Tag: protect intellectual property

Fasoo protects unstructured data

Fasoo’s message of finding, protecting and controlling unstructured data definitely made an impact on attendees at the 2018 RSA Conference in San Francisco.  With new regulations like the General Data Protection Regulation (GDPR) coming on quickly and the general feeling that businesses need to do more than just track file access, companies are looking for a more comprehensive and practical approach to providing secure ways to conduct business.

Over 45,000 senior executives and IT security professionals attended this year’s conference with about 2,000 visiting Fasoo’s booth.  Visitors saw hourly presentations and demonstrations on how to manage and control their unstructured data which is by far the largest problem of data security.  While someone hacking a database and stealing credit cards seems to make the headlines, the reality is that the majority of an organization’s intellectual property and sensitive information is stored in documents.  Fasoo staff showed how Fasoo Data Radar, Fasoo Enterprise DRM, Fasoo RiskView and Wrapsody helps manage and protect the critical business information inside documents.

A lot of attendees were very interested in discovery and classification of files because many realized they don’t know what they have and where it’s located.  One executive I talked to had a good handle on her databases, but when it came to downloading reports from those databases and the documents employees create every day, she acknowledged it’s a lot more challenging.  She mentioned there’s a lot of redundant, obsolete and trivial (ROT) data in file shares, cloud repositories and on people’s desktops which makes controlling the important information a lot more difficult.  She wanted to focus on data critical to her business and get rid of everything else.  I suggested automatically securing files as users create or edit them.  This protects current information and lets her quickly understand what is used and what is not.

Of course what would RSA be without some fun?  Our hourly presentations were very lively and attendees got Starbucks cards, Fasoo hippos, headphones and an Amazon Echo.  You had to really listen to the presentation to get some of the prizes, but the real fun started when Star Wars trivia came up.  One gentleman had to perform for his prize making a convincing Chewbacca sound.  There was even a little horse trading as the winner of one prize decided to swap it with the winner of another prize.

Visitors to Fasoo’s booth commented that the security solutions looked easy to use but still allowed them maximum protection of their unstructured data.  This is always a critical issue as organizations try to balance security with productivity.  Automating the processes of identifying, classifying and encrypting sensitive files allows employees and business partners to focus on their jobs rather than worrying about how to protect business critical information.

Ofcom Victim of Insider ThreatReports emerged yesterday that UK media regulator Ofcom suffered a massive data breach when a former employee stole sensitive information on television companies and gave it to a major broadcaster, which incidentally is his or her new employer.  The person who stole the information was not identified in reports.  The former employee downloaded as much as six years worth of data before leaving the company.  The intent of the action was to gain a competitive advantage in the market.

Even though Ofcom says it takes data security very seriously, it is most likely missing some of the blind spots that companies ignore.  Most organizations focus their security on the perimeter, trying to protect networks and systems from outside hackers.  They rarely look inward, assuming that an employee is a trusted person who will always have the company’s best interests in mind.

Insider threats can take two forms: accidental and malicious.  This was a case of malicious intent because the person intended to steal sensitive information for personal gain.  Privileged users can pose a greater threat to your business than hackers, since they already have access to critical business data.  This person had legitimate access to this data presumably to do their job.  Apparently there was nothing in place to stop the person from taking the data and sharing it with anyone outside the company.

The other insider threat is someone who accidentally shares sensitive information.  This could be unintentionally sending a file to the wrong person, losing a laptop or thumb drive or being tricked into giving away login credentials to the wrong person.  There is no malicious intent here, but the consequences can be the same.

The only way to manage the situation is to understand what data is sensitive and lock it down to control its access at all times.  The best way is discover, classify and protect the data as you create and share it.  This should apply to files you create daily and information you download from databases or information systems.

A layered approach can apply dynamic permission controls to data that can change as business requirements change.  This allows you to automatically adjust security policy based on changed content within a file.  For example, if you have a file that is for all internal employees, but you add PII to it, you need to increase the security to limit access because of the sensitive nature of what’s inside.

It’s also important to understand usage patterns of your sensitive information to help you determine behavioral anomalies that could indicate an insider threat.  If normal behavior for the ex employee was to open a few files a day, but all of a sudden they are opening hundreds, they may be stealing sensitive information.  Monitoring this behavior could prevent a possible data breach.

If Ofcom had encrypted its data and applied strict permission controls that stay with it regardless of location, this wouldn’t even be a story.  The employee could have copied files to share, but they would be useless, since the person couldn’t read the information inside.

Combating insider threats can be challenging, but your best defense is to protect and control confidential data at the source so it is secured at rest, in motion and while in use regardless of device, storage technology, storage location, and application.

Book a meeting