Browse our blog to see what our experts are talking about, and for insights on the latest cyber security trends impacting your business.

Need Zero Trust for a Remote Workforce? There's a Missing Link.Need Zero Trust for a Remote Workforce? There's a Missing Link.
October 24, 2020

Need Zero Trust for a Remote Workforce? There's a Missing Link.

Think you've secured every part of your remote employee's access? Think again. Here is what typical remote workforce security looks like:

  • the employee logs in to your network through the secure VPN - check.
  • employee uses cloud services and manipulates data, protected by the SaaS vendors - check.
  • employee access to data in the SaaS apps is limited by access controls - check.
  • employee exports data from the cloud service, and now has unfettered access to share or leak that data - OOPS!

Many enterprises have perimeter security, identity and access management, and contracts with SaaS vendors to protect their data while it is in the cloud. The weak link is the moment that data is exported by a user from a cloud service - whether Box, Dropbox, Salesforce, Github, AWS folders, SAP, etc. From the moment of export, the SaaS app vendor is no longer responsible for the data or its security, and other security tools like CASB do little to protect the data that has been exported. This allows ordinary users to accidentally share the data where it doesn’t belong, and malicious users to purposefully extract data with ease! 

This problem has been referred to as "last mile security", suggesting it is a minor edge case to be addressed down the line. However with the explosion of remote workers, contractors and 3rd party vendors working for most enterprises, and the fact that most data is now hosted in cloud services - this problem is now anything but "last mile". Securing data as it’s being exported into the user’s hands - data at the point of egress, in other words - is now front and center as the big challenge of enterprise data protection today.

What Security Tools Exist to Protect Data Exported From Cloud Services?

There are technologies that are commonly used to protect data exported from cloud services and SaaS applications, however as we will see, the problem with these technologies is that they do not work at scale. This is why cloud data leaks are so rampant, and only increasing in today's world of remote work. 

Cloud Access Security Brokers, or CASB, are installed by enterprises to filter data that passes to and from the cloud. 

By default, they allow all data to pass through unfettered, but run algorithms to attempt to identify and classify sensitive data and block the sensitive data from being shared, based on a rule set. Unfortunately, the automatic identification of data is highly error prone, often blocking data that should not have been blocked, while missing highly sensitive data that is allowed to pass without a word. 

CASBs have some practical uses. They can be useful to identify "shadow IT" - unsanctioned cloud services that employees are using. CASBs can apply classification to data that passes in and out of the cloud, which can be useful for enterprise data management and analytics, privacy and compliance programs. But as a way of solving the last mile problem, CASB does not begin to protect data accurately, and imposes a heavy burden on productivity along the way. 

Digital Rights Management, or DRM, is another technology that traditionally attempts to protect data exported from cloud services. DRM manipulates the data that has been exported from the cloud, encrypting files and embedding access control information into the header such that any attempt to access the file requires a callback to the enterprise server to allow the file to be decrypted. Unfortunately, this technology still relies on identification and classification to accurately identify what files to encrypt, which is highly error prone. And files that do get encrypted impose a heavy usability burden. Only certain file types can be encrypted, they can only be read by certain applications, they require special access credentials, there is no interoperability between DRMs, and access rights are often too restrictive, just to name a few limitations - rendering DRM-protected data unusable at scale. In practice, there are virtually no real-world examples of DRM deployments in the enterprise.

DASB Provides Zero Trust Data Protection, at Scale

Data Access Security Broker (DASB) is the missing link to protect data exported from cloud services, and more generally, to protect any data. 

There are 3 keys to the DASB paradigm:

  1. Data is protected by default. Much like a firewall that protects by default and allows by exception, DASB protects all data exported from cloud services by default. This is very different from CASB that is heavy and error-prone data classification techniques. 
  2. DASB is completely transparent to the end-user. DASB is able to protect by default because it can do so without the end-user even knowing that it is working behind the scenes. 
  3. DASB protects any type of data. Not just office files, but all formats including source code, specialized CAD, MOV and other formats, even home-grown and legacy data formats. 

When you can protect all data by default, any data type, and do that in a way that is completely transparent to the end-user, you have a paradigm that scales

With DASB, enterprises are now able to achieve zero-trust data protection, even on data exported from their SaaS apps into the hands of remote workers, contractors and third-party vendors. At scale, this means the largest enterprises enable productivity of their remote workforce with total protection. That data remains persistently protected wherever it goes, only accessible to those who have permissions to access it. However, DASB is completely invisible to end-users. This is true for any data type, without modifying applications or the data itself.

In today's work-from-anywhere world, there is a missing link. Controlling data once it is exported out of your perimeter and out of your SaaS apps. This is a rampant source of data leaks because no technology exists that can solve the problem at scale - until now. Welcome to DASB.

Read Article
Zero Trust: SecureCircle plus Endpoint Detection and ResponseZero Trust: SecureCircle plus Endpoint Detection and Response
December 31, 2020

Zero Trust: SecureCircle plus Endpoint Detection and Response

The Challenge

ISCS obtains confidential information from their customers as part of the normal operations. The data could include business plans, detailed cost information, and intellectual property such as source code. ISCS wants to deploy a Zero Trust data security solution to demonstrate to customers’ their data is safe by preventing insider threats and securing SharePoint sites which ISCS uses to collaborate with their customers.

The Solution

Unlike other security solutions which rely on users to be involved in the security process, SecureCircle has adopted a Zero Trust philosophy. Zero Trust data security is a practice of never trusting users with data. For zero trust to be effective, data must be secured by default and not by exception.

