Susan Callahan, senior vice president of business development and marketing at Safend, is seeing a change in trends. In the past, corporations were looking to check a box on compliance. Now, data is their most important asset. CEOs are no longer looking to fill a checkbox; they now want a granular solution, she said. According to a recent study by the IDC, 60 percent of all corporate data is accessed via an endpoint. As the perimeter continues to expand, encryption is no longer enough protection for company data.
Safends solutions offer a fix to data leakage prevention. The acronym DLP has several definitions depending on who you ask: data loss prevention, data leakage prevention, or create other acronyms such as information leak detection and prevention (ILDP) and information leak prevention (ILP). Callahan said, How much of DLP is a process versus a process? Its such a complex problem to protect data. Its a process or methodology that needs to be adopted within a corporation. Technology enables you to accomplish it. If there is no way of enforcing it, its not going to happen. Technology is the means to an end.
Safend offers three solutions to address DLP and regulatory compliance: Safe Auditor, Protector and Reporter. Their solutions protect an organizations data in motion, data in use and data at rest. Safend Auditor provides detailed audit logs of all devices currently or historically connected to your endpoints. Download an evaluation copy of Safend Auditor at Safend.com for a free trial. It will reveal how many USB sticks have been used on your machine. It also has a client list utility for IT admin to see who is connected on what devices in the network. According to EOM partners market survey, 72 percent of people within a corporation use at least one USB stick, and many use up to seven different USB sticks. Its important to know who and what devices are connecting to your environment. Safend Auditor is built within regulatory compliance for HIPAA, SOX, PCI and other state privacy laws.
Safend Protector guards against data breaches by applying granular security policies over removable storage devices. Safend Protector offers endpoint monitoring, device identification and blocking based on administrator-defined policies with automatic data encryption. It protects all ports including USB, WiFi, Bluetooth and all removable storage devices. Safend conducted an endpoint security and data leakage threat survey that included responses from enterprise executives and IT administrators. Nearly 60 percent of all respondents were unaware or unsure of how many devices connect to their corporate endpoints. Also, nearly 25 percent have no policies for endpoint and port security at all.
Safend Reporter is an add-on module that provides reporting and analysis on security incidents and operations status. The tool reports on data accessed by removable storage devices and wireless ports that further enables data security and compliance.
Callahan recounted an event where a student used a key logger to get access to his teachers password. He then had access to the answers to his teachers exams before each test. When the student performed exceedingly well, to the point of writing his answers almost word for word from the teachers answers, the compromise was discovered. If kids can do that with a key logger, imagine what can be done to steal company secrets.
With the average cost of a data breach being $6.3 million per company, its too expensive to leave to chance, said Callahan.
Kristen Romonovich is Associate Editor at the Computer Security Institute. She is dedicated to secure green computing, compliance in the cloud and the security of mobile devices. Learn more at our upcoming conference CSI SX: Security Exchange, csisx.com, May 17-21 in Las Vegas.
