When engaging with customers, we focus heavily on finding ways to help them on their journey to implementing a Zero Trust security strategy. After going deep on how we deliver persistent protection customers often ask how we can help defend against ransomware.
When it comes to protecting against ransomware, there are two scenarios that customers are looking to mitigate. Firstly, unrecoverable data destruction and secondly, and often, more importantly, the exfiltration of critical information. It’s this second scenario where SecureCircle provides the most strength. Persistent data encryption ensures data remains protected even from exfiltration by any unsanctioned endpoint processes. What that means is although end users don’t see SecureCircle, their critical business data is continually under protection as they go about their daily workflows.
Ransomware needs to be granted explicit access to read unencrypted bytes (the actual content) if protected by SecureCircle. Thus, any ransomware process spawned with the intent to gain access to critical data for the threat of leakage is not in a position to read valued business data.
For many customers deploying SecureCircle in combination with an air-gapped backup strategy protects against both the threat of exfiltration and data destruction. SecureCircle’s persistent data protection, combined with a traditional approach to backup, help to close the gaps that ransomware attacks look to exploit.
In order to balance the goal of tight security and transparent user experience, SecureCircle continuously monitors data access in real-time to ensure we only allow sanctioned users and process access to encrypted data. The result is raw data is just not readable to unapproved processes that ransomware executes. By watching low-level data operations, we gather fine-grained telemetry information for deeper visibility into data access activities, including ransomware behavior.
Our primary focus has always been to keep data safe wherever it is stored. We strongly believe that customers who implement a comprehensive zero trust security model are well-positioned to protect against ransomware in the same way they can be kept safe from insider threats.