Blog

Browse our blog to see what our experts are talking about, and for insights on the latest cyber security trends impacting your business.

Cybersecurity Breakthrough AwardCybersecurity Breakthrough Award
October 20, 2020

Cybersecurity Breakthrough Award

In the 4th annual Cybersecurity Breakthrough Awards 2020, SecureCircle was recognized as the top Enterprise Encryption Solution of the Year. SecureCircle delivers a SaaS-based cybersecurity service that extends Zero Trust security to data on the endpoint. At SecureCircle, we believe frictionless data security drives business value for our customers. End users operate without obstacles, while data is continuously secured against breaches and insider threats.

Cybersecurity Breakthrough Awards 2020

Read Article
Blog
National Cybersecurity Awareness MonthNational Cybersecurity Awareness Month
October 19, 2020

National Cybersecurity Awareness Month

Now that work, school, and many other life aspects have shifted online this year, it is vitally important that we remember to take on cybersecurity precautions. Working from home introduces many new challenges for companies because their data is now in multiple different locations on different devices. Since October for National Cybersecurity Month, SecureCircle wants to remind you data breaches are still increasing. 

For starters, the average cost of a data breach is now 8.64 million dollars, which is a 5% increase since 2019. Internal actors account for 31% of data breaches in North America. When working from home, many employees tend to abandon security practices and expose company information due to negligent or malicious acts. 76% of companies that have experienced a data breach have said that remote work would increase time to identify breaches. Legacy security tools do not work. 

Cybercriminals have many advantages when it comes to a remote workforce. In most cases, home setups are often insecure. Most of them lack a defense-in-depth approach, such as using VPNs, antivirus solutions, firewalls, and intrusion prevention systems to protect data in residential environments. While at home, employees also tend to use several devices, leading to multiple potential entries for threats. Overall, there are so many more cracked doors for cybercriminals to open and attack. With a Zero-Trust data security solution, companies will steer clear of data breaches and cybercriminals. 

At SecureCircle, we believe frictionless data security drives business value for our customers. We deliver a security service that simplifies Zero Trust data security on endpoints. Customers use SecureCircle because of these four key reasons :

1) Remove users from the security process

2) Transparent and frictionless to users and applications

3) Reduce cost and complexity

4) Rapid and simple deployment

Along with that, SecureCircle secures an endless amount of use cases, but we focus on three primary use cases. These use cases include :

1) Source Code Protection

2) Zero Trust data security for Saas

3) User-generated intellectual property

With SecureCircle, companies proactively keep all of their data secure without impacting user or business workflows. Instead of relying on complex reactive measures, SecureCircle simply secures data persistently in transit, at rest, and even in use.

Read Article
Blog
Jeff Capone of SecureCircle: 5 Things You Need To Know To Optimize Your Company’s Approach to Data Privacy and CybersecurityJeff Capone of SecureCircle: 5 Things You Need To Know To Optimize Your Company’s Approach to Data Privacy and Cybersecurity
October 15, 2020

Jeff Capone of SecureCircle: 5 Things You Need To Know To Optimize Your Company’s Approach to Data Privacy and Cybersecurity

As part of Authority Magazine's series about “5 Things You Need To Know To Optimize Your Company’s Approach to Data Privacy and Cybersecurity”, the CEO of SecureCircle, Jeff Capone, is interviewed by Jason Remillard. Capone shares his own experiences and tips that many organizations can use to enhance their own data privacy and cybersecurity.

Jeff Capone's "5 Things You Need To Know To Optimize Your Company’s Approach to Data Privacy and Cybersecurity" :

  1. Zero Trust Data Security.
  2. Impose control around users, data, devices, and networks.
  3. Make sure to have visibility.
  4. Users should not be part of the security process.
  5. Look for the latest and greatest technology because security changes rapidly.

Read the full interview at Authority Magazine

Read Article
Blog
The Real Enterprise Data Protection Problem: CAD files and Other Legacy Apps DataThe Real Enterprise Data Protection Problem: CAD files and Other Legacy Apps Data
October 15, 2020

The Real Enterprise Data Protection Problem: CAD files and Other Legacy Apps Data


Talk to any enterprise CISO and you quickly learn that despite all the DLP and encryption solutions that focus on protecting office files, the real problem that nobody talks about is protecting highly valuable data in non-office file formats:

  • Automotive, manufacturing and industrial enterprises rely heavily on the CAD design data format to store and exchange critical IP
  • Healthcare exchanges data in proprietary billing and patient record formats exported from Electronic Medical Records systems
  • Media and design enterprises put their most valuable IP into MOV and MP4 files, Photoshop PSD files and other media formats
  • Source code used more and more by large enterprises as part of their digital transformation contains valuable IP
  • MS Visio and MS Project formats - even Microsoft offers little to protect these critical forms of IP

Even worse, the majority of large enterprises also rely heavily on line of business ERPs like SAP, as well as their own legacy or home-grown line of business applications at the core of their operations. When data is exported from those applications whether for sharing internally or externally, that is an immediate threat to the business. 

Imagine a legacy CAD tool that produces an enterprise’s key industrial designs, however the editor is no longer supported by the vendor. Or a home-grown content authoring tool that no longer has an in-house development team. These legacy applications are so entrenched in business workflows that changing to another application for security reasons is unrealistic, so the enterprise has no choice to find a data protection solution… or simply operate with no protection. 

Compound this with sharing data between more remote workers and more data sharing with 3rd party vendors, and your most valuable data is simply pouring into the wrong hands at an alarming rate.

Traditional DLP Is Not Enough

Most enterprises have a data loss prevention (DLP) solution in place, but despite this data breaches still happen at an alarming rate. The root cause is simple: DLP lets all data flow by default and attempts to only selectively identify, classify and block sensitive data from falling into the wrong hands. But identifying sensitive data to protect is extremely error-prone. A DLP might be able to spot highly structured, pattern-oriented data like credit card numbers and social security numbers (though even that is not always true). But DLP will miss most forms of intellectual property like product designs, manufacturing blueprints, corporate IP, employee personal information, HR information, etc. This is because IP is rarely in a machine-detectable format like a credit card, and it is often housed in non-office formats like CAD, PSD, image files, source code, as well as legacy and proprietary formats that DLP doesn’t handle. 

