Cyber Hygiene
Security Risks From Employees Working From Home
Audits Don't Solve Security Problems
Is 'Discover, Classify, Protect' Wrong In Cybersecurity Today?
Breadth Vs. Depth: Cybersecurity Industry Has Been Focusing On The Wrong Thing
Third Party Vendors
The Rise Of DASB, Sunset Your DLP
AWS Source Code Leak
End Source Code Theft
Why Isn’t DLP Preventing Data Breaches?
SecureCircle Data Access Security Broker (DASB) Selected By Quanta Storage To Eliminate Insider Threats
Organizations Should Bulk Up Cybersecurity In Case Of Iranian Cyber Attack
The Evolution of Data Protection
Ransomware stealing data before encrypting
Insider Threats Infographic
Who collected 4 billion records on 1.2 billion users?
Cisco Systems - Target of Malicious Insiders
New Yorks SHIELD Act
Insider Threat at Lion Air (Update)
How to Prevent the Lion Air Databreach
CIO IT Taiwan | SecureCircle 控管檔案讀取 權不怕合作生變造成洩密
How to Prevent the Mastercard Data Breach
Capital One Hacker Breached 30 Companies Through a Single Cloud Provider
Government Organizations Are Not Ready for Cyberattacks
How to Prevent the Boeing Data Leak
End Insider Threats Without Impacting Users Or Business Workflow
Singapore Overhauling Data Protection Practices
SecureCircle available on Taiwan Government CloudMarketplace
SecureCircle placed on UK Government Framework Catalogue
The New Federal Data Strategy
SecureCircle announces United Kingdom and EMEA Distributor, Care21
Quest Diagnostics and LabCorp in Trouble
Insider Threat in the Air Force
Disruptor Daily | What trends are shaping cybersecurity in 2019?
Disruptor Daily | What is the future of cybersecurity? Experts share their insights
How to Combat the Business Email Compromise Scam
How to Prevent Government Data Breaches
Availability Bias in Cybersecurity
How to Minimize Your Exposure to Employee Mistakes
A Look Inside Toyotas Second Data Breach
Four Keys to Data-Centric Data Protection
Asymmetric Information Causes Data Breaches
SecureCircle Introduces Send Secure for Agentless Protected Data Sharing
The Financial Consequences of a Data Breach
Insider Threats Can Happen to Anyone
Federal Data Privacy Laws Are Coming
Forget Collection 1: Here comes Collections 2-5
Forbes | 10 Industries On The Cusp Of Technological Disruption
Collection 1: Not a Big Deal?
It All Adds Up: Better Cybersecurity is a Necessity in 2019
Why New Year Resolutions Fail
9 Costly Security Mistakes
Security InfoWatch | The Last Mile Security at the Edge
2019 Security Predictions(Infographic)
Security Today | Rethinking Access Control
We love what we do - 2018 Review (Infographic)
Holiday Hacks Are Not Going Away
Solving Multi-Cloud Security
A better solution than web bugs for internal visibility
Why File Encryption is not enough - A Customer Conversation
Security, Visibility, and Control
SecureCircle Introduces Enhanced Cybersecurity Offering for Cloud-First Enterprises
Healthcare Needs a Change
What is old is new: Cold Boot Attacks
Inside Information - Data that should NEVER leave the organization
CTimes | SecureCircle and Netbridge Distribution Partnership (Chinese)
SecureCircle Announces Asia Pacific Distributor, NetBridge Technologies
Insider Threats
CSO | The hidden security problem we all need to know about
Opt-Out is more than blocking SPAM
What is Opt-Out Data Centric Protection? And why is it so important
Digital Hygiene in a GDPR World
Security Info Watch | Enterprises Beware: Cybersecurity Challenges in the Cloud
GDPR Readiness (Infographic)
The Lost Laptop
Strategic Finance | Security in a World of Zero Trust
Reading Between the Lines - The Real Impact of Insider Threat (Infographic)
Protecting Internal Data
Press & News Embargos
CSO | GDPR: Where are we now?
SecureCircle @ CIAB FEBRABAN, Sao Paulo Brazil - The Recap
California Consumer Privacy (The next generation of GDPR)
I am safe. My data is encrypted. Right?
University of Texas MD Anderson Cancer Center ordered to pay $4.3 million in HIPAA violations
Is my Air Gapped Computer Safe?
The Broken 80/20 Rule
SecureCircle and Fiandeira Tecnologia Showcase Unstructured Data Solution at CIAB FEBRABAN
SecureCircle will be exhibiting at CIAB Sao Paulo Brazil June 2018
Throw Tech Away - The Rise of a New Generation of Data Security
GDPR Compliance Tips: The Top Experts Speak
Are you ready for a password-less world?
CSO | The Impact of Human Behavior on Security
Account compromised? What about your file content?
Age old discussion: Convenience versus Security
SDxCentral | Four Security Myths You Need to Shake
Security Today | Digital Security in a Zero Trust World
MegaMinds AIthority Interview with Jeff Capone
2018 Govies Awards
Data Protection needs to be agnostic like Switzerland

The Real Enterprise Data Protection Problem: CAD files and Other Legacy Apps Data

Written by 
SecureCircle
 | 
October 7, 2020


Talk to any enterprise CISO and you quickly learn that despite all the DLP and encryption solutions that focus on protecting office files, the real problem that nobody talks about is protecting highly valuable data in non-office file formats:

  • Automotive, manufacturing and industrial enterprises rely heavily on the CAD design data format to store and exchange critical IP
  • Healthcare exchanges data in proprietary billing and patient record formats exported from Electronic Medical Records systems
  • Media and design enterprises put their most valuable IP into MOV and MP4 files, Photoshop PSD files and other media formats
  • Source code used more and more by large enterprises as part of their digital transformation contains valuable IP
  • MS Visio and MS Project formats - even Microsoft offers little to protect these critical forms of IP

Even worse, the majority of large enterprises also rely heavily on line of business ERPs like SAP, as well as their own legacy or home-grown line of business applications at the core of their operations. When data is exported from those applications whether for sharing internally or externally, that is an immediate threat to the business. 

