This year at the Gartner Security & Risk Management Summit in National Harbor, MD there was a lot of focus on reducing business risk through improved cybersecurity that focuses on protecting data as users create and share it.  One area of concern to many organizations is how to find and protect sensitive data without impacting how employees and customers work.  Data protection regulations, like GDPR, are making things more complicated, but companies need to balance security with productivity.

At the Fasoo booth, a lot of people talked about issues with combining different technologies that still focus more on protecting the location of data rather than the data itself.  One executive from a manufacturing company talked about how her DLP system can tell them that sensitive documents were shared with external parties, but can’t really control their access or stop them from going out.  This is a common concern as companies use DLP, CASB and other technologies that can’t control access everywhere.

On Tuesday, June 5, 2018, John Herring, President & CEO of Fasoo, Inc. and Ron Arden, Executive Vice President and COO of Fasoo, Inc., presented “Unstructured Data Solutions Journey”.  John talked about the challenges of balancing data security and productivity and how many of the traditional approaches of securing the data perimeter haven’t met the hype.  By securing the data itself, you don’t need to worry about where it goes, since it’s always protected and tracked.  He presented how some of Fasoo’s customers have overcome the challenges with a holistic approach to discover, classify, protect and track sensitive manufacturing data and information subject to regulatory control using Fasoo Data Radar and Wrapsody.

Ron showed how in three quick steps with Wrapsody an organization can securely collaborate when creating a product quote while limiting access to specific people and making it easy to ensure they each have the latest version.  With a few clicks of a mouse a sales manager encrypted a spreadsheet, applied access control to it, provided an audit trail and automatically synchronized the latest version to a central location.  As the operations manager updates the quote and shares it with a customer, the process is easy for all parties to get the latest information and ensure the entire process is secure regardless of who has the document and where they open it.

During the course of the summit, a lot of attendees and analysts came to the Fasoo booth to understand the best ways to comply with new regulations and how to protect sensitive data from both internal and external threats.  Visitors were very impressed by how the Fasoo Data Security Framework can help them achieve those goals by discovering, encrypting and controlling their sensitive data.

Attendees at the session and at the booth were excited to see that Fasoo technology is very robust, balances security with usability and integrates with an organization’s existing infrastructure.  A common strategy is to make the technology almost invisible to users unless they try to violate a security policy.  I remember one person saying, “I was a little skeptical during your presentation, but convinced once I saw it in action.”

This year at the Gartner Security & Risk Management Summit in National Harbor, MD there was a lot of focus on managing and mitigating risk to a business and how to  improve cybersecurity through data-centric protection.  One area of concern to many organizations is how to comply with some of the newer cybersecurity and data protection regulations, like GDPR, as governments are trying to improve customer and business data security.

With all the recent malware, ransomware and data breaches, there was obviously a focus on how to prevent harm to one’s business.  As businesses move more into the realm of digital business, the concept of trust is becoming a larger issue.  If your customers do not trust you with their data, they will be less likely to do business with you.

On Tuesday June 12, 2017, John Herring, President & CEO of Fasoo, Inc., Dr. Larry Ponemon of the Ponemon Institute, and Ron Arden, Executive Vice President and COO of Fasoo, Inc., presented “Do You Have a Pathway to Data Security Compliance?”.  John talked about the challenges of complying with the new NYDFS 23 NYCRR 500 cybersecurity regulation that affects any business regulated under banking, insurance and financial services laws in New York.  This applies to organizations doing business in NY and also affects third party service providers of those organizations.

Dr. Ponemon presented recent research from his study “Countdown to Compliance: Are financial services firms prepared for NYDFS 23 NYCRR 500?”.  Some of the key findings from the survey include:

• 60 percent of respondents believe this regulation will be more difficult to implement than GLBA, HIPAA, PCI DSS and SOX
• Over 50 percent do not have a formal cybersecurity program
• 68 percent believe that the inability to know where high value data assets are located will pose a significant challenge

Ron discussed a six step plan to encrypt and control unstructured data or data in files that is a key component of meeting the NYDFS, GDPR and other data protection and privacy regulations.  The session had about 150 people in it and many of them asked specific questions about who is affected, how do you work with your service providers to ensure they are protecting your sensitive data, and how to really provide complete control of your information regardless of its location.

During the course of the summit, a lot of attendees and analysts came to the Fasoo booth to understand the best ways to comply with these new regulations and how to protect sensitive data from both internal and external threats.  Visitors were very impressed by how the Fasoo Data Security Framework can help them achieve those goals by discovering, encrypting and controlling their sensitive data.

One interesting presentation by John Girard and Brian Reed from Gartner focused on information-centric security practices and the best ways to protect your business information.  While Gartner and most of the security industry recommends a layered approach to security, when it comes to protecting information in files, John and Brian said that EDRM is the only solution that can really protect it.  This is an important recognition that in the game of information protection and thwarting malicious or inadvertent attempts to steal sensitive data, perimeter solutions cannot meet the requirements as well as EDRM.

Attendees at the session and at the booth were excited to see that Fasoo technology is very robust, balances security with usability and integrates with an organization’s existing infrastructure.  I remember one person saying, “I was a little skeptical during your presentation, but convinced once I saw it in action.”