Data Protection needs to be agnostic like Switzerland
May 9, 2018
March 31, 2020
A thorough data security solution needs to be all encompassing and cannot limit protection to a subset of content. Data security should not be restricted by file size, application, location, device, or file type.
5 things to look for when evaluating data security solution
1) Check the documentation and release notes for file size limitations
Vendors are actually very proud when the limit is increased and will list this as an improvement in documentation. In reality, this just highlights a major lack of protection.
A well-architected security solution will not have any limit beyond what the operating system supports. If the operating system can open a 2TB CAD drawing, data security should be able to protect it.
2) Does the vendor sell multiple products: Acme Security for Office, Acme Security for Dropbox, Acme Security for Files
Some vendors require organizations to buy, install, and manage multiple applications. Each application provides protection for a specific data workflow or storage location.
Organizations would have to stop using a specific cloud solution because the vendor doesn’t support it. If SuperFastCloud is the best solution, users are going to find a way to use it regardless of data security.
Some vendors also require users to open files through a launcher/helper app or even a web portal. Users should not have to change their behaviors. Users should not be based to change their workflow.
3) Verify data security solutions don’t have location restrictions. Files should be stored anywhere to allow users to effective as well as collaborate seamlessly.
If files can be transferred via email, USB, cloud storage, messaging apps, etc. data protection should follow. It’s unrealistic to say data protection doesn’t apply to files stored in specific locations like SMB file servers or DFS locations.
4) Ensure vendors have solutions for any device. If the file can be used on a device, data protection should as well.
Data security solutions should work on laptops, desktops, phones, tablets, virtual devices, cloud endpoints as well as Linux, iOS, Android, Windows, and Mac.
5) All file types should be protected
Data protection should apply to any file without having to change file names or file extensions.
Best data protection is agnostic to file size, application, location, device, or file type
SecureCircle’s approach is data security is fundamentally different from other solutions. Borrowing on the Zero Trust philosophy, SecureCircle tries to protect all the data. When needed approved users can release files from protection so they can be shared with 3rd parties. All activity including releasing files from protection as logged to enable real-time monitoring, reporting, and auditing. SecureCircle’s Transparent File Encryption solution helps organizations ensure the security, visibility, and control of unstructured data from internal and external threats, regardless of format or storage location.
Key Features of SecureCircle
Completely transparent – Transparent File Encryption adds a nearly invisible layer beneath existing files which means users and applications interact with protected data in the same way they would unprotected data. This is a fundamental requirement to avoid user opt-out and ultimately data leakage. SecureCircle never changes file names or extensions and users open files with the same applications they use.
Always encrypted – As Transparent File Encryption is applied to a file, the files themselves are always encrypted from the moment they are created. Even as users interact with the content of the files (read/write), the file itself remains encrypted. Files are encrypted at rest, in transit, and in use. Derivative files are automatically protected via SecureCircle’s Similarity Detection Engine. Even temporary files created by applications and the operating system are always protected.
Always tracked – Each time the file is accessed or an attempt to access is made, the authorization process is logged, meaning the file itself is tracked in real time, regardless of where the file is stored. Detailed log information is made available to SIEM and security orchestration tools.
Always retractable – As a result of the always encrypted nature of Transparent File Encryption, files can be disabled regardless of their location. Admins can disable a file so no user can access the content or simply remove specific users and devices from accessing a file.
Always portable – SecureCircle’s Transparent File Encryption technology is cross-platform, file-type agnostic, application agnostic, and completely bound to the file it is protecting. Regardless of transport or device used, unstructured data can only be accessed by those who are entitled to access it. Data is safe even when it is stored in the public cloud, a public messaging service, or an unknown end-user device.
Prevent Data Breaches
Let’s discuss your unique cybersecurity challenges and needs.
If you want to notified when we post the newest content about mitigating insider threats, data breaches, protecting source code, and DASB, please subscribe to our SecureCircle newsletter.