-
Fasoo Explains the Need for Enterprise DRM at Gartner Security and Risk Management Summit 2021
Fasoo, a leader in data-centric security, demonstrated its All-In-One, Only One solution at the 2021 Virtual Gartner Security and Risk Management Summit this week. The company showcased how it can help organizations maintain security and privacy in today's remote and hybrid work world without compromising productivity. This includes enabling zero-trust architectures, protecting data everywhere, complying with privacy regulations, and the new Cybersecurity Executive Order 2021 . Peter Firstbrook, a VP Analyst at Gartner, spoke in his session about how remote or hybrid work is the new normal for organizations around the world. A key consideration is how to maintain data privacy and security when working remotely. Fasoo's All-In-One solution uses zero-trust principles to discover, classify and protect sensitive data by maintaining strict access controls when collaborating and sharing data with internal and external parties. During Fasoo's session, "Cybersecurity Executive Order 2021: Are You Prepared?", the company discussed how Fasoo Enterprise DRM is critical to meet the data security and privacy requirements of both the US Federal Government and organizations that do business with it, including the supply chain. The same Fasoo technology applies to securing data in remote work environments for all organizations worldwide. Fasoo Enterprise DRM works to protect, control and track sensitive documents at rest, in transit and in use persistently on any device at any time throughout the entire document lifecycle. By encrypting files and adding granular controls, you can limit editing, printing and sharing sensitive content with unauthorized users both inside and outside your organization. Because Fasoo EDRM requires users to be authenticated and authorized each time to access sensitive documents, it is a key component of zero-trust architectures. View the release on PR Newswire
November 23, 2021 -
GREENFEED applies Fasoo’s DRM to fortify intellectual property protection and reduce threat surfaces
Multi-national animal feed and livestock corporation GREENFEED has implemented data and application security firm Fasoo’s enterprise digital rights management (DRM) solution to protect against insider threats, prevent data breaches, and enforce the highest level of protection for its sensitive data and intellectual property documents. Before the use of Fasoo’s DRM, GREENFEED used conventional, perimeter-based security measures, but the solutions were not ideal for managing insider threats. Most of GREENFEED’s intellectual property (IP) documents were in the forms of Microsoft Office, AutoCAD, and Adobe Illustrator that the company was seeking to enforce file-level access controls and audit trails to the IP documents in various formats at all times. GREENFEED added capabilities that all sensitive documents are automatically encrypted when saved and only authorized users with proper credentials to access the documents regardless of their location. In addition, GREENFEED applied screen security solutions to work from home and remote workers, preventing and tracing unauthorized capture attempts. As a result, GREENFEED was able to construct a data-centric security architecture, protecting sensitive information whether data is at rest, in transit, or even in use. “Enterprise DRM used to be a popular choice for few vertical industries like high-tech manufacturing, BFSI, and public industries, but it has become essential solutions for all verticals as we approach hybrid workplace era,” said Kangman Lee of Fasoo. In September, Fasoo also updated its cloud security solution, Fasoo CloudBridge to enhance the usability and security of data managed at cloud-based repositories. View the release on CISION PR Newswire
October 4, 2021 -
Fasoo Named Winner of the Coveted Global InfoSec Awards during RSA Conference 2021
Fasoo is proud to announce we have won the Next-Gen in Digital Rights Management award from Cyber Defense Magazine (CDM), the industry's leading electronic information security magazine. Fasoo Enterprise DRM helps organizations protect against insider threats, prevent data breaches, and enforce the highest level of protection for sensitive data and intellectual property documents (e.g., Office, PDF, CAD) on any device at any time throughout the entire document lifecycle. Fasoo has differentiated itself from its competitors by providing a centralized security policy model that allows administrators to delegate some policy management to departments and users. Unlike solutions where users are required to make security decisions, Fasoo provides automatic dynamic permission control with easy management of exceptions allowing users to work securely without changing existing business workflows. "We're thrilled to receive one of the most prestigious and coveted cybersecurity awards in the world from Cyber Defense Magazine. We knew the competition would be tough and with top judges who are leading infosec experts from around the globe, we couldn't be more pleased," said Kyugon Cho of Fasoo. "We scoured the globe looking for cybersecurity innovators that could make a huge difference and potentially help turn the tide against the exponential growth in cyber crime. Fasoo is absolutely worthy of this coveted award and consideration for deployment in your environment," said Gary S. Miliefsky, Publisher of Cyber Defense Magazine. We're thrilled to be a member on this coveted group of winners, located here: http://www.cyberdefenseawards.com/ Please join us virtually at the #RSAC RSA Conference 2021, https://www.rsaconference.com/usa today, as we share our red carpet experience and proudly display our trophy online at our website, our blog and our social media channels. About Fasoo Fasoo provides unstructured data security, privacy, and enterprise content platforms that protect, control, trace, analyze and share critical business information securely to reduce insider threats, prevent data breaches and protect intellectual property, while enhancing productivity. Fasoo's continuous focus on customer innovation and creativity provides market-leading solutions to the challenges faced by organizations of all sizes and industries. About CDM InfoSec Awards This is Cyber Defense Magazine's ninth year of honoring global InfoSec innovators. Our submission requirements are for any startup, early stage, later stage or public companies in the INFORMATION SECURITY (INFOSEC) space who believe they have a unique and compelling value proposition for their product or service. Learn more at www.cyberdefenseawards.com About the Judging The judges are CISSP, FMDHS, CEH, certified security professionals who voted based on their independent review of the company submitted materials on the website of each submission including but not limited to data sheets, white papers, product literature and other market variables. CDM has a flexible philosophy to find more innovative players with new and unique technologies, than the one with the most customers or money in the bank. CDM is always asking "What's Next?" so we are looking for Next Generation InfoSec Solutions. View the release on CISION PR Newswire
May 17, 2021 -
World Leading Manufacturer Company Chooses Fasoo For Protection of Proprietary IP
Fasoo announced today that a world leading manufacturing company selected Fasoo as its file-centric security solution to protect intellectual property designs across multiple CAD applications while in use, at rest, and in transit. The company will secure and control documents shared with its supply chain partners using the same advanced protection it uses for internal users. As a top 20 patent owner, it is critical to protect its intellectual property to maintain its competitive advantage. With Fasoo, documents carry persistent file-level security that remains with each file regardless of location or transmission channel throughout their entire lifecycle. The company can restrict document access based on user, group, location or network, and protect documents shared by email, EFSS, on-line portals and more. “We’re thrilled to be embarking on the journey to help this venerated, globally-recognized brand protect unstructured data across their value chain,” said Colter Carambio, EVP Sales at Fasoo. “As more organizations look beyond the perimeter to true defense-in-depth approaches, securing vital intellectual property at the atomic level – the file itself – allows the security to travel with the file wherever it goes, and will play an increasingly significant role in the security stack.” The company chose Fasoo to provide: File level protection Fasoo Enterprise DRM (FED) encrypts files with a unique identifier that remains with the file allowing users and administrators to track usage including any derivatives, regardless of location. Access controls for groups or individuals grant permissions, such as View, Edit, Print or Screen Capture, to limit what a user can do with a file. Screen security Fasoo Smart Screen (FSS) deters users from taking pictures of information displayed on screens or through snipping tools by adding customizable screen watermarking with company logos, date and time stamp, IP address, and user information to trace an image to its source. Secure Screen can apply watermarks to any application and URL, block and monitor screen capture attempts, and show images of what was captured and by whom. About Fasoo Fasoo products span the life-cycle of sensitive unstructured data to discover, classify, protect, monitor, control, track and expire access to content wherever it travels or resides. Its integrated solution enables users to securely collaborate internally and externally with sensitive information while consistently meeting corporate governance and regulatory requirements. Its file-centric approach using encryption with a unique identifier allows organizations to have more visibility and control over unstructured data without interrupting workflows. Fasoo has embarked in this journey with over 1,500 enterprises to field data-centric solutions that proactively protect corporate brand, competitive position and meet ever-increasing regulatory demands. View the release on EIN Presswire
January 10, 2021 -
Fasoo Data Protection Platform Chosen For AITE’s Impact Brief on Data Discovery, Classification and Protection
