Let’s face it: security professionals are overrun with data. Their logs are brimming with it. Their security tools are continually alerting them to potential anomalies, attacks, new vulnerabilities, changes in system configurations and all of the other things that could put enterprise data at risk. It’s safe to say that when it comes to data, security analysts and administrators are beyond overwhelmed. However, when it comes to business executives, the opposite is true: they often aren’t getting the information they need to assess what type of risk their organization’s data is under.
The problem is, without the right data — data specific to their roles in the organization — neither security analysts nor business leaders can make effective risk management decisions regarding their corporate data. With version 7 of our Code42®Next-Gen Data Loss Protection solution, we’re tackling that challenge head-on. The goal is to get the right type of information, in the right amounts, at just the right time to those who need it so they can make the best decisions they can relevant to their job.
What do I mean, exactly, when I say security professionals get too much data and business executives not enough? I’m talking about a signal to noise ratio: security pros typically get flooded with so much data that they have a challenging time finding the risks they need to focus on, yet business executives get so little relevant security information that they can’t make effective data-driven decisions.
This can, of course, have profound deleterious effects on security. Bad decision making driven by poor access to the right information will negatively impact regulatory compliance; the protection of intellectual property, business plans and confidential customer data. When it comes to security analysts, if they can’t see the data they need to take immediate steps to mitigate danger, then breaches will go unnoticed until it’s too late. It’s one of the reasons enterprise data breaches, more often than not, go undetected for months. To be specific, the latest research tells us it takes an average of 49.6 days to detect a breach, which is up year-over-year.
Code42 is taking steps to eliminate these barriers to effective security. At Evolution19, we are announcing a series of enhancements when it comes to our alerts, reports and dashboards within our Next-Gen DLP solution.
These improvements will help business leaders get the precise information they need about data risks lurking within their organization. Of course, we will also be providing numerous enhancements needed by front-line analysts to do their jobs more effectively.
These efforts tightly align with Code42’s belief that security’s ability to be successful is directly tied to their ability to quickly detect and respond to data threats. As such, our goal is to demonstrate that security products can be both powerful and easy to use. That’s why we designed our Next-Gen Data Loss Protection solution with ease-of-use in mind. Customers don’t have to spend their time writing complex DLP rules and policies to reduce data risk like they do with traditional DLP — and now we are making it easy to get actionable information whether one is a security analyst or business leader.
What do I mean when talking about security analytics for business leaders? I’m talking about providing them with the insights they need to understand where the data-related risks hide within their organization. This includes attributes such as where their data resides, where it may be inadvertently exposed and show them how and where users are moving that data around the organization. We also will provide other high-level views about their data so they can make better decisions about managing their data, determining their risk level and even investing in security defenses more effectively.
I’ll give you some examples. With these enhancements, business leaders will be able to see not only how many files are shared outside of the organization, but also the kinds of data being shared outside the organization. It will reveal how many file exfiltration events are occurring within your environment and show trends and patterns in data movements that business leaders should know.
Let’s consider insider risks. Often when we think of insider risks, the first thing that comes to mind is the nefarious insider. The insider stealing data to sell to competitors, or to take intellectual property to their next job. Employees acting maliciously isn’t the only cause for concern, though. Sometimes employees simply are careless, or make unintentional or uneducated mistakes. They may not follow the rules around data protection because they’re not convenient, or they may not even be aware of what the rules are. In all cases, it’s crucial that the organization is aware of trends in data usage and movement so that corrective and mitigative actions can be taken.
Of course, we are prioritizing enhancements that also will help security admins get a better signal when it comes to data visibility. This includes improved alerting so that security analysts and managers will be sure to see the security-related situations they need to investigate. While we have always provided security managers information about where all of their data resides within their environment, where their files are located, and how that data travels, in the future we will provide them with alerts that will bring potentially risky situations to their immediate attention. Situations like:
- When a file has a shared link that allows public access to an internal file.
- When a file is shared publicly and indexed on the internet.
- When a user copies files to removable media.
- When a user syncs a file to a cloud service.
- When user browsers or applications read a file from a device.
That’s a lot of powerful information and will help organizations go a long way in reducing their data security risks.
This is an exciting time for us at Code42; we continue to evolve our Next-Gen Data Loss Protection solution. It’s so rewarding to see all of our efforts come to fruition and I can’t wait to see how our customers put these new capabilities to use.