Time for reflection

Wow! What a journey. To say we learnt a lot in 2017 is an understatement. We underwent significant growth in terms of headcount in all regions across all departments. We opened up a new regional HQ in Austin, TX and grew our Global revenues >40% and acquired more customers in 2017 than in all other previous years combined. We also saw a significant increase in our average order value as a result of steady flow of larger customer acquisitions in all regions.

And we’re just getting started.

2017 saw a major restructure of our business, we took some tough decisions around our ‘portfolio’ and we’re now clearer than ever about who we are and where we’re going. We re-framed the Lepide story to be one of business value and solutions as opposed to products and features. We've focused heavily on our security and compliance story. We also took time this year to survey a large number of our prospects and customers to truly get to the essence of our value and the actual problems we were solving.

Here’s what we learnt…

Most organisations were [still] failing / struggling to get the visibility they need to understand how their employees were interacting with their unstructured data. From the surveys we conducted, only 45% of all mid-market organisations had any real insight as to how their unstructured data was being handled by their employees.

Secondly, and perhaps more worrying, access rights were still posing a real challenge. We found that permission sprawl was regularly cited as an issue. Most organisations (60%) simply did not have any meaningful process or technology to ensure only those people that needed access to files and folders had it. Put simply – most didn’t know who had access to what or how access was granted.

Thirdly, we found that the systems that essentially support and facilitate business ops and access such as Active Directory, Group policy, SQL, SharePoint, Office 365 etc. we’re left largely ignored, with only a third or organisations proactively keeping track of what their privileged users were doing with these platforms. It was apparent that most organisations lacked policy or controls in place to spot or prevent privilege abuse across these areas.

So, our goal, our mission, our why… really boils down to our ability to be able to answer 3 fundamental yet simple questions.

1.)   What are your users doing with the unstructured data within your organisation? (Access, copy, delete, move, modification etc.)

2.)   Who has access to your data and how was the access granted? (current and historical permission analysis)

3.)   How are your privileged users interacting with your critical systems? (Active Directory, Group Policy, SQL, SharePoint, Office 365, Exchange)

Things are looking up...

What we found particularly interesting was the shift in attitudes in 2017. While in 2016 we saw a lot of organisations citing ‘products’ to solve these issues as a ‘nice to have’ with a rhetoric of ‘ought’ in 2017 we heard prospects talking about ‘need’ as a result of recognition of such issues having caused real business issues (compliance failures, data leakage, rogue admins etc). In real terms this reduced our process of education in our engagement with prospects. They already understood the issues and the importance of solving them.   So while 2017 was a tough year for cyber security and compliance teams anecdotally we’ve been experiencing a better culture and understanding towards addressing insider threats, data leakage and privilege abuse. We’ve also seen compliance being taken more prominent role than before with more and conversations and concerns around HIPPA compliance and more recently GDPR.

Lets hope for more of the same for 2018. It’s going to be a big one.

Aidan Simister, CEO , Lepide.com

[email protected]