No wonder half of all manufacturers experienced a data breach in the last year! 

Other traditional data protection technologies attempt to augment DLP to solve the issue, but are clearly ineffective as data leaks are still rampant. Manual classification, for example, puts the identification of IP in the hands of employees. However employees are busy, make error-prone decisions, and may even represent an insider threat.  Cloud Access Security Broker (CASB) and Digital Rights Management (DRM) are dependent on accurate identification of data as well, rendering them as inaccurate as DLP. And none of these solutions have true support for non-office data formats anyway.

Specialized Solutions for Different Forms of IP

There are security solutions marketed specifically for source code, or specifically targeted at protecting CAD designs. This may be the best way to address an urgent use case for a particular type of sensitive data.

Buyer beware, however: 

  • Many of these solutions are marketed as if specialized, however under the hood they simply use the same age-old techniques that have made DLP ineffective.
  • Purchasing solutions that are specialized in one use case may create additional integration and maintenance challenges 
  • There may not be a specialized solution for legacy or home-grown data formats.

DASB Solves the Enterprise Data Protection Problem

SecureCircle's Data Access Security Broker (DASB) is a specialized solution that addresses the unique needs of intellectual property data protection in any data format - CAD, PSD, Visio, MOV, etc. 

DASB achieves this in 3 ways:

  1. DASB’s default is to protect data, rather than allow data to flow. Much like a firewall that protects by default and only allows by exception, DASB protects any specialized IP by default. This is very different from DLP’s heavy and error-prone data classification techniques. 
  2. DASB is completely transparent to the end-user. DASB is able to protect by default because it can do so without the end-user even knowing that it is working behind the scenes. 
  3. DASB protects all types of data. Not just office files, but all formats including source code, specialized CAD, MOV and other formats, even home-grown and legacy data formats. 

DASB achieves this by adding an invisible layer of indirection between the user and the data, just as http became https by adding a layer of security over all exchanges on the web, regardless of the type of content served in your web browser. 

When it comes to legacy and home-grown client/server and web applications, DASB is agnostic to applications. Security is applied with zero change to the application and no impact to existing integrations or workflows.

And when it comes to users creating, copying and importing new data into the enterprise, DASB is data-centric.  DASB follows data as it moves from file to file and application to application to automatically protect derivative work without any user intervention and regardless of format including CAD, images, and health records.

A Specialized Solution, For All Data Types

CISOs who have already invested in DLP but still have a laundry list of unprotected data use cases need not worry. This is the sad norm. DASB is a specialized solution that can immediately solve a specialized data protection use case such as CAD manufacturing designs, media files, images, and homegrown and legacy data formats. DASB is fast to deploy and works in a way that is invisible to users and other security tools, so there is no need for custom integrations or changes to your process. An enterprise that deploys DASB will solve their data use case in days, not years.

But DASB is a paradigm shift that works for any data, allowing it to take on more and more use cases as needed, to evolve with the needs of your data protection strategy, rather than leaving you buying a separate product for every situation that comes up. 

What is your data protection use case? Put specialized DASB to the test. 


Read Article
Blog
Need Zero Trust for a Remote Workforce? There's a Missing Link.Need Zero Trust for a Remote Workforce? There's a Missing Link.
October 13, 2020

Need Zero Trust for a Remote Workforce? There's a Missing Link.

Think you've secured every part of your remote employee's access? Think again. Here is what typical remote workforce security looks like:

  • the employee logs in to your network through the secure VPN - check.
  • employee uses cloud services and manipulates data, protected by the SaaS vendors - check.
  • employee access to data in the SaaS apps is limited by access controls - check.
  • employee exports data from the cloud service, and now has unfettered access to share or leak that data - OOPS! 

Many enterprises have perimeter security, identity and access management, and contracts with SaaS vendors to protect their data while it is in the cloud. The weak link is the moment that data is exported by a user from a cloud service - whether Box, Dropbox, Salesforce, Github, AWS folders, SAP, etc. From the moment of export, the SaaS app vendor is no longer responsible for the data or its security, and other security tools like CASB do little to protect the data that has been exported. This allows ordinary users to accidentally share the data where it doesn’t belong, and malicious users to purposefully extract data with ease! 

This problem has been referred to as "last mile security", suggesting it is a minor edge case to be addressed down the line. However with the explosion of remote workers, contractors and 3rd party vendors working for most enterprises, and the fact that most data is now hosted in cloud services - this problem is now anything but "last mile". Securing data as it’s being exported into the user’s hands - data at the point of egress, in other words - is now front and center as the big challenge of enterprise data protection today.


What Security Tools Exist to Protect Data Exported From Cloud Services?

There are technologies that are commonly used to protect data exported from cloud services and SaaS applications, however as we will see, the problem with these technologies is that they do not work at scale. This is why cloud data leaks are so rampant, and only increasing in today's world of remote work. 

Cloud Access Security Brokers, or CASB, are installed by enterprises to filter data that passes to and from the cloud. 

By default, they allow all data to pass through unfettered, but run algorithms to attempt to identify and classify sensitive data and block the sensitive data from being shared, based on a rule set. Unfortunately, the automatic identification of data is highly error prone, often blocking data that should not have been blocked, while missing highly sensitive data that is allowed to pass without a word. 

CASBs have some practical uses. They can be useful to identify "shadow IT" - unsanctioned cloud services that employees are using. CASBs can apply classification to data that passes in and out of the cloud, which can be useful for enterprise data management and analytics, privacy and compliance programs. But as a way of solving the last mile problem, CASB does not begin to protect data accurately, and imposes a heavy burden on productivity along the way. 