ISCS has a very cloud-centric application model which can cause issues with users downloading SaaS data on unauthorized devices. To prevent this, ISCS has adopted SecureCircle’s Data Access Security Broker (DASB). Now, all data downloaded from the cloud will automatically be secured by SecureCircle. SecureCircle is deployed as a SaaS service itself, so there are no operational tasks involved with maintaining SecureCircle. Employees are unaware of any additional layer of security since their workflow for downloading SaaS data such as Microsoft, ADP, and Oracle has not changed and employees continue to use the same applications.

SecureCircle monitors the ISCS SharePoint Server and SaaS applications such as ADP, Oracle, NetSuite, GitHub, and others to automatically secure data as it leaves the cloud and moves onto employee endpoints. SecureCircle is able to secure corporate devices and well as BYOD devices. There is no change to data in the cloud so all SaaS applications continue to work without modification or awareness SecureCircle is securing data as the data egresses.

All identity management is centralized with ISCS’ existing Azure Active Directory server. Deployment of SecureCircle is simple for ISCS. ISCS deploys SecureCircle endpoint agents via their Mobile Device Management (MDM) solution that is already in place to deploy and update applications on endpoints.

The Outcome

Since other data security services cannot meet the requirements of Zero Trust, by deploying SecureCircle the ISCS CISO said, “The combination of SecureCircle with an advanced Endpoint Detection and Remediation solution provided us the capability to affordably implement a Zero Trust security architecture that completely captures and controls all user’s interactions with our information no matter where they are, what device they are using (corporate owned, BYOD or customer owned) or what system they are using. SecureCircle is the breakthrough information rights and data loss prevention technology we were looking for.”

Not only did SecureCircle secure ISCS data, but also without increasing the operational over-head required to maintain the solution.

Download PDF version of this case study

Read Article
Case Study
Millions of Data Leaked Due to Unsecured DatabasesMillions of Data Leaked Due to Unsecured Databases
September 28, 2020

Millions of Data Leaked Due to Unsecured Databases

Unsecured databases are quickly becoming a massive data security problem. Researchers have found close to 10.5 billion pieces of consumer data left vulnerable on almost 10,000 unsecured databases across 20 countries. With the information stored in unprotected databases, cybercriminals would have to put little to no effort to access the data. 

Since hacking databases can be an easy target for cybercriminals to steal data, they are becoming more frequent. Just the smallest mistake made by a database manager can lead to large amounts of intimate data to be left sitting on the internet. Virtually anyone could access these unsecured databases through publicly available websites and tools. Search engines such as Censys and Shodan assist hackers in scanning the web to view databases left open. 

With the data in hand, hackers can easily cause all sorts of damage to their victims and their data. Information such as full names, logins, and addresses are most valuable to spammers and cyber criminals conducting phishing campaigns. Data could also be used to run phishing attacks that could lead to thousands of dollars in losses from selling on the dark web.

Last month, 235 million users on popular databases such as Instagram, Tik Tok, and Youtube profiles were exposed to massive data leaks. Based on collected samples, one in five records contained either a telephone number or an email address. Along with that, every record contained some or all data, including full names, profile photos, and account descriptions.  The leaked data is said to have originated from a Hong-Kong registered company, Deep Social, which sells data on social media. 

Unfortunately, unsecured databases are not disappearing anytime soon. It will only become more common. For organizations to protect and secure their website databases,  they should deploy Zero Trust data security such as SecureCircle.  Regardless of where data is stored including databases, source code repositories, or SaaS applications such as Salesforce or Workday, data needs to persistently secure.  

At SecureCircle, we believe frictionless data security drives business value for our customers. End users operate without obstacles, while data is continuously secured against breaches and insider threats. Instead of relying on complex reactive measures, we simply secure data persistently in transit, at rest, and even in use.

Read Article
Enterprise Security Weekly | Zero Trust Data SecurityEnterprise Security Weekly | Zero Trust Data Security
September 28, 2020

Enterprise Security Weekly | Zero Trust Data Security

Enterprise Security Weekly | Zero Trust Data Security is a very popular security architecture that is being adopted by many organizations. In this webcast, Paul Asadoorian of Security Weekly and SecureCircle walk through how SecureCircle implements a zero-trust solution. A zero-trust solution requires the owner of the data to always be in control at all times. The owner is in control of all of the networks, devices, users, and data. 

Source code is one of the most fluid and valuable pieces of data that organizations need to protect and maintain control. With SecureCircle, keeping source code protected is now possible with Zero Trust Data Security. The owner of the source code will have control at all times and enables the developer to do their job without giving up control over their data.

Read Article
Traditional Data Security Fails to Be Zero TrustTraditional Data Security Fails to Be Zero Trust
September 28, 2020

Traditional Data Security Fails to Be Zero Trust

Data security tools are not providing enough value for their customers.  The average total cost of a data breach in the United States is nearly $9million per the 2020 IBM Cost of Data Breach Report.  That is a five % increase from 2019.  31% of data breaches in North America can be attributed to internal actors.

Per the Verizon 2020 Data Breach Investigations Report, 76% of companies that experienced breaches said remote work would increase time to identify and thus continue to increase costs to organizations.

What is Zero Trust Data Security

  • Zero Trust data security is a practice of never trusting users with data.  For zero trust to be effective, data must be secured by default and not an exception.
  • Never trusts the user with the data or giving them control. Instead, allow users to work with the data as if they’re in control.

