March 4, 2025 – Prime Factors, a leader in application-level data protection, has been recognized as a Sample Vendor in the Gartner Hype Cycle for Digital Sovereignty, 2024.

According to Gartner, "Digital sovereignty is the strategic imperative for ensuring autonomy over data, operations and technology infrastructure and aligning with regulatory frameworks within geographic boundaries." The report states that "the privacy landscape is increasingly complex. Gartner estimates that by 2025, 75% of the world's population will have its personal data covered under modern privacy regulations. Even further, we calculate that by then over 80% of organizations worldwide will face modern privacy and data protection requirements."

According to the research note, "Data security as a service (DSaaS) provides data security and protection capabilities as APIs or proxies. Organizations hand over their data to the service provider, which protects, transforms and shares it back to them or with third parties while achieving the required compliance and confidentiality." Gartner goes on to state "DSaaS makes complex, expensive or people-intensive data security controls accessible to mainstream organizations. It enables clients to shorten the deployment times of data security controls, bringing them into a position to minimize the impacts to cloud and DevOps initiatives. DSaaS achieves this by making the required data security controls or data transformations readily available through, for example, cloud-based APIs. Customers can, in theory, start right away, without the need to hire new staff."

"We believe that delivering data security as a service to applications is a game changer when it comes to simplifying security and making protecting data more easily consumable," said Justin Teitt, Chief Operating Officer at Prime Factors. "However, we don't believe that requiring data be handed over to a third-party service providers in order to realize the benefits of security-on-demand makes sense for most organizations, especially large enterprises with complex compliance requirements.  This is why we've spent over two decades developing EncryptRIGHT, to provide a simplified data protection service that doesn't involve the liability data being sent out to a third. Enterprises can quickly and easily deploy the data protection platform in-house on premises or in their own public or private cloud environments, providing centralized control over data protection policies and distributed enforcement of security, wherever applications need data protection."

According to Gartner "Data security platforms (DSPs) combine data discovery, policy definition and policy enforcement across structured data silos. Policy enforcement capabilities include format-preserving encryption (FPE), tokenization and dynamic data masking. These capabilities can be delivered through connectors, agents, proxies and APIs."  Gartner goes on to recommend that enterprises "Choose products that can provide a well-integrated, broad spectrum of controls combining data stewardship, policies and late-binding access controls. Popular late-binding access controls used by DSPs are cryptographic transforms, such as tokenization and FPE, dynamic data masking (DDM), and proprietary connectors and agents."

"We expect that advancements in computing technology and a rapidly evolving threat landscape will continue to compel government and enterprise organizations to rethink their approach to how they optimize their applications to safeguard sensitive data," said Teitt.  "We believe that enterprises should continue to look for solutions that not only deliver a broad spectrum of data protection functionality but also can help simplify the implement and ongoing management of protecting sensitive data wherever it is created, stored, and consumed."

Gartner clients can access the full report here.

*Gartner, Hype Cycle for Digital Sovereignty, 2024, Miguel Angel Borrega, Rene Buest, Gregor Petri, Bart Willemsen, Nader Henein, July 10, 2024.

Gartner Disclaimer

GARTNER and Hype Cycle are registered trademarks of Gartner, Inc. and/or its affiliates in the U.S. and internationally and is used herein with permission. All rights reserved.

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.