Most cybersecurity strategies fail as enterprises don’t have accurate information on their data transactions. This lack of data visibility hinders organizations from knowing where their data is, how exactly it is being used, and who is using it. Therefore, gaining complete visibility, before, during, and after a data transaction is essential to draft policies that can help avoid any incident involving attempts to exploit data.
For example, LaunchPoint, an insurance coordination services vendor, reported a data breach in April 2017. One of its employees shared company’s sensitive data containing protected health information (PHI) including Medicare ID numbers, Medicare contract numbers, health plan ID numbers, and dates of enrollment of 18,580 customers along with included Medicare ID numbers, Medicare contract numbers, health plan ID numbers, dates of enrollment and the last names and dates of birth of 18,580 customers to his personal email address from within the organization.
LaunchPoint faced a data breach because of an employee who had access to PHI and was able to send this data via email to a personal account, while the company had made considerable investments in its security system (more than $230 million) after a 2015 cyber-attack. Unfortunately, all these security improvements couldn’t help in this situation, as its approach to security was limited to the perimeter only that protected against external but lacked visibility on such intentional internal threats attempts.
The Data Security Firewall uses a data-first security approach that applies security to data over the traditional perimeter security approach that lacks data visibility. With the all-new Data Security Firewall, you have complete visibility over your enterprise’s data usage. Increased visibility helps protect business-critical data, including data in motion. You have complete information about which user data transactions and the activity on the associated platform including the web, SaaS, mail, file-sharing platforms, cloud drives, social media etc. This provides a strong foundation and defence against intentional and unintentional leaks. It allows configuring data security policies based on any file type, file size, file content etc. Here, this feature could have been used by LaunchPoint to block any communication leaving the organization with sensitive data such as the Medicare ID number, or other personal information leaked by their employee.
The Data Security Firewall is backed by a strong Contextual Intelligence Engine that identifies various contextual parameters within an application in use. It helps identify leaks through the context of the applications such as body, IM chats etc; allowing enterprises to define keyword and content-sensitive data security initiatives and control the use of business and non-business applications by internal employees. E.g. allowing only business logins and restrict personal logins, blocking both business and non-business platforms for personal use across.
It also helps improve your compliance with data security audit procedures. The auditing team has detailed information about enterprise data and can easily verify them, which enhances transparency.