Modernizing Authentication — What It Takes to Transform Secure Access
Mountain View, Calif.-based content collaboration and governance specialist Egnyte, recently launched a new cloud-based solution that addresses a major but often overlooked source of data breaches: the insider threats. Available now, Egnyte Protect helps IT security professionals focus their efforts on the information they were hired to protect.
For modern businesses, the days of a select few gatekeepers that carefully and deliberately mete out access to sensitive business information is a thing of the past. Today, it is common for distributed workforces to share information using on-premises collaboration platforms or cloud-based services—oftentimes both—making it tough for organizations to keep tabs on valuable data.
This can set the stage for intentional or accidental data leaks, explained Isabelle Guis, chief strategy officer at Egnyte.
"As users and organizations are more global and interdependent they need to share more content with each other and then need to do it in a secure way using EFSS [enterprise file synchronization and sharing] solutions not email attachments for instance," Guis told eSecurity Planet via email. "But as you hire contractors and have many places where your content resides (on-premises, cloud, cloud apps, etc.) it is very difficult to enforce the security policies at the repository level or even train all your users and new hires to properly handle their content."
Data leaks can easily occur in these circumstances or during natural course of doing business, added Guis.
"For example, a merger and acquisition folder could be shared via a public link and one of the intended recipients forwards the link to someone who should not see that data," Guis said. "Or, a very common example - a disgruntled employee downloads all of 'their' work, which is actually the company's IP [intellectual property], right before leaving your company and going to a competitor," a situation allegedly at the center of the high-stakes Google-Uber lawsuit.
While much of the cybersecurity industry is focused on hackers and cyberattackers, more than half of data breaches can be traced back to well-intentioned workers that mishandled data or malicious insiders, added Guis.
Rather than play the cat-and-mouse game that corporate network security has become, Egnyte has focused on the content layer. The Egnyte Protect service is constantly on the lookout for personal identifiable information, financial data and other sensitive information within their content stores. Then the solution "provides real–time analysis of all the content within an organization and presents actionable insights to help administrators prevent these types of aforementioned data breaches," Guis said.
"Egnyte Protect continuously analyzes an organization's entire content environment and classifies the most sensitive information, such as credit card numbers, social security numbers, sensitive IP, HIPAA information, and much more," she added. "Then, in real–time, Egnyte Protect identifies vulnerabilities, alerts administrators, and offers actions that can immediately fix any issue that is found across all of the organization's content repositories."
For cost-conscious IT deployments, deploying and financing Egnyte Protect is a cinch, Guis assured. As a subscription-based cloud service, the product requires no additional hardware, outlays to professional services or upfront costs.