There’s a lot of excitement in the security world today around artificial intelligence (AI) and, more specifically, machine learning (ML). CSO Online lists their top 5 use cases for machine learning in security which include detecting malicious activity in the network, automating repetitive tasks, and analyzing large volumes of data for threat intelligence. But another immediate application of machine learning will be in data protection and the prevention of data leaks.
Data Protection Accuracy and Usability
Data protection is always balancing security and usability. Whether you are using traditional encryption and data loss prevention (DLP) software, or more modern CASB and Information Rights Management, those technologies are known for their usability problems. Some data protection software, especially if the settings are too aggressive, will prompt users too often to identify themselves and identify their data, prevent users from accessing data they actually should be able to access, and report false positives. Too many usability problems lead to frustration and slow down the pace of business. In the worst case, unusable data protection software will even incite users to find ways of circumventing the security you’ve put in place altogether. Faced with user backlash, many organizations end up turning down the security settings on their DLP, which improves the user experience but makes the data protection much less effective.
Machine learning algorithms promise to strike a better balance. By learning what sensitive data looks like in your organization, ML has a better chance of identifying sensitive data before it leaks, and catching potential leaks with fewer false positives.
Continue reading “Machine Learning Boosts Data Protection”
Traditional data protection has been about securing data behind the corporate perimeter, locking down IT systems and endpoints with firewall and data loss prevention (DLP) technology. But going into 2018, there is an increasing recognition that traditional data protection is not working. Faced with the new realities of cloud, shadow IT, BYOD, increasing collaboration with 3rd parties, and “last mile” endpoints like USB devices… no matter how well you secure data behind the perimeter, your data will eventually leak.
In their DLP magic quadrant analysis in February 2017, Gartner said “At present, even with extensive DLP coverage across endpoints, networks and data repositories, there are still gaps and data flows where data can leak. The better answer is a data security strategy focused on securing the data itself, as opposed to trying to secure every system that comes in contact with sensitive data.”
What Gartner is talking about is a revival of Information Rights Management (IRM) technology, that embeds encryption directly in a company’s valuable data assets themselves – their sensitive files and e-mails – so that even if the data does leak beyond the perimeter, it’s still protected.
We expect that the Information Rights Management paradigm will start to go mainstream as of 2018. Here’s a look at what to expect.
Continue reading “A New Data Protection Paradigm Emerges in 2018”
Information Rights Management is a new form of data protection that embeds protection directly within sensitive data files and e-mails themselves, so that wherever those files and e-mail travel, even if they leak outside the company into an enemy’s hands, the data is protected. The enemy can’t do anything with it. Only authorized users are ever able to decrypt and use the data.
Faced with today’s continual stream of high-profile data leaks, we believe Information Rights Management is the future of data protection, and a host of analysts, evangelists and emerging vendors agree.
One question that often comes up is – in Information Rights Management, how do you ensure that the right level of protection is consistently applied to sensitive data in the first place?
For example, do you apply protection to every piece of data, or only to certain sensitive data? Who decides what is sensitive and what’s not sensitive? Does an administrator apply protection to the data, or do individual users apply protection to their own data? Can protection be applied automatically, by smart algorithms based on the nature of the data?
Do you apply protection to every piece of data, or only to certain sensitive data?
Data protection experts agree that not all data is created equal, and therefore it makes sense to identify and classify different types of data and treat each class of data differently. For example, a company may want to encrypt and lock down highly confidential data that includes personally identifiable information (PII), personal financial information (PFI), and sensitive intellectual property, ensuring that only a small group of employees at the company may have access to that data. The same company might want to identify more broadly any HR confidential data and simply ensure it doesn’t get shared beyond the company perimeter. And it may also want to identify publicly available information and put little-to-no restriction on that data at all, to ensure anyone can use the data and share it.
Continue reading “Who Decides What Data Needs to be Protected?”
CSO Online lists a company’s supply chain and the rise of supply chain attacks as one of its 2018 trends: “No one’s personally identifiable information (PII) is safe. Companies can’t count on the integrity of their suppliers’ and partners’ security capabilities […] Expect more companies to demand security audits of their partners, suppliers, and service providers. Third-party breaches are becoming more common, and it shows that any organization’s security is only as good as its extended network.”
Supply chain refers to all partners, suppliers and even customers that a company collaborates with and increasingly shares data with, using traditional and modern means of collaboration, including e-mail, SharePoint, OneDrive, Dropbox, and even “last mile” endpoints like USB drives. Even small companies can have hundreds of partners, suppliers and customers and this ecosystem represents a significant risk for leaks.
Although supply chain breaches is forecasted as a rising trend, with high-profile examples including Target, Verizon, Domino’s, and the Paradise Papers, not much actionable advice is provided so far on how to reduce these incidents other than traditional advice – vet 3rd parties’ security capabilities, enforce security contractual agreements with partners, encrypt data over the wire, etc. These are good steps but the reality is, with supply chains so large and diverse and so many technology pathways where data can leak, there will always be holes in supply chain security despite a company’s best efforts.
In contrast, Information Rights Management offers a radical new paradigm of data protection that is perfectly suited to securing data in B2B and B2C collaboration across a large and diverse supply chain. Let’s look at what Information Rights Management offers in this context, and how it could have protected against many of the often-cited data breaches.
Continue reading “Supply Chain Security – How to Collaborate in a World of Data Leaks”