Fasoo, Inc., a global leader in data security, today announced that it has been chosen for the Case Study in AITE’s recently published Impact Brief, "Sensitive Data Everywhere - Find It, Manage It, and Protect It", that identifies technical innovations related to data discovery, classification and protection. Fasoo Data Radar and Fasoo Enterprise DRM were the featured products as well as an interview with one of Fasoo’s financial services customers. Leading research firm, AITE, specializing in the financial services industry, had interviewed 10 technology companies and 5 financial services organizations that are in deployment or investigating technology vendors for these capabilities. The research indicates that “it is no longer effective to only apply controls to traditional databases and applications, as most data created now is unstructured.” And goes on to recognize that “very little effort has been devoted to managing unstructured data and even less to protecting it.” However, market trends and implications indicate that data discovery and classification are evolving in response to changing privacy regulations such as GDPR and CCPA. “The timing of this research couldn’t be better.” Said Deborah Kish, EVP, Research & Marketing at Fasoo. “More and more we have been seeing companies struggle with gaining visibility and control over their unstructured data, and choosing a tool that fits within their budget can be difficult. We have a great foundation toward a more cohesive strategy that is ideal for small and mid-sized organizations.” On December 1, 2020 at 2:00 pm EST, Fasoo and AITE will summarize the Impact Brief in a Webinar “Financial Institutions Seek a Step-In Approach to Sensitive Unstructured Data Compliance and Security” and will highlight a common use case in a large Financial Services Institution. Participants will receive a complimentary copy of the AITE Impact Report. About Fasoo Fasoo products span the life-cycle of sensitive unstructured data to discover, classify, protect, monitor, control, track and expire access to content wherever it travels or resides. Its integrated solution enables users to securely collaborate internally and externally with sensitive information while consistently meeting corporate governance and regulatory requirements. Its file centric approach using encryption with a unique identifier allows organizations to have more visibility and control over unstructured data without interrupting workflows. Fasoo has engaged in this journey with over 1,500 enterprises to field data-centric solutions that proactively protect corporate brand, competitive position and meet ever-increasing regulatory demands. About Aite Group: Aite Group is a global research and advisory firm delivering comprehensive, actionable advice on business, technology, and regulatory issues and their impact on the financial services industry. With expertise in banking, payments, insurance, wealth management, and the capital markets, we guide financial institutions, technology providers, and consulting firms worldwide. We partner with our clients, revealing their blind spots and delivering insights to make their businesses smarter and stronger. Visit us on the web and connect with us on Twitter and LinkedIn. View the release on EIN Presswire
November 24, 2020 -
Fasoo Announces Its Inclusion in Leading Analyst Research Firm’s Now Tech: Data Discovery and Classification Report
Forrester has profiled Fasoo in its Now Tech: Data Discovery and Classification, Q3 2020 Report. This report provides a holistic view to the enterprises about vendors that can deliver greater visibility and understanding of sensitive data, secure it with appropriate controls and policies and support compliance, privacy and ethical data use. In the report, Forrester recognizes that data volumes are growing daily, and as regulatory requirements evolve, businesses need to understand and protect sensitive data. Sensitive data typically includes regulated data and intellectual property. Fasoo’ s uniqueness is in its encryption process where an embedded ID is attached to each document and any derivative of that document. This embedded ID is baked into Fasoo’s data discovery and classification product, Fasoo Data Radar. Fasoo Data Radar provides any organization the ability to trace encrypted documents or derivatives leading to fast response time to data subject requests. “We think this timely inclusion as a data security software provider in Forrester’s Report will propel our customers to take advantage of cutting-edge solutions, ensuring their intellectual property and other sensitive data types are appropriately protected and compliance with strict regulatory mandates is met.” said Deborah Kish, EVP Research and Marketing for Fasoo. “The current environment with most businesses having shifted to remote workforces means that data is even more out of the visibility and control of organizations than ever." Kish said. "Fasoo Data Radar, is a key product in these very critical times.” Fasoo solutions don't stop at data discovery and classification. These are part of its comprehensive data centric, protect first platform that fortifies and simplifies early attempts at data loss prevention and enhances user behavior analytics. The platform also enables a self-reporting file method for the lifecycle of the file to meet audit and privacy requirements like GDPR and CCPA. Learn more about Fasoo's approach in the Leadership Brief, "A Comprehensive Approach to File Security and Compliance". To read about Fasoo’s Data Discovery and Classification capabilities and profile in the report, download the report here (available to Forrester subscribers or for purchase). CONTACT: Deborah Kish, deborahkish@fasoo.com View the release on EIN Presswire
November 2, 2020 -
Strengthening the frontlines for unstructured data security: Protect it first
Strengthening the frontlines for unstructured data security: Protect it first Having insights into the differences between the three predominant approaches to data-centric security and understanding their unique benefits will allow you to make better decisions around the best fit to strengthen the front lines of protecting unstructured data while complying with privacy and industry regulations and data governance policies.