Data breaches and news headlines confirm Data Loss Prevention (DLP) solutions are broken.  Customers like DLP because it seems easy. Three well-known steps: discover, classify, and protect.  With DLP, chief information security officers (CISO) and other security teams feel like DLP casts a wide net.

Customers dislike DLP because it relies on users to be trusted, which creates security gaps that are hard to anticipate.  Maintaining DLP is impossible because the DLP model creates rules to block behavior, so IT and security teams are constantly chasing the next unknown.  Rule maintenance is a never-ending battle of finding new egress points in organizations.  Let’s review the three components of DLP.

Discover and identification of data that needs to be classified doesn’t work because legacy DLP solutions rely on fragile pattern matching like a regex expression.  Tiny changes to the pattern leave false positives and negatives that are not reliable.  

DLP regex discovery may work for phone numbers and very static formatted data, but there is no pattern to match to locate ‘top secret’ data.  ‘Top secret’ data could include intellectual property, internal finance and HR data, and more.  DLP relies on users to discover this type of data.

Classify and tag data with labels so the protection systems can take the proper action.  Tagging data in legacy DLP solutions only captures the data at the moment in time.  DLP tags do not automatically update when the data changes.  DLP requires tags to be added to file metadata.  But most file types don’t support the ability to add metadata to the file.  This creates a dependency that DLP requires to function properly.  It is the same reason these solutions can’t support any file type or any application.  So again, DLP relies on users to classify and tag data.

Protection of tagged data.  Assuming the discovery and classification steps were correctly executed, data is protected by creating rules to block activity and transfers. Information is not protected by default.  DLP depends on rules that either block (stopping the action or transfer), allow, or encrypt the data.  Rules have to be created for every workflow possibility.  When new applications are used, new rules must be created.  When new functionality is added to existing applications, new rules must be created.  DLP is an operational nightmare as security teams are in an endless battle to keep rules updated.  Users will find ways to egress data.  There are too many possibilities, and manual rule creation is error-prone at a minimum and deficient for most organizations.

Alternatives to DLP include Secure Access Service Edge (SASE).  SASE is a combination of Cloud Access Security Broker (CASB), Secure Web Gateway (SWG), DLP, and SD-WAN to isolate applications, segment networks, and authenticate based on user permissions, authentication, and verification before giving access to resources that include data.  Designed for a cloud world, SASE puts a perimeter around cloud services but still forces all data through one focal point, which has different performance, reliability, and security concerns.  Data protection for SASE still relies on traditional DLP for data protection.  Therefore, SASE has the same downfalls as traditional DLP.

Another security option for organizations looking for Zero Trust data protection is Virtual Desktop Infrastructure (VDI).  VDI was never designed as a security solution.  VDI provides all the benefits of SASE by putting the user in the data center.  The user is working with data but doesn’t have control over the data.  The data is always in the data center.  VDI was designed for the local area network (LAN) world like a doctor's office or call center.  

VDI is used by some organizations to protect the holy grail of data, which is source code.  Source code is exceptionally challenging to secure because appeasing developers and not impeding their productivity or changing their workflow is always a concern for organizations.  Developers are a tough audience to keep happy.

The downfalls of VDI is that the solution is costly, latent, decreases productivity, and user experience is not optimal. Still, it does check all the requirements for Zero Trust data protection.

SecureCircle is able to deliver a Zero Trust data protection solution that allows organizations to control data without impacting how the user needs to do their job.  Users aren’t affected by reduced productivity or a change in the workflow, so they won’t try to find ways to get around security because security is transparent.

We have highlighted source code as the holy grail of data because source code has been complicated to secure. Still, SecureCircle protects data in other use cases such as (1) protecting SaaS data as it leaves the cloud application and (2) user-created content such as media, design, and office data.

Why Do Customers Choose SecureCircle?

  • We remove users from a security process so you don’t have to rely on users doing the right thing.
  • Transparent and frictionless to applications and users
  • Reduce cost and complexity (one tool, protect by default persistently)
  • Rapid deployment 

SecureCircle persistently protects data by default.  Data is secured at rest, in transit, and in use.  Organizations grant workflows, applications, or users the ability to egress data from protection and create auditable events for compliance visibility.  SecureCircle focuses on protecting not just devices or data but also the process and workflow around data creation, storage, and use.

SecureCircle tracks protected data, and when protected data is moved to new or unprotected files, the new file is automatically protected with the same permissions as the original data.  Tracking data and not files allows SecureCircle to allow copy and paste and SaveAs functions while continuing to protect data as it moves.

User, device, application, and network permissions can be changed in real-time since organizations never lose control of data regardless of where data is created, stored, or transferred.

SecureCircle is the only Zero Trust data protection solution that can protect data, reduce management overhead and cost, and not impact user behavior or workflow.

Download a PDF version of content

Read Article
Why Traditional Data Security Can't Be Zero TrustWhy Traditional Data Security Can't Be Zero Trust
September 21, 2020

Why Traditional Data Security Can't Be Zero Trust

Security Weekly Webcast: The challenge in securing data has increased in complexity as businesses move aggressively to cloud and modernize IT through the use of SaaS applications. In this virtual training, Paul Asadoorian of Security Weekly and SecureCircle will walk through how both legacy approaches, such as DLP, and modern approaches, such as CASB, struggle to plug the real world security holes that are required to meet a zero trust security model.As part of this training, the SecureCircle team will go deep into the different data security techniques and how zero trust requires more comprehensive protection that keeps data protected by default, not by exception.

