How many times have you been too late to discover a data breach after it has happened? A majority of time, it can take anywhere from days to months to detect these breaches. This has constantly been a challenge for not only organizations themselves, but also the security industry. The talk of data-centric security is just as important as being able to discover the behaviors of users and their devices.
It has been acknowledged that users are the weakest link in terms of cyber security and also are considered the most at risk for data breaches to occur. There has been very little information on the behaviors of these users and the patterns of usage. According to a recent article regarding why we need behavior centric detection and response, “Active engagement in monitoring, detecting and deriving insight into user access and usage patterns can foretell risky activity. Identifying early warning signs is critical for protecting against sophisticated threats including malicious insiders and external attackers that have hijacked legitimate user accounts.”
Organizations need to monitor these threats through correlation based log analytics. It is not only important to analyze all kinds of security in systems in place including DRM/IRM, DLP, IPS, physical access control, database security and many more, but also other types of user data including employee access credentials.
Results of this analysis need to be readily traceable and visualized using a risk index, trending charts and lists.
In general, security administrators take on roles of security risk management. However, line managers on the front line of security risks are also required to review and respond to the risks pertaining to their people, jobs and data. Providing line managers with comprehensive risk index results can alert them to potential risks and help them prevent risks. By involving these line managers with this risk review process, organizations can determine with confidence whether the target users, groups or files are truly subject to insider threats.
This is the second year Fasoo participated in the IBM Insight conference in Las Vegas and by the reaction of customers, IBM employees and other vendors, we made a big splash. Enterprise Digital Rights Management and data-centric security for sensitive information appear to be at the top of many people’s minds.
The event had over 13,000 attendees from all over the world and focused on Analytics, Big Data, Content Management, Information Governance and Security. There was a major focus on using analytics to understand and predict trends for business and to help eliminate security threats. Cloud and mobile transcend these categories as business has become mobile, fluid and unfortunately more dangerous. There was also a big presence of the Internet of Things, as more organizations are extending business models through wearable and more autonomous devices.
Security presentations focused on insider threats and external hackers or advanced persistent threats (APT) causing a lot of problems for companies. A lot of companies today are terrified that a trusted insider may inadvertently share sensitive files in the cloud or leave them on a mobile device that is lost or stolen. One presentation referred to the weakest link in your security as the person who does something accidentally. You can have all the firewalls, end-point encryption and data loss prevention systems in the world, but it won’t stop a privileged user that does something stupid.
Bill Blake presented “Closing the Threat Gap: A 21st Century Approach to Minimizing Risk” in the Solution Expo theater to a good group of people. I had a conversation with one of the presentation attendees about protecting reports as users download them from an ERP system. He knows the data is controlled inside the system, but he loses visibility to it when localized in a spreadsheet or PDF. We discussed how Fasoo can protect the files once downloaded by encrypting it and assigning a dynamic security policy to it. He can always control that report no matter where it is.
Dayhuff had its annual Insight After Party at the Ri Ra Irish Pub in the Mandalay Bay shoppes. We were in a private room, but could hear all the fun throughout the place. There was a great band playing that got everyone in a dancing mood. It was great to discuss business and personal things with the Dayhuff staff, IBM staff and lots of customers. It’s always amazing that no matter where you live, you can always find someone who shares your love of great beer, loves or hates your sports teams or has similar experiences to you. There is nothing better than getting to know someone over a pint.
Neocol talked about its SmarterDLP solution at Insight this year to help solve a major problem that every organization faces. Combining Fasoo EDRM, IBM StoredIQ and some of its own technology, Neocol can help a company search for sensitive content in files share, document repositories, on a user PC and numerous other locations, and then lock it in place. This solves two problems. Finding sensitive information and then encrypting it with a security policy immediately to ensure that only authorized users can access it. The reality today is that organizations have so much unstructured content in so many locations, they don’t know where to start looking for the most critical information.
Customer interest was high during the Solution Expo and through numerous conversations at many of the informal parties, meals and other opportunities to interact. I spoke with one gentleman who needed to make sure that documents involved in legal cases were made inaccessible once the case was over. Today he has to get validation from all involved that they destroyed the case documents; that’s a tough one. One woman needed to make sure she could control any PII (personally identifiable information) or financial data that was downloaded from an IBM Content Manager system. I also talked to a few manufacturing companies that wanted to protect process information and parts drawings as they shared them internally and with subcontractors. A lot of people were amazed that we can lock and control these files no matter where they are.
We want to thank everyone whom came to the booth and made it a successful event. We look forward to it next year.
3rd Party Cookies (Analytics)
This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages.
Keeping this cookie enabled helps us to improve our website.
Please enable Strictly Necessary Cookies first so that we can save your preferences!