October 29, 2020 -
Unstructured Data, Unsecured Data: The Data You Overlook Needs Protection Too
Published in the Cyber Defense Magazine September 2020 Edition Sensitive unstructured data is everywhere, it means different things to different businesses and comes in two forms. Unstructured data that: Is used for analytical purposes. Resides in file formats such as Microsoft Office, text files, images and CAD/CAE format. The second form is often overlooked, can cost your business its competitive advantage, and subject you to regulatory fines if stolen or leaked. In a world where a pandemic has wreaked havoc on employers and employment, this sensitive unstructured data is at highest risk mainly because it covers more surface area, continues to grow rapidly, and is quite often invisible to the enterprise. Therefore, it is important to know what and how much of it you have in typical office file formats. More importantly, understand how to and why it is important to protect it. The Organization for the Advancement of Structured Information Standards (OASIS) has published a standard for unstructured information management. The standard indicates that "...unstructured information represents the largest, most current and fastest growing source of knowledge available to businesses and governments worldwide." Therefore, it is believed that more than 90% of an organization's data is unstructured rather than data stored in traditional databases. We know it exists and we know it is growing but we also know that most businesses typically don't take measures to protect it. Most feel it is a "hard to tackle" task to find unstructured data and get it under control and tamed, let alone protected. The reason why it is often overlooked is because the risks associated with unstructured data generally are not taken into consideration. The risks are for: Privacy or Industry Regulatory Compliance Intellectual Property Protection Privacy or Industry Regulatory Compliance When employees create files that contain sensitive information, copies of those files naturally proliferate. There will be multiple version of the files and sharing of those versions between employees via e-mail and network file shares. It's rare that employees will go back and delete these files later and anything sent via e-mail may be archived in .pst files; file shares will be backed up to various media. This not only creates a larger attack surface, but will add significant complexity should an organization face litigation and discovery requests from data subjects. Organizations that are subject to the General Data Protection Regulation (GDPR) or the California Consumer Privacy Act (CCPA) will struggle to satisfy data destruction demands and the "right to be forgotten". If an organization handles cardholder data it's crucial to keep credit card numbers within Payment Card Industry (PCI) controls - something rarely applied to unstructured data due to cost and complexity. The Norwegian Supervisory Authority (Datatilsynet) is an example of non-compliance to GDPR and fee assessments “due to insufficient technical and organizational measures to ensure information security”. In July 2020, the authority found that the Municipality of Rælingen was in violation of articles 32 and 35. The company did not conduct a DPIA and prior to the start of the processing it had not taken adequate technical and organizational measures in accordance with Article 32 of the GDPR, resulting in an increased risk of unauthorized access to the personal data of the pupils. Also, and still under investigation, in the UK, British Airways is potentially facing a fine of £183.39M from an incident that compromised approximately 500,000 customer’s personal data. There are several examples, but not having technical measures in place is very common across violators. Intellectual Property Protection When thinking about how unstructured data is expanding your threat surface, think about who is the threat. Unstructured data in files is an attractive and easy target for internal threat actors with limited protection. Let’s face it, when a data theft story breaks out, it is typically not because a cyber-criminal stole a bunch of Word files from a folder on someone’s laptop. Instead, it is the insider saving information on a USB drive or taking a screenshot of sensitive information in a spreadsheet. This is costly to the business because in most instances, it is information that has been sold to competitors, or used to expose explicit information for political purposes or gain. A couple of examples of insider theft include the Sony hack where an employee in Human Resources had salary information on 30,000 Deloitte employees and publicized it; and the Morgan Stanley employee who stole account information from 350,000 of its wealth