Imagine a legacy CAD tool that produces an enterprise’s key industrial designs, however the editor is no longer supported by the vendor. Or a home-grown content authoring tool that no longer has an in-house development team. These legacy applications are so entrenched in business workflows that changing to another application for security reasons is unrealistic, so the enterprise has no choice to find a data protection solution… or simply operate with no protection. 

Compound this with sharing data between more remote workers and more data sharing with 3rd party vendors, and your most valuable data is simply pouring into the wrong hands at an alarming rate.

Traditional DLP Is Not Enough

Most enterprises have a data loss prevention (DLP) solution in place, but despite this data breaches still happen at an alarming rate. The root cause is simple: DLP lets all data flow by default and attempts to only selectively identify, classify and block sensitive data from falling into the wrong hands. But identifying sensitive data to protect is extremely error-prone. A DLP might be able to spot highly structured, pattern-oriented data like credit card numbers and social security numbers (though even that is not always true). But DLP will miss most forms of intellectual property like product designs, manufacturing blueprints, corporate IP, employee personal information, HR information, etc. This is because IP is rarely in a machine-detectable format like a credit card, and it is often housed in non-office formats like CAD, PSD, image files, source code, as well as legacy and proprietary formats that DLP doesn’t handle. 

No wonder half of all manufacturers experienced a data breach in the last year! 

Other traditional data protection technologies attempt to augment DLP to solve the issue, but are clearly ineffective as data leaks are still rampant. Manual classification, for example, puts the identification of IP in the hands of employees. However employees are busy, make error-prone decisions, and may even represent an insider threat.  Cloud Access Security Broker (CASB) and Digital Rights Management (DRM) are dependent on accurate identification of data as well, rendering them as inaccurate as DLP. And none of these solutions have true support for non-office data formats anyway.

Specialized Solutions for Different Forms of IP

There are security solutions marketed specifically for source code, or specifically targeted at protecting CAD designs. This may be the best way to address an urgent use case for a particular type of sensitive data.

Buyer beware, however: 

  • Many of these solutions are marketed as if specialized, however under the hood they simply use the same age-old techniques that have made DLP ineffective.
  • Purchasing solutions that are specialized in one use case may create additional integration and maintenance challenges 
  • There may not be a specialized solution for legacy or home-grown data formats.

DASB Solves the Enterprise Data Protection Problem

SecureCircle's Data Access Security Broker (DASB) is a specialized solution that addresses the unique needs of intellectual property data protection in any data format - CAD, PSD, Visio, MOV, etc. 

DASB achieves this in 3 ways:

  1. DASB’s default is to protect data, rather than allow data to flow. Much like a firewall that protects by default and only allows by exception, DASB protects any specialized IP by default. This is very different from DLP’s heavy and error-prone data classification techniques. 
  2. DASB is completely transparent to the end-user. DASB is able to protect by default because it can do so without the end-user even knowing that it is working behind the scenes. 
  3. DASB protects all types of data. Not just office files, but all formats including source code, specialized CAD, MOV and other formats, even home-grown and legacy data formats. 

DASB achieves this by adding an invisible layer of indirection between the user and the data, just as http became https by adding a layer of security over all exchanges on the web, regardless of the type of content served in your web browser. 

When it comes to legacy and home-grown client/server and web applications, DASB is agnostic to applications. Security is applied with zero change to the application and no impact to existing integrations or workflows.

And when it comes to users creating, copying and importing new data into the enterprise, DASB is data-centric.  DASB follows data as it moves from file to file and application to application to automatically protect derivative work without any user intervention and regardless of format including CAD, images, and health records.

A Specialized Solution, For All Data Types

CISOs who have already invested in DLP but still have a laundry list of unprotected data use cases need not worry. This is the sad norm. DASB is a specialized solution that can immediately solve a specialized data protection use case such as CAD manufacturing designs, media files, images, and homegrown and legacy data formats. DASB is fast to deploy and works in a way that is invisible to users and other security tools, so there is no need for custom integrations or changes to your process. An enterprise that deploys DASB will solve their data use case in days, not years.

But DASB is a paradigm shift that works for any data, allowing it to take on more and more use cases as needed, to evolve with the needs of your data protection strategy, rather than leaving you buying a separate product for every situation that comes up. 

What is your data protection use case? Put specialized DASB to the test. 


Prevent Data Breaches

Let’s discuss your unique cybersecurity challenges and needs.

Contact Us

If you want to notified when we post the newest content about mitigating insider threats, data breaches, protecting source code, and DASB, please subscribe to our SecureCircle newsletter.

Share: