades now. And you think about someone with a really, well, well-refined, well-tuned, you know, on-prem DLP solution that they've been using for a long time and and all of a sudden it starts to, you know, you're starting to realize that maybe it's it can't totally keep up with with the demands of SaaS. And so I think that, you know, from my perspective, that's probably one you know it's just you have these things have been in place for so long. The idea of replacing it is is so much work and so much pain and people are already strained on on their resources that, you know, do you just kind of continue to live with that level of risk as part of your overall, you know, sort of risk posture? Or do you take that the time, money and people required to modernize it and then sort of future proof it for, you know, for a little while? So that's sort of that's that's those are my $0.02 on it. Andy, I know if you feel. Andy Olpin: Well I think you're right. And I think the other part of that is not only the identification of data that has to be addressed in an automated way, but you've got to have an automated response process. So think about it like this. Let's say you're a 100-person organization. That means every month based on this data, you've got 100,000 files that are touched and accessed now. So if our systems automatically finding those with sensitive data, you may still have 10% of those files with sensitive data, let's say. That's still 10,000 files, right? So even if I say, oh, we're going to cut down your work by 90%, that's still way more work than you can handle, right? So we've got to have a way to not only automatically identify the data, but we've got to have a way to automatically respond to the data. And the reason we we have this little meme here about the spider-mans pointing at each other is that all this problem, right, has really come down to like the business data owners and the CISOs pointing at each other. Right. The CISOs are going, look, I can get you lots of tools. I own the tools, but I don't know about your data. Right. This is your data. You've got to tell me what's important. And the business owners come back and say, Well, but I need a tool. Like the amount of data here is just overwhelming and I can't do it. So this is one of the reasons why a lot of organizations just haven't done anything. It's a huge potential problem. It's a huge amount of work and no one person really owns it. Right? So we end up playing the Spider-Man game, pointing at each other and then nothing ever gets done.