management clients and posted some of the information on the internet. GlaxoSmithKline had IP, trade secrets and presentation data compromised in two ways; documents emailed from inside GSK to private email accounts, using USB and other storage devices and copied onto personal devices. This particular incident also led to mounting legal fees and a $500M fine to the victim in all of this, GSK. These examples are just a blip on the map, but should serve as reminders that businesses must know that sensitive information in files exists, is protected appropriately, and that only the right people can access them. Not to mention the responsibility of the business to protect the information if it is subject to industry or privacy regulatory mandates. Put simply, unauthorized access or loss of sensitive data can compromise competitive advantages, damage the brand, and expose the organization to significant regulatory penalties and even litigation. As most businesses are focusing on securing structured databases and identity and access management, they must also include unstructured data in their data security initiatives. But before even thinking about moving forward, you need to assess your own situation and then you can move forward with a plan to first understand what sensitive unstructured data you have. It’s not as hard as you may think. Where Do You Start? Know the Data. Control the Data. Your current governance, risk and compliance (GRC) policies may be a little outdated. Now is the time to take them out, dust them off, and update them to include sensitive unstructured data. With privacy regulations rapidly changing, it is important to not learn privacy through impact and avoid being the victim of a violation. It is difficult under the best of circumstances to respond to a DSR or incident from a structured database, but even more challenging with information that is unstructured. Knowing where your sensitive unstructured data is and what it is will be a critical part of your GRC policy. Getting there is not as daunting as you might think and in just a few steps, you will be on your way to high visibility, control, protection and improved response time to incidents and DSRs. Business unit by business unit, talk to the person in charge and ask: What documents do you create or work with that contain sensitive information? Where do these documents reside? What applications do you use that contain sensitive data that you may download into reports or other documents? Do you upload documents into applications, file shares, content management systems or any other external application or information system? Is this data shared internally, and if so, how and with whom? Is this data shared externally, and if so, how and with whom? This is an important part of the process, because it will give you more insight into the kind of data you have. It will also provide you with an opportunity to implement some best practices of how the data is handled and protected and automate critical functions such as discovering and classifying documents that contain sensitive information. About the Author Deborah Kish is Executive Vice President of Marketing and Research at Fasoo. She is responsible for leading Fasoo’s research and product strategies in the unstructured data security and privacy space. Fasoo provides unstructured data security and enterprise content platforms that enable our customers to protect, control, trace and analyze critical business information while enhancing productivity. Fasoo has successfully retained leadership in the unstructured data security market by deploying enterprise-wide solutions globally, securing millions of users. Deborah can be reached online at (deborahkish@fasoo.com,Twitter: @deborahkish, LinkedIn: @deborahkish) and at our company website: www.fasoo.com. Click here to read the full article: Cyber Defense eMagazine - September 2020 Edition
September 7, 2020 -
Crest’s iDW brings Fasoo’s Automatic Data Classification capabilities to Alfresco platform
Crest Infosolutions, a Digital Transformation Solution Provider today announced integration of its Intelligent Digital Workspace (iDW) solution with Fasoo Data Radar (FDR), an Automatic Data Classification Solution by Fasoo Co., Ltd. Intelligent Digital Workspace(iDW) is a modern, responsive, multi-lingual and secure Digital Workspace Solution to facilitate digital transformation journey of enterprises. Built on robust Alfresco Digital Business platform to support digital operations of an enterprise aiding in enhanced user productivity, operational agility and business continuity. Alfresco Content Services is world’s leading enterprise-class, cloud-native platform that provides open, flexible, highly scalable Enterprise Content Management (ECM) capabilities. Fasoo Data Radar (FDR) discovers sensitive data in databases and files on servers, in the cloud or endpoint devices using patterns, keywords, file types or attributes in pre-defined or custom detection rule templates. Protection rules immediately classify and add a label to files, encrypt with a unique identifier, quarantine or assign adaptive access control to authorized users. FDR’s smart “Pac-n-Tag” technology automatically classifies, encrypts and embeds a unique identifier (Tag) into each file so you don’t need to rescan to determine its sensitivity. Adding access control and traceability through a protection policy (Pac) allows you to efficiently comply with privacy regulations including GDPR, HIPAA, CCPA, NYDFS and PCI. Centralized policy management simplifies discovery and classification by not requiring users to make decisions on data sensitivity. The integrated solution can identify and control sensitive files as soon as they are uploaded into Alfresco ECM repository, without user intervention, ensuring data is always protected and under your control, regardless of location. “We are excited about the possibility to serve Alfresco customers. With the Fasoo Data Radar (FDR) integration, Alfresco customers will be able to gain better insights about sensitive information stored in their Enterprise Content Repository and avoid mishandling of sensitive documents.” stated Kangman Lee, Senior Executive Vice President of Fasoo. “There are several data classification solutions available in the market, however, they lack the ability to automatically classify non-textual documents, such as documents scanned as images or non-searchable PDFs. Seamless integration with Content Repositories is another challenge faced by customers.” added Hemant Prasad, CEO of Crest Infosolutions. “Joint efforts by Crest Infosolutions and Fasoo aim to address this challenge faced by customer and offer a seamless and innovative data classification solution to enterprises” For more information on Fasoo’s products and solutions, please visit fasoo.com. For more information on Crest Infosolutions, visit https://crestsolution.com/. View the release here
August 27, 2020 -
Fasoo Included in Three Gartner Hype Cycles
Fasoo is pleased to announce its inclusion in three of Gartner’s 2020 Hype Cycle reports: Hype Cycle for Data Security Hype Cycle for Identity and Access Management Hype Cycle for Cloud Security “We are excited to receive recognition that highlights the breadth of Fasoo’s data security and privacy solutions across so many key areas” said Deborah Kish, EVP Research and Marketing for Fasoo. “Fasoo’s data discovery, categorization and classification of structured and unstructured data, along with our industry leading enterprise digital rights management (EDRM) were all highlighted.” Gartner publishes Hype Cycle reports each year that look at how emerging technology matures over time and expectations. The Hype Cycles offer security, privacy and IT professionals a resource to distinguish between emerging technology hype, and reality. The Hype Cycles identify vendors that offer the strongest protection from the various threats they face daily. “We were particularly pleased to see Gartner reporting on the steady increase in EDRM interest and its broad contributions across the Hype Cycles, “Ms. Kish stated. “Secure collaboration amongst business partners, managing identity access of sensitive content across hybrid and multi-cloud environments, and ways to mitigate erosion of trust arising from SaaS adoption are all enabled with strong granular controls provided by our EDRM solution.” The reports recognize that EDRM has a high benefit rating because it protects intellectual property from loss, and against inappropriate or unintended disclosure of proprietary or confidential enterprise information allowing data owners to audit and adjust access to specific data wherever it resides. The reports indicate “It is one of the only mechanisms for retaining control of unstructured data transferred to business partners in secure collaboration scenarios.” Fasoo has been featured consistently in the Hype Cycles for Identity and Access Management and Data Security for over 11 years. This year, Gartner included EDRM in the Hype Cycle for Cloud Security as not all Cloud Service Providers include EDRM capabilities with their native DLP capabilities. Also, DLP for mobile devices leverage EDRM to enhance mobile data security and complement DLP capabilities and requirements on mobile platforms. Gartner Disclaimer Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. For more information on Fasoo’s products and solutions, please visit fasoo.com. For more information on Gartner, visit https://www.gartner.com/en. CONTACT: Deborah Kish, deborahkish@fasoo.com View the release on EIN Presswire
August 20, 2020