Digital Rights Management, or DRM, is another technology that traditionally attempts to protect data exported from cloud services. DRM manipulates the data that has been exported from the cloud, encrypting files and embedding access control information into the header such that any attempt to access the file requires a callback to the enterprise server to allow the file to be decrypted. Unfortunately, this technology still relies on identification and classification to accurately identify what files to encrypt, which is highly error prone. And files that do get encrypted impose a heavy usability burden. Only certain file types can be encrypted, they can only be read by certain applications, they require special access credentials, there is no interoperability between DRMs, and access rights are often too restrictive, just to name a few limitations - rendering DRM-protected data unusable at scale. In practice, there are virtually no real-world examples of DRM deployments in the enterprise.


DASB Provides Zero Trust Data Protection, at Scale

Data Access Security Broker (DASB) is the missing link to protect data exported from cloud services, and more generally, to protect any data. 

There are 3 keys to the DASB paradigm:

  1. Data is protected by default. Much like a firewall that protects by default and allows by exception, DASB protects all data exported from cloud services by default. This is very different from CASB that is heavy and error-prone data classification techniques. 
  2. DASB is completely transparent to the end-user. DASB is able to protect by default because it can do so without the end-user even knowing that it is working behind the scenes. 
  3. DASB protects any type of data. Not just office files, but all formats including source code, specialized CAD, MOV and other formats, even home-grown and legacy data formats. 

When you can protect all data by default, any data type, and do that in a way that is completely transparent to the end-user, you have a paradigm that scales

With DASB, enterprises are now able to achieve zero-trust data protection, even on data exported from their SaaS apps into the hands of remote workers, contractors and third-party vendors. At scale, this means the largest enterprises enable productivity of their remote workforce with total protection. That data remains persistently protected wherever it goes, only accessible to those who have permissions to access it. However, DASB is completely invisible to end-users. This is true for any data type, without modifying applications or the data itself.

In today's work-from-anywhere world, there is a missing link. Controlling data once it is exported out of your perimeter and out of your SaaS apps. This is a rampant source of data leaks because no technology exists that can solve the problem at scale - until now. Welcome to DASB.


Read Article
Blog
Zero Trust: SecureCircle plus Endpoint Detection and ResponseZero Trust: SecureCircle plus Endpoint Detection and Response
October 5, 2020

Zero Trust: SecureCircle plus Endpoint Detection and Response

The Challenge


ISCS obtains confidential information from their customers as part of the normal operations. The data could include business plans, detailed cost information, and intellectual property such as source code. ISCS wants to deploy a Zero Trust data security solution to demonstrate to customers’ their data is safe by preventing insider threats and securing SharePoint sites which ISCS uses to collaborate with their customers.

The Solution

Unlike other security solutions which rely on users to be involved in the security process, SecureCircle has adopted a Zero Trust philosophy. Zero Trust data security is a practice of never trusting users with data. For zero trust to be effective, data must be secured by default and not by exception.

ISCS has a very cloud-centric application model which can cause issues with users downloading SaaS data on unauthorized devices. To prevent this, ISCS has adopted SecureCircle’s Data Access Security Broker (DASB). Now, all data downloaded from the cloud will automatically be secured by SecureCircle. SecureCircle is deployed as a SaaS service itself, so there are no operational tasks involved with maintaining SecureCircle. Employees are unaware of any additional layer of security since their workflow for downloading SaaS data such as Microsoft, ADP, and Oracle has not changed and employees continue to use the same applications.

SecureCircle monitors the ISCS SharePoint Server and SaaS applications such as ADP, Oracle, NetSuite, GitHub, and others to automatically secure data as it leaves the cloud and moves onto employee endpoints. SecureCircle is able to secure corporate devices and well as BYOD devices. There is no change to data in the cloud so all SaaS applications continue to work without modification or awareness SecureCircle is securing data as the data egresses.

All identity management is centralized with ISCS’ existing Azure Active Directory server. Deployment of SecureCircle is simple for ISCS. ISCS deploys SecureCircle endpoint agents via their Mobile Device Management (MDM) solution that is already in place to deploy and update applications on endpoints.

The Outcome


Since other data security services cannot meet the requirements of Zero Trust, by deploying SecureCircle the ISCS CISO said, “The combination of SecureCircle with an advanced Endpoint Detection and Remediation solution provided us the capability to affordably implement a Zero Trust security architecture that completely captures and controls all user’s interactions with our information no matter where they are, what device they are using (corporate owned, BYOD or customer owned) or what system they are using. SecureCircle is the breakthrough information rights and data loss prevention technology we were looking for.”

Not only did SecureCircle secure ISCS data, but also without increasing the operational over-head required to maintain the solution.

Download PDF version of this case study

Read Article
Case Study
Millions of Data Leaked Due to Unsecured DatabasesMillions of Data Leaked Due to Unsecured Databases
September 28, 2020

Millions of Data Leaked Due to Unsecured Databases

Unsecured databases are quickly becoming a massive data security problem. Researchers have found close to 10.5 billion pieces of consumer data left vulnerable on almost 10,000 unsecured databases across 20 countries. With the information stored in unprotected databases, cybercriminals would have to put little to no effort to access the data. 

Since hacking databases can be an easy target for cybercriminals to steal data, they are becoming more frequent. Just the smallest mistake made by a database manager can lead to large amounts of intimate data to be left sitting on the internet. Virtually anyone could access these unsecured databases through publicly available websites and tools. Search engines such as Censys and Shodan assist hackers in scanning the web to view databases left open. 

With the data in hand, hackers can easily cause all sorts of damage to their victims and their data. Information such as full names, logins, and addresses are most valuable to spammers and cyber criminals conducting phishing campaigns. Data could also be used to run phishing attacks that could lead to thousands of dollars in losses from selling on the dark web.

