By Oded Valin, Director of Product Management
It’s no secret that many of today’s largest enterprises are struggling when it comes to cyber security. Despite their best efforts, files that contain the most confidential information are popping up in unwanted places and enterprises are left scratching their heads about how to prevent further data leakage. While traditional secure file transfer services and encrypted file servers are a good start, they hardly represent a panacea. We live in a world where advanced threats are commonplace, requiring new technologies to thwart both the attacker and malicious insider.
Here are three of five advanced technologies that should be included the next generation of encryption servers and secure file transfer solutions.
My next post will cover the last two.
Trusted viewing: The Achilles heel of most solutions is that they rely on encrypted sharing of files, meaning that participants are able to view, edit, print and otherwise access the document. Access to the information must remain, however, controls must be put in place that dictate what files can be downloaded, printed or cut/pasted. Additionally, secure data rooms must be possible, where files can be edited although not removed in whole or in part. These abilities support normal course of business while significantly reducing the concern over data leakage.
Anomalies detection and threat analytics: Employees typically access files during specific times of day, depending on their work habits, creating behavior patterns. Being able to recognize these patterns provides a valuable tool for preventing data leakage. Such self-learning technologies quickly build profiles of each authorized users, flagging anomalies to response teams. For example, when a user account that is typically associated with accessing one or two confidential files per week starts logging many within an hour, an alert would be issues for the response team to look into. This is different than simple monitoring rules that are commonplace today. Behavioral analytics voids the need to ‘know the threat’ in order to create a preventative rule. Use-pattern technologies function based on real-time activity that is unknown prior to occurring.
Hardcoded and application password protection: Many automated processes that transfer confidential files have hardcoded passwords that remain static for many years and are not protected. Using a hash technique to protect these still is not enough, as attackers can ‘pass the hash’ and reuse it from another machine, without any need to see the password. The better solution is to make sure critical and automated file transfer processes will not have any hardcoded passwords or unprotected hashed passwords. Automating the process of frequent credential rotation saves time and eliminates the overhead and operational risk to business processes compared to doing this manually.