Read Article
Intel Internal Data Leaked By Server Hacker or Third-Party?Intel Internal Data Leaked By Server Hacker or Third-Party?
September 3, 2020

Intel Internal Data Leaked By Server Hacker or Third-Party?

Yet again, another case of leaked data has hit the web. Intel, the largest chipmaker in the United States is investigating a data breach that leaked 20 GB of internal data. The assortment of documents included some marked as confidential, under NDA, and unrestricted secret. Till Kottman, a swift software engineer shared the data on the file-sharing site MEGA. 

Kottman claims to have received the files from an anonymous hacker who insists they breached Intel earlier this year. The hacker claims to have found the data on an unsecured server via a simple Nmap scan. Many of which had zip files with easy to guess passwords. Kottman received the leaks due to his management on a popular telegram channel that frequently leaks data from major tech companies. Just a few weeks ago, Kottman released source code files of over 50 high profile companies such as Disney. The data released on Intel included technical specifications, product guides, and manuals for the company's CPUs. This contained confidential details on chip road maps, development and debugging tools, schematics, training videos, process simulator ADKs, sample code, and Bringup guides. 

Even though the data breach did not include personal data of Intel’s clients or workers, it exposed the source code of their third parties. Intel denies Kottman’s claim the data breach was caused by the anonymous hacker. Intel claims the leaked data was from the Intel Resource and Design Center which hosts data for use by customers, partners, and external parties who have registered for access. Intel believes that an individual with access downloaded and shared the data. 

Whenever providing intellectual property access to another organization or individual, it is important to log who had access, when they had access, and what they accessed. With SecureCircle’s patented Data Access Security Broker (DASB), you have control of your data. Every action to your data turns into an auditable event. DASB is a completely transparent data-centric protection solution, which not only provides a data log that becomes auditable when integrated with your SIEM but also enables mapping to a wide variety of compliance requirements pertaining to data visibility/tracking and protection/encryption. So even if Intel’s third parties had access to data, SecureCircle would’ve been able to protect the files from being released publicly.

Read Article
Cybersecurity Risks That Come With Remote LearningCybersecurity Risks That Come With Remote Learning
September 3, 2020

Cybersecurity Risks That Come With Remote Learning

For many students, back to school session is right around the corner. Under the new circumstances of remote learning, students need to become aware of the importance of data security. School districts in the United States already have many cybersecurity shortcomings. Many lack the funding and skilled personnel to provide cybersecurity defenses. With many cybersecurity vulnerabilities in remote learning environments, hackers know they are easily able to squeeze through the door and attack. 

SecureCircle understands the challenges enterprises have with protected sensitive data, including PII, PCI, PHI, and corporate trade secrets.  SecureCircle's Zero Trust data protection eliminates data breaches and insider threats by protecting all data outside of SaaS applications. SecureCircle's Data Access Security Broker (DASB) protects and monitors data, including data egressing from enterprise cloud services and managed repositories to enforce access controls on data regardless of location, including cloud and endpoint devices. SecureCircle protects data transparently and persistently at scale delivering the world's only Zero Trust data protection. Schools are not different.

Many schools are relying on video communications such as Zoom and Google Hangouts for remote learning. For many teachers, transitioning from in-class to online sessions has been pretty tricky already. Because of that, some teachers struggle to secure their data on the platforms adequately. “Zoombombing,” a term used for internet trolling on video conferences involving an unwelcome guest who takes over the audio or video controls to display inappropriate materials or remarks. Zoombombing was non-existent up until schools went online. On April 1, a video meeting hosted by Utah’s Alpine School District was interrupted by an uninvited guest. The hacker revealed pornographic images to dozens of elementary school students. Internet trolling is one of the many reasons why everyone should be taking extra security precautions online. Now, it is more common for schools to set up their meetings using passwords. 

Students who use learning platforms, such as K12 and Chegg, also face many cybersecurity vulnerabilities. With most of these platforms, students are required to create an account using their personal information. Without proper security measures, the user’s account information is bound to get stolen. Last year, K12 failed to keep one of their databases updated, which left almost 7 million records for 19,000 students available for anyone to take. The information exposed included full names, email addresses, birthdates, gender, age, and school names. Something as minor as a database issue can lead to a violation of a student’s privacy, increasing their risk of identity theft, spear phishing, or even physical harm. 

Another major issue with remote learning is the increased amount of phishing scams targeting students. Just with one click, a hacker can unlock your username, password, personal information, or even download malware onto the device. Hackers typically pose as administrators of the school, sending compelling messages to get students to click on their link. It is imperative for students to become aware of what they are clicking on and how much damage it can cause. 

We understand that teachers, parents, and students are not prepared to be IT administrators, so we’ve put together a few tips to improve your cybersecurity this school year.

  • Do not reuse passwords: If the password gets stolen, hackers are easily able to gain access to multiple different accounts.
  • Make sure your device is updated with the latest updates for your operating system and applications: many hackers rely on known vulnerabilities in older versions.
  • Never provide anyone your password.
  • Don’t post any personal information, such as your phone number or address online. Your teacher and school already know this information and will not be asking for it.

With SecureCircle, data is proactively protected regardless of where data is created, consumed, stored, or modified. SecureCircle’s DASB seamlessly integrates with existing systems, ensuring there is zero impact on the current workflow or productivity. Now more than ever, it is more vital that schools and students take on higher security measures.