Last month, 235 million users on popular databases such as Instagram, Tik Tok, and Youtube profiles were exposed to massive data leaks. Based on collected samples, one in five records contained either a telephone number or an email address. Along with that, every record contained some or all data, including full names, profile photos, and account descriptions.  The leaked data is said to have originated from a Hong-Kong registered company, Deep Social, which sells data on social media. 

Unfortunately, unsecured databases are not disappearing anytime soon. It will only become more common. For organizations to protect and secure their website databases,  they should deploy Zero Trust data security such as SecureCircle.  Regardless of where data is stored including databases, source code repositories, or SaaS applications such as Salesforce or Workday, data needs to persistently secure.  

At SecureCircle, we believe frictionless data security drives business value for our customers. End users operate without obstacles, while data is continuously secured against breaches and insider threats. Instead of relying on complex reactive measures, we simply secure data persistently in transit, at rest, and even in use.

Read Article
Blog
Enterprise Security Weekly | Zero Trust Data SecurityEnterprise Security Weekly | Zero Trust Data Security
September 28, 2020

Enterprise Security Weekly | Zero Trust Data Security


Enterprise Security Weekly | Zero Trust Data Security is a very popular security architecture that is being adopted by many organizations. In this webcast, Paul Asadoorian of Security Weekly and SecureCircle walk through how SecureCircle implements a zero-trust solution. A zero-trust solution requires the owner of the data to always be in control at all times. The owner is in control of all of the networks, devices, users, and data. 

Source code is one of the most fluid and valuable pieces of data that organizations need to protect and maintain control. With SecureCircle, keeping source code protected is now possible with Zero Trust Data Security. The owner of the source code will have control at all times and enables the developer to do their job without giving up control over their data.

Read Article
News
Traditional Data Security Fails to Be Zero TrustTraditional Data Security Fails to Be Zero Trust
September 28, 2020

Traditional Data Security Fails to Be Zero Trust

Data security tools are not providing enough value for their customers.  The average total cost of a data breach in the United States is nearly $9million per the 2020 IBM Cost of Data Breach Report.  That is a five % increase from 2019.  31% of data breaches in North America can be attributed to internal actors.

Per the Verizon 2020 Data Breach Investigations Report, 76% of companies that experienced breaches said remote work would increase time to identify and thus continue to increase costs to organizations.

What is Zero Trust Data Security

  • Zero Trust data security is a practice of never trusting users with data.  For zero trust to be effective, data must be secured by default and not an exception.
  • Never trusts the user with the data or giving them control. Instead, allow users to work with the data as if they’re in control.

Data breaches and news headlines confirm Data Loss Prevention (DLP) solutions are broken.  Customers like DLP because it seems easy. Three well-known steps: discover, classify, and protect.  With DLP, chief information security officers (CISO) and other security teams feel like DLP casts a wide net.

Customers dislike DLP because it relies on users to be trusted, which creates security gaps that are hard to anticipate.  Maintaining DLP is impossible because the DLP model creates rules to block behavior, so IT and security teams are constantly chasing the next unknown.  Rule maintenance is a never-ending battle of finding new egress points in organizations.  Let’s review the three components of DLP.

Discover and identification of data that needs to be classified doesn’t work because legacy DLP solutions rely on fragile pattern matching like a regex expression.  Tiny changes to the pattern leave false positives and negatives that are not reliable.  

DLP regex discovery may work for phone numbers and very static formatted data, but there is no pattern to match to locate ‘top secret’ data.  ‘Top secret’ data could include intellectual property, internal finance and HR data, and more.  DLP relies on users to discover this type of data.

Classify and tag data with labels so the protection systems can take the proper action.  Tagging data in legacy DLP solutions only captures the data at the moment in time.  DLP tags do not automatically update when the data changes.  DLP requires tags to be added to file metadata.  But most file types don’t support the ability to add metadata to the file.  This creates a dependency that DLP requires to function properly.  It is the same reason these solutions can’t support any file type or any application.  So again, DLP relies on users to classify and tag data.

Protection of tagged data.  Assuming the discovery and classification steps were correctly executed, data is protected by creating rules to block activity and transfers. Information is not protected by default.  DLP depends on rules that either block (stopping the action or transfer), allow, or encrypt the data.  Rules have to be created for every workflow possibility.  When new applications are used, new rules must be created.  When new functionality is added to existing applications, new rules must be created.  DLP is an operational nightmare as security teams are in an endless battle to keep rules updated.  Users will find ways to egress data.  There are too many possibilities, and manual rule creation is error-prone at a minimum and deficient for most organizations.


Alternatives to DLP include Secure Access Service Edge (SASE).  SASE is a combination of Cloud Access Security Broker (CASB), Secure Web Gateway (SWG), DLP, and SD-WAN to isolate applications, segment networks, and authenticate based on user permissions, authentication, and verification before giving access to resources that include data.  Designed for a cloud world, SASE puts a perimeter around cloud services but still forces all data through one focal point, which has different performance, reliability, and security concerns.  Data protection for SASE still relies on traditional DLP for data protection.  Therefore, SASE has the same downfalls as traditional DLP.

Another security option for organizations looking for Zero Trust data protection is Virtual Desktop Infrastructure (VDI).  VDI was never designed as a security solution.  VDI provides all the benefits of SASE by putting the user in the data center.  The user is working with data but doesn’t have control over the data.  The data is always in the data center.  VDI was designed for the local area network (LAN) world like a doctor's office or call center.  

VDI is used by some organizations to protect the holy grail of data, which is source code.  Source code is exceptionally challenging to secure because appeasing developers and not impeding their productivity or changing their workflow is always a concern for organizations.  Developers are a tough audience to keep happy.

The downfalls of VDI is that the solution is costly, latent, decreases productivity, and user experience is not optimal. Still, it does check all the requirements for Zero Trust data protection.


SecureCircle is able to deliver a Zero Trust data protection solution that allows organizations to control data without impacting how the user needs to do their job.  Users aren’t affected by reduced productivity or a change in the workflow, so they won’t try to find ways to get around security because security is transparent.

