Chat with us, powered by LiveChat

Compliance and Visibility

Every attempted and completed action taken to your data is now an auditable event.Organizations face an ever-increasing number of data security threats and information security standards and regulations.

Data breaches exposed more than 4 billion records in the first half of 2019, with three incidents making it on the list of the ten largest data breaches of all time. Breaches of all sizes not only damage an organization’s reputation and increase the risk of losing business and valuable intellectual property, they also open organizations to significant legal disputes and compensation claims from angry consumers.

The average total cost of a data breach is $3.92 million

Breaches arising from malicious attacks cost organizations $4.45 million on average

Breaches caused by human error cost an average of $3.5 million

On top of defending against a growing number of internal and external data security threats, most organizations must also comply with several information security related standards and regulations, from PCI and ISO 2700 to Sarbanes-Oxley and GDPR. 

Failing to comply with these regulations can be more expensive than recovering from a data breach. GDPR fines and penalties range up to €20 million or 4% of an organization’s worldwide annual revenue for the prior financial year, whichever is higher.

To avoid costly data breaches and non-compliance fines and penalties, organizations must adopt a data security approach that features persistent data protection, easy to manage access control policies, and an auditable trail of every action taken on data. 

A Transparent Solution to Data Tracking and Compliance 

SecureCircle’s patented Data Access Security Broker (DASB) gives you control of your data, while turning every action to your data into an auditable event. DASB is a completely transparent data-centric protection solution, which not only provides a data log that becomes auditable when integrated with your SIEM, but also enables mapping to a wide variety of compliance requirements pertaining to data visibility/tracking and protection/encryption.

SecureCircle enables businesses to identify the who, what, where, why, and when any action to your data – such as read, write, copy, or move – occurred, without interrupting existing workflows or tools. With DASB, your organization can view syslog output of every action that happened to your data with your log aggregation or SIEM tools 

Visibility extends to any derivative works created. DASB’s patented data security understands the DNA of a protected data. When similar DNA is found in another file, DASB will automatically protect the data with the same access rights as the original file, enabling your organization to protect new derivatives and clean up existing security lapses.

SecureCircle’s security and visibility assist organizations in mapping to a variety of compliance requirements, including but not limited to: 

SecureCircle Event Logging

SecureCircle’s rich event logging enables organizations to use the logs for a wide variety of security and compliance alerts and reports.Endpoint clients report events to the SecureCircle server.The SecureCircle server relays endpoint events and server events to any SIEM or log aggregator via HTTP or syslog output supporting both RFC 3164 and RFC 5424. Event Information includes device, application, user, file, and SecureCircle specific information. 

SecureCircle SIEM Report Examples 

File Tracking 

This search query will find all events related to FileID “{786cf105-8818-11eb-b961- 331a44ba6f20}”. Note: The same FileID can have multiple Filenames, so searching for a FileName could return only a subset of the FileID. 

Returns event activity by FileID including all users and devices that have accessed the data regardless if the filename changes.

This search query will return all secured files with file extensions found in ransomware attacks. 

FileID

This search query will return the location (latitude and longitude) of any secured data access represented in a map. The local pie chart on each location will return the device and user information.

Location

This search query will return Circle activity (reading secured data) in a Trellis chart with independent y-axis values. 

Circle activity

This search will return all the files automatically protected due to a derivative match to existing secured data. The report returns the parent file ID for additional analysis and investigation. 

Derivatives

User Tracking

This search query will return all the activity for UserName “Davin Gmail”. You can also search using UserEmail or UserID. Add a CircleID or CircleName to the search parameter to restrict the report to only files within specific Circles. Add a type=”decrypt” into the search criteria to only report the files decrypted by this user. 

User activity

Device Tracking

This search query will return device activity shown in timechart. 

Device activity

File System Reports

SecureCircle is able to track standard file system operations such as Files Created, Files Modified, Files Renamed, Files Cloned/ Copied, File Change Owner, Volume Mount, and Volume Unmount. 

This search query will return a timechart of files created. 

File creation

This search query will return the time periods when a file was modified. Time periods can be usually to identify events by work hours, or other criteria.

Activity by time

SecureCircle Reports

SecureCircle is able to track internal metrics and events.

This search query will return the count of access attempt errors. These could be suspicious activity or misconfigured permissions. 

Failed access reports

This search query will report Unknown or Unallowed Applications which attempt to open secured files. If an unknown application is repeatedly attempting access, it could be used to trigger a security event. 

Unknown or unallowed application

Sources:
Risk Based Security, MidYear QuickView Data Breach Report, https://pages.riskbasedsecurity.com/2019-midyear-databreach-quickview-report, 2019
IBM, Cost of a Data Breach Report, https://databreachcalculator.mybluemix.net/executive-summary/, 2019
DPREU.org, https://www.gdpreu.org/compliance/fines-and-penalties, Accessed November 2019

Ready to Get Started?

Secure your source code

Secure Your Source Code

Learn more about how SecureCircle secures Source Code for customers.

Read the Case Study
Book a demo icon

Book a Demo

Secure your data in transit, at-rest and in-use. SecureCircle is simple to deploy and no changes are necessary to your current workflow.

Book a Demo
CMMC icon

Cybersecurity Maturity Model Certification

SecureCircle helps organizations meet over 40 controls and practices to obtain Level 3 certification.

Learn More