Read Article
Why Legacy DLP Does Not WorkWhy Legacy DLP Does Not Work
August 20, 2020

Why Legacy DLP Does Not Work

In today's world, it is ubiquitous for employees to abandon ship to board another one. It is also common for these employees to take confidential data with them when leaving. Data loss can become very damaging for the company, especially when the employee leaves for a competitor. Three former employers of McAfee left at various points throughout the year for the companies rival, Tanium. McAfee, a computer security company, is now filing a lawsuit against its former employees for the conspiracy of stealing trade secrets. 

Once McAfee realized that three members from its sales staff were poached, they conducted a forensic examination of their computers. According to the lawsuit, McAfee discovered the former employees transferred confidential company information to unauthorized USB devices, private email addresses, and cloud-based drives. One of the employees had accessed a spreadsheet file containing detailed information about potential McAfee sales even after announcing their resignation. 

Ironically a leader in legacy DLP (data loss prevention) such as McAfee demonstrates why legacy DLP doesn't work.  McAfee was not able to recognize stolen data until months after the damage done. Along with this, they still were not able to determine what data and how much data left.

SecureCircle is the only data protection solution that adheres to the Zero Trust security model.  SecureCircle's DASB (Data Access Security Broker) mitigates insider threats and data breaches by proactively protecting your data, whether at-rest, in-transit, or in-use.   There is no reliance on discovery or classification tools.  Protect data by default with granular permissions for users, devices, applications, networks, and more.

As users create content, SecureCircle analyzes the new data's dDNA (digital DNA) and compares it to the dDNA of protected data. If similarities are detected, SecureCircle automatically protects the information with the same access control policies as similar protected data. 

SecureCircle protects data in complex SaaS workflows, such as source code protection.  Data is automatically protected when downloaded from a cloud repository such as GitHub, and data remains protected at all times while developers modify code. Protection is transparent to users, and users are free to use any IT authorized application.

With SecureCircle, companies are ensured data protection by default and visibility over every data access attempt.  With DASB deployed, companies can mitigate data breaches and insider threats such as employees taking confidential information to their next employer.

Read Article
Protecting Data From The Threat of Ransomware Protecting Data From The Threat of Ransomware
August 20, 2020

Protecting Data From The Threat of Ransomware

When engaging with customers, we focus heavily on finding ways to help them on their journey to implementing a Zero Trust security strategy. After going deep on how we deliver persistent protection customers often ask how we can help defend against ransomware.

When it comes to protecting against ransomware, there are two scenarios that customers are looking to mitigate. Firstly, unrecoverable data destruction and secondly, and often, more importantly, the exfiltration of critical information. It’s this second scenario where SecureCircle provides the most strength. Persistent data encryption ensures data remains protected even from exfiltration by any unsanctioned endpoint processes.  What that means is although end users don’t see SecureCircle, their critical business data is continually under protection as they go about their daily workflows.

Ransomware needs to be granted explicit access to read unencrypted bytes (the actual content) if protected by SecureCircle. Thus, any ransomware process spawned with the intent to gain access to critical data for the threat of leakage is not in a position to read valued business data.

For many customers deploying SecureCircle in combination with an air-gapped backup strategy protects against both the threat of exfiltration and data destruction. SecureCircle’s persistent data protection, combined with a traditional approach to backup, help to close the gaps that ransomware attacks look to exploit.

In order to balance the goal of tight security and transparent user experience, SecureCircle continuously monitors data access in real-time to ensure we only allow sanctioned users and process access to encrypted data. The result is raw data is just not readable to unapproved processes that ransomware executes. By watching low-level data operations, we gather fine-grained telemetry information for deeper visibility into data access activities, including ransomware behavior.

Our primary focus has always been to keep data safe wherever it is stored. We strongly believe that customers who implement a comprehensive zero trust security model are well-positioned to protect against ransomware in the same way they can be kept safe from insider threats.

Read Article
Forrester features SecureCircle in Forrester Zero Trust eXtended EcosystemForrester features SecureCircle in Forrester Zero Trust eXtended Ecosystem
January 21, 2021

Forrester features SecureCircle in Forrester Zero Trust eXtended Ecosystem

Forrester Research has named SecureCircle a 'Forrester features SecureCircle in Forrester Zero Trust eXtended Ecosystem' in the August 2020 report - The Zero Trust eXtended Ecosystem: Data, Secure Data Independently and in each Pillar of the Zero Trust Framework by Heidi Shey, Chase Cunningham with Amy DeMartine, Kate Pesa, Diane Lynch.

"SecureCircle is thrilled to be recognized by Forrester for our innovative data security approach. Enterprises that have adopted a Zero Trust framework have been using non-Zero Trust data protection solutions for years. Traditional DLP for example relies on discovery and classification of data before protection. A true Zero Trust data protection solution such as SecureCircle protects data by default and has granular access control to authorize access based on user, device, application, and network," said Jeff Capone, CEO and co-founder of SecureCircle.

The full report is available at (pay wall)

About SecureCircle

SecureCircle's Zero Trust data protection eliminates data breaches and insider threats by protecting all data outside of SaaS applications. SecureCircle's Data Access Security Broker (DASB) protects and monitors data, including data egressing from enterprise cloud services and managed repositories to enforce access controls on data regardless of location, including cloud and endpoint devices.  SecureCircle protects data transparently and persistently at scale delivering the world's only Zero Trust data protection.

Read Article
Cost of Data BreachesCost of Data Breaches
August 18, 2020

Cost of Data Breaches

With all of the unexpected changes occurring in 2020, some things remain the same. For its 15th year, the Ponemon Institute has conducted research to produce the annual Cost of Data Breach report published by IBM Security. This report provides a detailed view of the financial impacts, and risks security incidents can have on organizations.