We have highlighted source code as the holy grail of data because source code has been complicated to secure. Still, SecureCircle protects data in other use cases such as (1) protecting SaaS data as it leaves the cloud application and (2) user-created content such as media, design, and office data.

Why Do Customers Choose SecureCircle?

  • We remove users from a security process so you don’t have to rely on users doing the right thing.
  • Transparent and frictionless to applications and users
  • Reduce cost and complexity (one tool, protect by default persistently)
  • Rapid deployment 


SecureCircle persistently protects data by default.  Data is secured at rest, in transit, and in use.  Organizations grant workflows, applications, or users the ability to egress data from protection and create auditable events for compliance visibility.  SecureCircle focuses on protecting not just devices or data but also the process and workflow around data creation, storage, and use.

SecureCircle tracks protected data, and when protected data is moved to new or unprotected files, the new file is automatically protected with the same permissions as the original data.  Tracking data and not files allows SecureCircle to allow copy and paste and SaveAs functions while continuing to protect data as it moves.

User, device, application, and network permissions can be changed in real-time since organizations never lose control of data regardless of where data is created, stored, or transferred.


SecureCircle is the only Zero Trust data protection solution that can protect data, reduce management overhead and cost, and not impact user behavior or workflow.

Download a PDF version of content


Read Article
Blog
Why Traditional Data Security Can't Be Zero TrustWhy Traditional Data Security Can't Be Zero Trust
September 21, 2020

Why Traditional Data Security Can't Be Zero Trust

Security Weekly Webcast: The challenge in securing data has increased in complexity as businesses move aggressively to cloud and modernize IT through the use of SaaS applications. In this virtual training, Paul Asadoorian of Security Weekly and SecureCircle will walk through how both legacy approaches, such as DLP, and modern approaches, such as CASB, struggle to plug the real world security holes that are required to meet a zero trust security model.As part of this training, the SecureCircle team will go deep into the different data security techniques and how zero trust requires more comprehensive protection that keeps data protected by default, not by exception.

Read Article
News
Intel Internal Data Leaked By Server Hacker or Third-Party?Intel Internal Data Leaked By Server Hacker or Third-Party?
September 3, 2020

Intel Internal Data Leaked By Server Hacker or Third-Party?

Yet again, another case of leaked data has hit the web. Intel, the largest chipmaker in the United States is investigating a data breach that leaked 20 GB of internal data. The assortment of documents included some marked as confidential, under NDA, and unrestricted secret. Till Kottman, a swift software engineer shared the data on the file-sharing site MEGA. 

Kottman claims to have received the files from an anonymous hacker who insists they breached Intel earlier this year. The hacker claims to have found the data on an unsecured server via a simple Nmap scan. Many of which had zip files with easy to guess passwords. Kottman received the leaks due to his management on a popular telegram channel that frequently leaks data from major tech companies. Just a few weeks ago, Kottman released source code files of over 50 high profile companies such as Disney. The data released on Intel included technical specifications, product guides, and manuals for the company's CPUs. This contained confidential details on chip road maps, development and debugging tools, schematics, training videos, process simulator ADKs, sample code, and Bringup guides. 

Even though the data breach did not include personal data of Intel’s clients or workers, it exposed the source code of their third parties. Intel denies Kottman’s claim the data breach was caused by the anonymous hacker. Intel claims the leaked data was from the Intel Resource and Design Center which hosts data for use by customers, partners, and external parties who have registered for access. Intel believes that an individual with access downloaded and shared the data. 


Whenever providing intellectual property access to another organization or individual, it is important to log who had access, when they had access, and what they accessed. With SecureCircle’s patented Data Access Security Broker (DASB), you have control of your data. Every action to your data turns into an auditable event. DASB is a completely transparent data-centric protection solution, which not only provides a data log that becomes auditable when integrated with your SIEM but also enables mapping to a wide variety of compliance requirements pertaining to data visibility/tracking and protection/encryption. So even if Intel’s third parties had access to data, SecureCircle would’ve been able to protect the files from being released publicly.

Read Article
Blog
Cybersecurity Risks That Come With Remote LearningCybersecurity Risks That Come With Remote Learning
September 3, 2020

Cybersecurity Risks That Come With Remote Learning

For many students, back to school session is right around the corner. Under the new circumstances of remote learning, students need to become aware of the importance of data security. School districts in the United States already have many cybersecurity shortcomings. Many lack the funding and skilled personnel to provide cybersecurity defenses. With many cybersecurity vulnerabilities in remote learning environments, hackers know they are easily able to squeeze through the door and attack. 

SecureCircle understands the challenges enterprises have with protected sensitive data, including PII, PCI, PHI, and corporate trade secrets.  SecureCircle's Zero Trust data protection eliminates data breaches and insider threats by protecting all data outside of SaaS applications. SecureCircle's Data Access Security Broker (DASB) protects and monitors data, including data egressing from enterprise cloud services and managed repositories to enforce access controls on data regardless of location, including cloud and endpoint devices. SecureCircle protects data transparently and persistently at scale delivering the world's only Zero Trust data protection. Schools are not different.

Many schools are relying on video communications such as Zoom and Google Hangouts for remote learning. For many teachers, transitioning from in-class to online sessions has been pretty tricky already. Because of that, some teachers struggle to secure their data on the platforms adequately. “Zoombombing,” a term used for internet trolling on video conferences involving an unwelcome guest who takes over the audio or video controls to display inappropriate materials or remarks. Zoombombing was non-existent up until schools went online. On April 1, a video meeting hosted by Utah’s Alpine School District was interrupted by an uninvited guest. The hacker revealed pornographic images to dozens of elementary school students. Internet trolling is one of the many reasons why everyone should be taking extra security precautions online. Now, it is more common for schools to set up their meetings using passwords. 

