The technical evaluation process for new security technology can be time-consuming, but it’s critically important. All stakeholders must be aligned on what success looks like and what you need to achieve those outcomes. This includes the business problems that are to be solved, the technical capabilities needed to solve them, as well as the time, money and effort required to administer a solution.
We can help you get started. Review this checklist to speed up your evaluation process and build stakeholder consensus on the requirements for purchasing a data protection solution.
Use Case Requirements
The high-level specifications that will enable you to manage data protection and insider threats. Use case requirements should be agreed upon by all project stakeholders.
- Delivers company-wide visibility into data risk caused by end users
- Delivers visibility into the insider threat activity of individual users
- Detects file exfiltration
- Detects file infiltration
- Detects file deletion and sabotage
- Prevents data loss without policies and content tagging
- Provides response tools to stop data theft, document risks, and correct mistakes
- Monitors user activity with respect for employee privacy
The technical specifications required to successfully meet your use cases. Technical requirements should be set and evaluated by security analysts and architects.
- Offers an interface that is easy to use and navigate
- Works without inhibiting employee productivity
- Monitors file activity that takes place on employee computers, regardless of network
- Monitors the creation, deletion, modification and movement of files
- Detects removable media, cloud/web app, web upload, copy/paste and printing activity
- Detects file sharing from a corporate cloud service and corporate email service to untrusted domains
- Detects file deletions and provides recovery of those deleted files
- Offers customized monitoring for specific groups of users such as departing employees, contractors, privileged access, and more
- Automatically prioritizes the activity that requires investigation and allows alerts to be sent to other systems
- Provides a historical view of user file activity, including off-hours activity
- Monitors files without requiring them to be tagged or classified
- Provides access to file contents for investigation
- Logs all file metadata, event information and user information
The specifications that will support a smooth deployment and integration with your existing IT and security investments. These should be established by security and IT stakeholders.
- Solution is cloud-based
- Cloud deployment can support federal and compliance requirements, if needed
- Open API is available for scripting and custom integrations
- Agent works well on all Mac, Windows and Linux operating systems and does not require a VPN or proxy
- Agent can be mass deployed, is silently installed, and reveals minimal endpoint impact
- New agent releases can be tested prior to company-wide rollout
- Pre-built integrations are available for technologies, including SSO, SIEM and SOAR
Your expectations for how a vendor will support you as a customer. These requirements are particularly important to security, procurement and legal stakeholders.
- Supplies evidence of corporate data security, privacy and compliance
- Provides introductions to customer references
- Assigns a dedicated account manager to customers
- Demonstrates a history of executing to roadmap commitments
- Offers opportunities to participate in advisory and early access programs
- Demonstrates a proven ability to quickly deploy new customers
- Provides knowledgeable and friendly support that is not outsourced, 24/7 for high-severity issues
- Offers a robust and easy to understand documentation library
- Offers role-based product training
- Has registered with the Cloud Security Alliance
- Offers a money-back guarantee