This year's report enlists 524 organizations that have encountered data breaches between August 2019 and April 2020. The 2020 report demonstrates consistency with previous research from the last few years. The global cost of a data breach, which averaged $3.86M this year, was decreased by about 1.5% from 2019. Among that, the average time to identify and contain a data breach went from 279 days to 280 days in a year. Despite the availability of new technology, the response time has not changed within the past five years. 

This report shows how customer personally identifiable information (PII) was the most expensive type of record. This year, the average cost of a lost or stolen record is $150. Customer PII was also the most frequently compromised data, showing up in 80% of analyzed data breaches. With SecureCircle, Customer PII data is protected by default. SecureCircle is data-centric, so when data including PII information is copied from one protected file to another, protection follows the actual data.

Malicious attacks slightly increased from 51% to 52% in 2020. Data breaches due to compromised credentials averaged $4.77 million, third-party vulnerabilities averaged $4.53 million, and cloud misconfiguration averaged $4.41 million. 

With many organizations switching to a remote workforce, 76% of organizations from the report believe that the cost of data breaches will only increase.  The report predicts that with a remote workforce, responding and containing a data breach will be much more difficult and time-consuming. With the research and findings of the report, organizations should realize the dangers of data breaches. Tools like SecureCircle should be deployed in these organizations to reduce risks with automated data protection. SecureCircle's Zero Trust framework protects data by default without any user interaction required.  All data downloaded to employees' devices at home are protected automatically - whether the data is downloaded from a SaaS or cloud application, a corporate file server, or created on the endpoint.  Adhering to Zero Trust, SecureCircle doesn't believe in safe and unsafe network locations.  Data security is applied to devices at home with the same protection as devices inside the corporate network.

The data breach report highlights that many enterprises are still having trouble protecting data that should never leave an organization.  Architecture's like Zero Trust focus on not automatically trusting anything inside or outside its perimeters and instead verify every action.

SecureCircle persistently protects all data by default.  All permissions can be changed in real-time regardless of the location of the data.  Protection is transparent to end-users with no change to the workflow.  All file types and applications are supported by default, with no development required.  SecureCircle is the only data protection that adheres to Zero Trust. 

Read Article
Garmin Suffers from a Multi-Million Dollar Ransomware AttackGarmin Suffers from a Multi-Million Dollar Ransomware Attack
August 11, 2020

Garmin Suffers from a Multi-Million Dollar Ransomware Attack

Once again, a massive ransomware attack causes a global outage. Garmin, a sport and fitness tech giant reportedly paid millions of dollars in ransom after shutting down from the attack. The attack put Garmin’s wearables, apps, websites, and call centers offline for several days. The payment was presumed to be around $10M. 

Several sources have confirmed that WastedLocker ransomware was to blame for the attack. Evil Corp, a known Russian-based hacker group, reportedly operates WastedLocker.  Garmin declined to explain the specific cause of the attack but reportedly negotiated with Evil Corp to restore their service. Garmin paid the ransom through a ransomware negotiation company called Arete IR. According to BleepingComputer, Garmin received a decryption key to access data encrypted by the virus. 

Last December, Evil Corp was placed under sanctions by the U.S treasury, which prohibits any individual from the U.S from engaging in any transactions with them. By imposing these sanctions, it makes it nearly impossible for U.S based companies to pay the ransom without breaking any laws. BleepingComputer reports that Garmin paid the ransom due to the lack of known weaknesses in the WastedLocker virus code. If this statement is accurate, Garmin could be in hot water from a legal perspective and face fines and sanctions from the U.S. government.

With ransomware attacks increasing, companies need to make significant upgrades in their defense and response preparation. Several sources predict that WastedLocker does not yet appear to be able to have the capability to steal or exfiltrate data before encrypting the victim’s files. Encrypt in-place attacks such as this are much easier to recover.  Organizations need the ability to re-image machines and roll-back to a known safe backup and recovery data state.  The penalty for not being able to roll back to a secure data state is up to $10M.

With SecureCircle, companies can also protect against releasing data to the public extortion ransom demands.  Unauthorized users can never access data protected by SecureCircle, so hackers will not be able to access the contents even if they obtain the protected files.  SecureCircle recommends companies do not pay ransoms. There are no guarantees payments will return your data. Paying a ransom makes companies targets for additional ransom attacks.  Instead, companies should prevent ransomware attacks with SecureCircle. 

Read Article
Making an ROI Case for SecureCircleMaking an ROI Case for SecureCircle
August 6, 2020

Making an ROI Case for SecureCircle

Many of our customers have budgeted projects to improve or replace existing data protection solutions, so the ROI (return on investment) case has been made upfront. Typically this results from customers having poor experiences with DLP (data loss prevention), utilizing new cloud-based workflows, and needing better protection for sensitive or regulated data. A company board often reacts to an internal data breach event or an event at a peer or competitor, which strikes a nerve that a breach could happen to them. 

IBM's Cost of a Data Breach Report 2020 lists the average cost of a data breach to be $3.86M (worldwide). In the US, the average expense is $8.64M, the highest of any country. The financial impact of a data breach is why organizations that recently have a security event are always willing to pay for additional security—the cost of a security solution pails in comparison to the value of the data breach.

The threat of a GDPR fine also looms over companies. The EU has issued GDPR fines of over €100M fourteen times in the past 19 months. The most substantial penalty to date is still British Airways at over €204M. 