Students who use learning platforms, such as K12 and Chegg, also face many cybersecurity vulnerabilities. With most of these platforms, students are required to create an account using their personal information. Without proper security measures, the user’s account information is bound to get stolen. Last year, K12 failed to keep one of their databases updated, which left almost 7 million records for 19,000 students available for anyone to take. The information exposed included full names, email addresses, birthdates, gender, age, and school names. Something as minor as a database issue can lead to a violation of a student’s privacy, increasing their risk of identity theft, spear phishing, or even physical harm. 

Another major issue with remote learning is the increased amount of phishing scams targeting students. Just with one click, a hacker can unlock your username, password, personal information, or even download malware onto the device. Hackers typically pose as administrators of the school, sending compelling messages to get students to click on their link. It is imperative for students to become aware of what they are clicking on and how much damage it can cause. 

We understand that teachers, parents, and students are not prepared to be IT administrators, so we’ve put together a few tips to improve your cybersecurity this school year.

  • Do not reuse passwords: If the password gets stolen, hackers are easily able to gain access to multiple different accounts.
  • Make sure your device is updated with the latest updates for your operating system and applications: many hackers rely on known vulnerabilities in older versions.
  • Never provide anyone your password.
  • Don’t post any personal information, such as your phone number or address online. Your teacher and school already know this information and will not be asking for it.

With SecureCircle, data is proactively protected regardless of where data is created, consumed, stored, or modified. SecureCircle’s DASB seamlessly integrates with existing systems, ensuring there is zero impact on the current workflow or productivity. Now more than ever, it is more vital that schools and students take on higher security measures.


Read Article
Blog
Why Legacy DLP Does Not WorkWhy Legacy DLP Does Not Work
August 20, 2020

Why Legacy DLP Does Not Work

In today's world, it is ubiquitous for employees to abandon ship to board another one. It is also common for these employees to take confidential data with them when leaving. Data loss can become very damaging for the company, especially when the employee leaves for a competitor. Three former employers of McAfee left at various points throughout the year for the companies rival, Tanium. McAfee, a computer security company, is now filing a lawsuit against its former employees for the conspiracy of stealing trade secrets. 

Once McAfee realized that three members from its sales staff were poached, they conducted a forensic examination of their computers. According to the lawsuit, McAfee discovered the former employees transferred confidential company information to unauthorized USB devices, private email addresses, and cloud-based drives. One of the employees had accessed a spreadsheet file containing detailed information about potential McAfee sales even after announcing their resignation. 

Ironically a leader in legacy DLP (data loss prevention) such as McAfee demonstrates why legacy DLP doesn't work.  McAfee was not able to recognize stolen data until months after the damage done. Along with this, they still were not able to determine what data and how much data left.

SecureCircle is the only data protection solution that adheres to the Zero Trust security model.  SecureCircle's DASB (Data Access Security Broker) mitigates insider threats and data breaches by proactively protecting your data, whether at-rest, in-transit, or in-use.   There is no reliance on discovery or classification tools.  Protect data by default with granular permissions for users, devices, applications, networks, and more.

As users create content, SecureCircle analyzes the new data's dDNA (digital DNA) and compares it to the dDNA of protected data. If similarities are detected, SecureCircle automatically protects the information with the same access control policies as similar protected data. 

SecureCircle protects data in complex SaaS workflows, such as source code protection.  Data is automatically protected when downloaded from a cloud repository such as GitHub, and data remains protected at all times while developers modify code. Protection is transparent to users, and users are free to use any IT authorized application.

With SecureCircle, companies are ensured data protection by default and visibility over every data access attempt.  With DASB deployed, companies can mitigate data breaches and insider threats such as employees taking confidential information to their next employer.


Read Article
Blog
Protecting Data From The Threat of Ransomware Protecting Data From The Threat of Ransomware
August 20, 2020

Protecting Data From The Threat of Ransomware

When engaging with customers, we focus heavily on finding ways to help them on their journey to implementing a Zero Trust security strategy. After going deep on how we deliver persistent protection customers often ask how we can help defend against ransomware.

When it comes to protecting against ransomware, there are two scenarios that customers are looking to mitigate. Firstly, unrecoverable data destruction and secondly, and often, more importantly, the exfiltration of critical information. It’s this second scenario where SecureCircle provides the most strength. Persistent data encryption ensures data remains protected even from exfiltration by any unsanctioned endpoint processes.  What that means is although end users don’t see SecureCircle, their critical business data is continually under protection as they go about their daily workflows.

Ransomware needs to be granted explicit access to read unencrypted bytes (the actual content) if protected by SecureCircle. Thus, any ransomware process spawned with the intent to gain access to critical data for the threat of leakage is not in a position to read valued business data.

For many customers deploying SecureCircle in combination with an air-gapped backup strategy protects against both the threat of exfiltration and data destruction. SecureCircle’s persistent data protection, combined with a traditional approach to backup, help to close the gaps that ransomware attacks look to exploit.

In order to balance the goal of tight security and transparent user experience, SecureCircle continuously monitors data access in real-time to ensure we only allow sanctioned users and process access to encrypted data. The result is raw data is just not readable to unapproved processes that ransomware executes. By watching low-level data operations, we gather fine-grained telemetry information for deeper visibility into data access activities, including ransomware behavior.

Our primary focus has always been to keep data safe wherever it is stored. We strongly believe that customers who implement a comprehensive zero trust security model are well-positioned to protect against ransomware in the same way they can be kept safe from insider threats.

Read Article
Blog
Data Security Startup to WatchData Security Startup to Watch
August 19, 2020

Data Security Startup to Watch

Forrester Research has named SecureCircle a 'Data Security Startup to Watch' in the August 2020 report - The Zero Trust eXtended Ecosystem: Data, Secure Data Independently and in each Pillar of the Zero Trust Framework by Heidi Shey, Chase Cunningham with Amy DeMartine, Kate Pesa, Diane Lynch.


"SecureCircle is thrilled to be recognized by Forrester for our innovative data security approach. Enterprises that have adopted a Zero Trust framework have been using non-Zero Trust data protection solutions for years. Traditional DLP for example relies on discovery and classification of data before protection. A true Zero Trust data protection solution such as SecureCircle protects data by default and has granular access control to authorize access based on user, device, application, and network," said Jeff Capone, CEO and co-founder of SecureCircle.


The full report is available at Forrester.com (pay wall)


About SecureCircle

SecureCircle's Zero Trust data protection eliminates data breaches and insider threats by protecting all data outside of SaaS applications. SecureCircle's Data Access Security Broker (DASB) protects and monitors data, including data egressing from enterprise cloud services and managed repositories to enforce access controls on data regardless of location, including cloud and endpoint devices.  SecureCircle protects data transparently and persistently at scale delivering the world's only Zero Trust data protection.


Read Article
News
Cost of Data BreachesCost of Data Breaches
August 18, 2020

Cost of Data Breaches

With all of the unexpected changes occurring in 2020, some things remain the same. For its 15th year, the Ponemon Institute has conducted research to produce the annual Cost of Data Breach report published by IBM Security. This report provides a detailed view of the financial impacts, and risks security incidents can have on organizations.

This year's report enlists 524 organizations that have encountered data breaches between August 2019 and April 2020. The 2020 report demonstrates consistency with previous research from the last few years. The global cost of a data breach, which averaged $3.86M this year, was decreased by about 1.5% from 2019. Among that, the average time to identify and contain a data breach went from 279 days to 280 days in a year. Despite the availability of new technology, the response time has not changed within the past five years. 

This report shows how customer personally identifiable information (PII) was the most expensive type of record. This year, the average cost of a lost or stolen record is $150. Customer PII was also the most frequently compromised data, showing up in 80% of analyzed data breaches. With SecureCircle, Customer PII data is protected by default. SecureCircle is data-centric, so when data including PII information is copied from one protected file to another, protection follows the actual data.

Malicious attacks slightly increased from 51% to 52% in 2020. Data breaches due to compromised credentials averaged $4.77 million, third-party vulnerabilities averaged $4.53 million, and cloud misconfiguration averaged $4.41 million. 

With many organizations switching to a remote workforce, 76% of organizations from the report believe that the cost of data breaches will only increase.  The report predicts that with a remote workforce, responding and containing a data breach will be much more difficult and time-consuming. With the research and findings of the report, organizations should realize the dangers of data breaches. Tools like SecureCircle should be deployed in these organizations to reduce risks with automated data protection. SecureCircle's Zero Trust framework protects data by default without any user interaction required.  All data downloaded to employees' devices at home are protected automatically - whether the data is downloaded from a SaaS or cloud application, a corporate file server, or created on the endpoint.  Adhering to Zero Trust, SecureCircle doesn't believe in safe and unsafe network locations.  Data security is applied to devices at home with the same protection as devices inside the corporate network.

The data breach report highlights that many enterprises are still having trouble protecting data that should never leave an organization.  Architecture's like Zero Trust focus on not automatically trusting anything inside or outside its perimeters and instead verify every action.

SecureCircle persistently protects all data by default.  All permissions can be changed in real-time regardless of the location of the data.  Protection is transparent to end-users with no change to the workflow.  All file types and applications are supported by default, with no development required.  SecureCircle is the only data protection that adheres to Zero Trust. 


Read Article
Blog
Garmin Suffers from a Multi-Million Dollar Ransomware AttackGarmin Suffers from a Multi-Million Dollar Ransomware Attack
August 11, 2020

Garmin Suffers from a Multi-Million Dollar Ransomware Attack

Once again, a massive ransomware attack causes a global outage. Garmin, a sport and fitness tech giant reportedly paid millions of dollars in ransom after shutting down from the attack. The attack put Garmin’s wearables, apps, websites, and call centers offline for several days. The payment was presumed to be around $10M. 

Several sources have confirmed that WastedLocker ransomware was to blame for the attack. Evil Corp, a known Russian-based hacker group, reportedly operates WastedLocker.  Garmin declined to explain the specific cause of the attack but reportedly negotiated with Evil Corp to restore their service. Garmin paid the ransom through a ransomware negotiation company called Arete IR. According to BleepingComputer, Garmin received a decryption key to access data encrypted by the virus. 

Last December, Evil Corp was placed under sanctions by the U.S treasury, which prohibits any individual from the U.S from engaging in any transactions with them. By imposing these sanctions, it makes it nearly impossible for U.S based companies to pay the ransom without breaking any laws. BleepingComputer reports that Garmin paid the ransom due to the lack of known weaknesses in the WastedLocker virus code. If this statement is accurate, Garmin could be in hot water from a legal perspective and face fines and sanctions from the U.S. government.

With ransomware attacks increasing, companies need to make significant upgrades in their defense and response preparation. Several sources predict that WastedLocker does not yet appear to be able to have the capability to steal or exfiltrate data before encrypting the victim’s files. Encrypt in-place attacks such as this are much easier to recover.  Organizations need the ability to re-image machines and roll-back to a known safe backup and recovery data state.  The penalty for not being able to roll back to a secure data state is up to $10M.

With SecureCircle, companies can also protect against releasing data to the public extortion ransom demands.  Unauthorized users can never access data protected by SecureCircle, so hackers will not be able to access the contents even if they obtain the protected files.  SecureCircle recommends companies do not pay ransoms. There are no guarantees payments will return your data. Paying a ransom makes companies targets for additional ransom attacks.  Instead, companies should prevent ransomware attacks with SecureCircle. 


Read Article
Blog
Hackers Use Diebold Nixdorf Source Code to Attack Their ATMsHackers Use Diebold Nixdorf Source Code to Attack Their ATMs
August 10, 2020

Hackers Use Diebold Nixdorf Source Code to Attack Their ATMs

Once again, hackers have hit the jackpot. Diebold Nixdorf, a multi-billion dollar self-service point of sale and automated teller machine (ATM) manufacturer announced that cybercriminals had found a new way to dispense cash from their machines illegally.  The new software tool forced machines to dispense cash in a series of attacks across Europe.  The source of software used in the latest hacking tool is from Diebold Nixdorf.