With the recent push to employees working from home, many companies spent a lot of money increasing VPN (virtual private network) capacity. Using VPNs to virtually place devices on the corporate network is a flawed security model. Under a Zero Trust security model, organizations have to assume threats already exist within the corporate network. Spending the money on the implementation of the fundamentals of Zero Trust would be a better alternative. 

If your company doesn't have a Zero Trust initiative, here are some tactical ways to show a quality ROI?

  • Do not renew existing products such as DLP, IRM (information rights management), Disk Encryption, File Encryption, and CASB (cloud access security broker). Depending on the data workflow, removing these products becomes an option for companies. In the case of DLP, DLP also requires discovery and classification tools, which SecureCircle does not need.
  • DLP requires ongoing rule creation and management. Rules allow or reject every action. The operational overhead burdens organizations with hundreds of hours of work each year. SecureCircle's Zero Trust model protects by default and doesn't require the overhead other solutions require.
  • One solution many organizations use is VDI (virtual desktop infrastructure). Customers create VDI walled gardens to keep sensitive data such as source code protected. Developers hate VDI because it is slow and restricts productivity. VDI licenses are also costly. 

Each of the three suggestions creates a positive ROI that also provides superior protection, mitigation for data breaches and insider threats, transparent end-user experience, and without the burden of legacy operational overhead.

Read Article
Hackers Targeting Small EnterprisesHackers Targeting Small Enterprises
August 4, 2020

Hackers Targeting Small Enterprises

For an average hacker, small enterprises can be the perfect target. Many small enterprises tend to have less sophistication in their company's cybersecurity or assume that they are too small even to attract hackers. These reasons pave the way for hackers to attack small enterprises efficiently. According to the 2020 Verizon Data Breach Investigations Report, almost a third of data breaches involved small enterprises. 

Many small enterprises lack the security that many larger organizations have to protect their data. Small enterprises are more vulnerable because they often do not have the budget to take on higher security measures. On the other hand, some may not want to spend their budget on cybersecurity, assuming that hackers will have little to no interest in their data. When small enterprises overlook the value of their information, they give hackers a more significant advantage. Unfortunately for these small enterprises, hackers will attempt to take any personably identifiable information of customers. According to the Verizon report, phishing is the biggest threat for small organizations. The increasing number of small enterprises using cloud and web-based applications and tools allows them to become prime targets for hackers. 

Many small enterprises involved in successful data breaches struggle to stay open. When small enterprises are not prepared enough to handle a cyberattack, they may shut down. Almost 60% of small enterprises close their doors within six months of the attack. Many of which are due to the lack of money and customer trust. 

Security researchers have uncovered that Magecart, a group of malicious hackers, was able to infect over 570 e-commerce sites worldwide over the past three years. The group targetted small enterprises assuming that they were less well-defended. Along with that, the group was able to compromise about 700,000 customer cards and made millions. This example shows how essential cybersecurity is to small enterprises. Without it, they can face many consequences, such as lost revenue, compliance fines, and negative impacts on reputation.

With SecureCircle, small businesses will have a cost-effective solution to protect their data. As the impacts of data breaches are rising, small enterprises should take on higher security measures. SecureCircle's Data Access Security Broker (DASB) protects data at all times, including at rest, in transit, and in use. With DASB, your control will never be compromised while enabling access. 

Read Article
Security Weekly Virtual Hacker Summer Camp InterviewSecurity Weekly Virtual Hacker Summer Camp Interview
August 19, 2020

Security Weekly Virtual Hacker Summer Camp Interview

For a true Zero-Trust environment, it isn’t enough to think about data in cloud services and SaaS applications, we also must protect, control, and audit data that egresses form these services onto endpoints. SecureCircle protects data that egresses from cloud services and allows you to have control over it.

Read Article
The Missing Link For Zero TrustThe Missing Link For Zero Trust
September 16, 2020

The Missing Link For Zero Trust

The future holds endless possibilities. The next great moment, widget or experience is just around the corner. In cybersecurity, we have heard promises for a better future for decades. Different product categories have come (and, in some cases, gone). Many products were merely features and not a solution to a fundamental problem.

Marketing campaigns paint a picture that one solution fixes all your problems. The reality is there is no magic solution. One product isn't going to protect against phishing, malware, ransomware, lost or stolen devices, accidental sharing, malicious insiders, misconfigured permissions and secure collaboration.  

What the industry has been aiming for is a zero-trust solution. To implement zero trust, you need to have control over authentication, network, device and data. Today you can achieve control over authentication, device and network, but there is no control over data.

Once a user authenticates their identity, device and network, how do organizations protect data the user downloads from their SaaS solutions, like finance, human resources, sales or even software source code? Organizations need to add control over their data to achieve zero trust.

Authentication occurs over many protocols, but one of the most popular today is security assertion markup language (SAML). SAML centralizes identity and access management across cloud and endpoint. Identification must be managed centrally for all access control. Managing multiple authentication systems leads to data breaches, such as misconfigured authentication to cloud applications.

Achieve device control via mobile device management (MDM) and endpoint detection and response (EDR). MDM enforces that endpoints have a proper security posture, ensuring EDR and DASB installation. Administer the posture before the device gains access to cloud solutions such as Salesforce, Workday, GitHub or QuickBooks. Without a standard baseline security posture, a computer that downloads sensitive data may be at risk or may already be compromised. EDR will maintain security on the device and protects for malware, antivirus, key loggers and suspicious insider behavior. EDR can automatically monitor and disable suspicious devices and block the device and user from accessing any sensitive data based on historical usage profiles. An EDR is not looking for a specific risk signature but is looking for suspicious or unexpected behavior.