Hackers have obtained Diebold Nixdorf's source code to build a new tool.  It is unclear how hackers could gain access to the machines' internal software, but insider threat is a possible cause.   In these attacks, cybercriminals start by breaking through the fascia of the machine.  Hackers proceed to unplug the USB cable that connects the CMD-V4 dispenser of terminals to attach a small electronic device. This device, known as the black box, connects to a diagnostic port on the ATM to spew cash. With the black box and Diebold's code combined, it triggers the machine to comply with the hacker's commands to dispense the money.  The black box was used frequently in many past attacks to jackpot ATMs. 

In theory, this technique allows hackers to plug the black box into network cables on the exterior of an ATM to gain cardholder information. From this, hackers can change the authorized withdrawal amounts from the host or impersonate as the host to discharge large amounts of cash. It does not appear that this method was used during the Diebold attacks but was a known method from the black box. 

A significant problem with all of this also includes physical access to ATMs.  Humans and technology can't monitor many machines because of their remote locations.  Thus, there is very little to prevent a criminal from tampering and to destroy the facade of the device. 

With SecureCircle, Diebold Nixdorf would prevent insider threats and data breaches by protecting their source code and avoiding black-box attacks.  SecureCircle persistently protects source code or any sensitive data at rest, in transit, and even in use without impacting end-users such as developers, changing business workflow, or increasing administrative overhead.


Read Article
Blog
Making an ROI Case for SecureCircleMaking an ROI Case for SecureCircle
August 6, 2020

Making an ROI Case for SecureCircle

Many of our customers have budgeted projects to improve or replace existing data protection solutions, so the ROI (return on investment) case has been made upfront. Typically this results from customers having poor experiences with DLP (data loss prevention), utilizing new cloud-based workflows, and needing better protection for sensitive or regulated data. A company board often reacts to an internal data breach event or an event at a peer or competitor, which strikes a nerve that a breach could happen to them. 

IBM's Cost of a Data Breach Report 2020 lists the average cost of a data breach to be $3.86M (worldwide). In the US, the average expense is $8.64M, the highest of any country. The financial impact of a data breach is why organizations that recently have a security event are always willing to pay for additional security—the cost of a security solution pails in comparison to the value of the data breach.

The threat of a GDPR fine also looms over companies. The EU has issued GDPR fines of over €100M fourteen times in the past 19 months. The most substantial penalty to date is still British Airways at over €204M. 

With the recent push to employees working from home, many companies spent a lot of money increasing VPN (virtual private network) capacity. Using VPNs to virtually place devices on the corporate network is a flawed security model. Under a Zero Trust security model, organizations have to assume threats already exist within the corporate network. Spending the money on the implementation of the fundamentals of Zero Trust would be a better alternative. 

If your company doesn't have a Zero Trust initiative, here are some tactical ways to show a quality ROI?

  • Do not renew existing products such as DLP, IRM (information rights management), Disk Encryption, File Encryption, and CASB (cloud access security broker). Depending on the data workflow, removing these products becomes an option for companies. In the case of DLP, DLP also requires discovery and classification tools, which SecureCircle does not need.
  • DLP requires ongoing rule creation and management. Rules allow or reject every action. The operational overhead burdens organizations with hundreds of hours of work each year. SecureCircle's Zero Trust model protects by default and doesn't require the overhead other solutions require.
  • One solution many organizations use is VDI (virtual desktop infrastructure). Customers create VDI walled gardens to keep sensitive data such as source code protected. Developers hate VDI because it is slow and restricts productivity. VDI licenses are also costly. 

Each of the three suggestions creates a positive ROI that also provides superior protection, mitigation for data breaches and insider threats, transparent end-user experience, and without the burden of legacy operational overhead.


Read Article
Blog
Hackers Targeting Small EnterprisesHackers Targeting Small Enterprises
August 4, 2020

Hackers Targeting Small Enterprises

For an average hacker, small enterprises can be the perfect target. Many small enterprises tend to have less sophistication in their company's cybersecurity or assume that they are too small even to attract hackers. These reasons pave the way for hackers to attack small enterprises efficiently. According to the 2020 Verizon Data Breach Investigations Report, almost a third of data breaches involved small enterprises. 

Many small enterprises lack the security that many larger organizations have to protect their data. Small enterprises are more vulnerable because they often do not have the budget to take on higher security measures. On the other hand, some may not want to spend their budget on cybersecurity, assuming that hackers will have little to no interest in their data. When small enterprises overlook the value of their information, they give hackers a more significant advantage. Unfortunately for these small enterprises, hackers will attempt to take any personably identifiable information of customers. According to the Verizon report, phishing is the biggest threat for small organizations. The increasing number of small enterprises using cloud and web-based applications and tools allows them to become prime targets for hackers. 

Many small enterprises involved in successful data breaches struggle to stay open. When small enterprises are not prepared enough to handle a cyberattack, they may shut down. Almost 60% of small enterprises close their doors within six months of the attack. Many of which are due to the lack of money and customer trust. 

Security researchers have uncovered that Magecart, a group of malicious hackers, was able to infect over 570 e-commerce sites worldwide over the past three years. The group targetted small enterprises assuming that they were less well-defended. Along with that, the group was able to compromise about 700,000 customer cards and made millions. This example shows how essential cybersecurity is to small enterprises. Without it, they can face many consequences, such as lost revenue, compliance fines, and negative impacts on reputation.

With SecureCircle, small businesses will have a cost-effective solution to protect their data. As the impacts of data breaches are rising, small enterprises should take on higher security measures. SecureCircle's Data Access Security Broker (DASB) protects data at all times, including at rest, in transit, and in use. With DASB, your control will never be compromised while enabling access. 


Read Article
Blog