Transport layer security (TLS) ensures network control. TLS has replaced the secure sockets layer (SSL). The combination of MDM and SAML can ensure a device is connecting from a secure network location before accessing sensitive cloud data.

Read the full article here

Read Article
Cybersecurity Strategies (Infographic)Cybersecurity Strategies (Infographic)
September 16, 2020

Cybersecurity Strategies (Infographic)

The 2020 IBM Security Cyber Resilient Organization Report surveys more than 3,400 IT and security professionals from all over the world to determine their ability to detect, prevent, contain, and respond to cybersecurity incidents. SecureCircle offers the most innovative method of protecting any data using many of the strategies listed. 
Read Article
Data Security is Not Data Privacy Data Security is Not Data Privacy
July 27, 2020

Data Security is Not Data Privacy

Often the terms data security and data privacy are misused or interpreted as the same thing. Since data security and data privacy are both essential components of data protection, it is vital to know the difference between the two. Think about it this way. You protect your house with a door.  If the door is glass, does the door provide privacy? Two related but different concerns.

Data security protects valuable company and customer data and prevents the data from leaving the house. Data security applies specific controls, standard policies, and procedures via administrative tools, physical security, logical controls, organizational standards, and more. All of which leads to the protection of unauthorized access, accidental loss, and destruction of your data. 

Data privacy, on the other hand, is concerned with the proper handling of your data. For instance, when enterprises and organizations use data or information provided or entrusted to them, the data should only be used with consent from the owner. The data owner will have to provide information such as what types of data will be collected, for what purpose, and whom it can be shared with. The European Unions' GDPR (General Data Protection Regulation) requirements include the consent of subjects for data processing. Another critical element for privacy compliance with GDPR and CCPA (California Consumer Privacy Act) is allowing users to opt-out and have their data removed from any database.

With SecureCircle, your organization can achieve data protection over data in the cloud and local endpoints. SecureCircle's Data Access Security Broker (DASB) protects data without changing user behavior or business workflows. DASB protects all data by default and creates an opt-out security model that does not rely on discovery or classification.

SecureCircle’s data access security broker (DASB) automatically tracks data within a file. When data from a protected file is copied and pasted into a new document, the new document automatically is protected with the same permissions as the original file.

While SecureCircle protects data from leaving the house, it can also aid in data privacy. Data privacy is based on internal workflows to segregate users and processes which can access data. Often, a database or SaaS application stores sensitive data, and users export and download the data to their computer for utilization.  Organizations lose control of the data once it leaves the SaaS application. Control is also lost when users email and transfer the data to coworkers and even external 3rd parties. DASB automatically protects the data that egresses from the cloud service or SaaS app and tracks the information as it moves. Organizations can report on all users that have accessed specific files and their derivatives.  Organizations can also disable files that contain data that no user should have access to as part of GDPR or CCPA data hygiene.

Data security and data privacy are different. Luckily SecureCircle solves data protection for cloud and local data without impacting users or workflows. DASB aids companies in meeting data privacy requirements such as GDPR and CCPA. With SecureCircle, the glass door on the house becomes a wooden door. The wooden door is able to protect your house as well as secure your privacy. SecureCircle allows you to have both data security and data privacy. 

Read Article
Targets on Large EnterprisesTargets on Large Enterprises
July 27, 2020

Targets on Large Enterprises

Large enterprises have always been targets for hackers. Most hackers are mainly attracted to the massive amounts of capital and the customer base of large enterprises. According to the 2020 Verizon Data Breach Investigations Report, almost two-thirds of data breaches involved larger enterprises. 

Even though most large enterprises can afford to take on higher cybersecurity measures, why do they encounter so many data breaches? Well, unfortunately for enterprises, it is virtually impossible to prevent cybercriminals from attacking. According to the Verizon report, phishing is one of the top threats towards more substantial enterprises. Since larger enterprises have more employees than smaller enterprises, a lot more mistakes can occur.  Human errors allow data to be left vulnerable.  The challenge for large enterprises is to scale security.  

Along with the more substantial amount of employees, large enterprises also have more suppliers and partners. By acquiring another company, large enterprises also risk any vulnerabilities and security issues their third-party may have. Many possible human errors that could occur in large enterprises allow a lot of data to be left vulnerable.

Hacking larger enterprises can be more difficult for cybercriminals compared to smaller ones. However, if the hackers are successful, they can gain so much more from it.  Per the Verizon report,79% of cybercriminals' motivation for attacking large enterprises is financial gain.  Many hackers can make a fortune just from gaining loads of personal data to sell on the dark web.

So far this year, many data breaches involving large enterprises have occurred. Many enterprises, such as Marriott, Microsoft, and Nintendo, have suffered from a cyber attack. All of which have compromised millions of users and their private data. Even though many larger enterprises can survive their cyberattacks, most have lost trust from their customers. 

Even though large enterprises deploy cybersecurity, many still struggle to prevent cyber attacks. With SecureCircle, large enterprises will have a cost-effective solution to protect their data. As data breaches continue to rise, larger enterprises should take on more effective security measures. SecureCircle's Data Access Security Broker (DASB) protects data at all times, including at rest, in transit, and in use. With DASB, it empowers you to enable secure access and full data control with no impact on applications, workflows, overhead, or end-user experience.

Read Article