3 Trends in Data Privacy Breach Laws That Will Carry Over to 2020

PAOLA MIRANDA | February 12, 2020 | 374 views

During 2019, new privacy laws were introduced, and many current laws evolved in the United States and across the global landscape. With the General Data Protection Regulation (GDPR) in full effect, we saw expensive fines levied upon companies that fell victim to data privacy breaches. As we move into a new year, probably the biggest takeaway from 2019 is that being proactive and having a data privacy strategy in place is important to help mitigate the risk of a data privacy breach. The regulatory landscape continues to evolve as states and countries actively pass new expanded requirements for privacy and cybersecurity regulations. While laws in the U.S., like the California Consumer Privacy Act (CCPA), are getting significant attention, many other states and countries are actively amending their breach notification laws to include tighter restrictions.

Spotlight

ReaQta

ReaQta develops an innovative advanced endpoint protection system based on a NanoOS capable of working between the operating system and the hardware. The privileged position on the system allows for a full control over exploitation attempts, malware infections and data exfiltration. A real-time Artificial Intelligence analysis system augments the whole protection both on the client and on the backend, alerting the security team about attacks, exfiltration attempts and anomalous behaviours.

OTHER ARTICLES
PLATFORM SECURITY

Security by Sector: Improving Quality of Data and Decision-Making a Priority for Credit Industry

Article | July 29, 2022

The subject of how information security impacts different industry sectors is an intriguing one. For example, how does the finance industry fare in terms of information security compared to the health sector, or the entertainment business? Are there some sectors that face greater cyber-threats and risks than others? Do some do a better job of keeping data secure, and if so, how and why?A new study of credit management professionals has revealed that improving the quality of data and decision-making will be a top priority for the credit industry in the next three years. The research, from Equifax Ingnite in collaboration with Coleman Parkes, takes a deep dive into the views of credit management pros across retail, banking, finance and debt management/recovery sectors.

Read More
ENTERPRISE SECURITY

The British government thinks process sensor cyber issues are real – what about everyone else

Article | July 20, 2022

When Joe refers to analogue devices, he is generally referring to ISA99 / IEC 62443 Level 0 devices, i.e. the sensors and actuators required in any cyber physical system. The vulnerability of these devices is often ignored as the security measures required to protect them are not purely technical but also involve physical and personnel security aspects along with process security (both of the metrology and processing by the device, as well as configuration management and control issues over the lifecycle of analogue devices). The security situation is not helped by the simplistic application of the triad of security goals (confidentiality, integrity and availability) to cyber physical systems.

Read More
DATA SECURITY, ENTERPRISE SECURITY

Ryuk: Defending Against This Increasingly Busy Ransomware Family

Article | November 22, 2022

On December 16, 2019, the U.S. Coast Guard disclosed a security incident at a facility regulated by the Maritime Transportation Security Act (MTSA). Forensic analysis suggests that the incident might have begun when an employee clicked on a link embedded in a phishing email.This action enabled a threat actor to set Ryuk ransomware loose on the facility’s network. Ultimately, the infection spread to all IT network files, leading Ryuk to disrupt the corporate IT network and prevent critical process control monitoring systems from functioning properly. Phishing is one of the primary infection vectors for most ransomware families, but there’s an interesting twist with this particular family. As noted by Malwarebytes, a typical Ryuk attack begins when a user opens a weaponized Microsoft Office document attached to a phishing email. Opening the document causes a malicious macro to execute a PowerShell command that attempts to download the banking trojan Emotet. This has the ability to download additional malware onto an infected machine that retrieves and executes Trickbot.

Read More

New Ransomware hitting Industrial Control Systems like a nuclear bomb

Article | February 10, 2020

Researchers at security firms including Sentinel One and Drago’s have been mystified by a piece of code named Ekans or Snake, over the last month. Drago’s publically released its full report on Ekans Ransomware that has recently inflicted Industrial Control Systems and these are some of the most high-value systems that bridge the gap between digital and physical systems. In the history of hacking, only a few times a piece of malicious code has been marked attempting to intrude Industrial Control Systems. Ekans is supposed to be the first Ransomware with real primitive capability against the Industrial Control Systems, software, and hardware used in everything from oil refineries to power grids. Researchers say this ransomware holds the capability to attack ICS by Honeywell and GE as well.

Read More

Spotlight

ReaQta

ReaQta develops an innovative advanced endpoint protection system based on a NanoOS capable of working between the operating system and the hardware. The privileged position on the system allows for a full control over exploitation attempts, malware infections and data exfiltration. A real-time Artificial Intelligence analysis system augments the whole protection both on the client and on the backend, alerting the security team about attacks, exfiltration attempts and anomalous behaviours.

Related News

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

AdaCore Launches RecordFlux

Businesswire | March 28, 2023

AdaCore, a trusted provider of software development and verification tools, today announced the launch of its new RecordFlux technology, designed to ease the development and security of binary communication protocols. The technology comprises a Domain Specific Language (DSL) to precisely describe complex binary data formats and communication protocols, and a toolset to verify specifications and generate provable SPARK code that can be executed on a target CPU. Through RecordFlux, users can define and implement complex communication protocols and prove security properties, such as memory safety, at much less cost and effort than would be possible with a manual approach. The precision of the RecordFlux DSL ensures that the specifications are unambiguous, the high-level nature of the DSL makes the specifications easily understandable by domain experts, and the expressive power of the DSL can capture the most complex real-world protocols. And since the RecordFlux code generator produces source code in the formal methods-based SPARK language, users can obtain automated proofs of a wide range of security properties in the resulting software. The net effect is more secure and reliable code, at lower cost. “Interaction between software components is governed by protocol and format specifications. Unfortunately, most specification documents are complex texts written in English which need to be translated to software implementations manually, leaving room for human error,” said Alex Senier, AdaCore’s RecordFlux Team Lead. “Logic errors and critical flaws are often poorly mitigated by the widespread use of unsafe programming languages, resulting in severe security vulnerabilities. With RecordFlux, we aim to provide a solution that saves time and money by automating provable code generation while ensuring the absence of low-level vulnerabilities like buffer overflows that attackers could exploit.” About RecordFlux RecordFlux is a toolset for creating high-assurance implementations of binary data formats and communication protocols. The technology includes a Domain Specific Language, a comprehensive toolset, and customized expert support. By using SPARK Pro, developers can take the SPARK code generated from RecordFlux specifications and automatically prove that the code is free of run-time errors and respects the original specification. Code generated by RecordFlux is also compatible with GNAT Pro Assurance, AdaCore’s complete solution for projects with the most stringent requirements for reliability, long-term maintenance, or certification. The compiler-hardening options provided by GNAT Pro Assurance can be used to mitigate further attacks on network-facing protocol-handling code. About AdaCore Founded in 1994, AdaCore supplies software development and verification tools for mission-critical, safety-critical, and security-critical systems. Over the years, customers have used AdaCore products to field and maintain a wide range of critical applications in domains such as commercial and military avionics, defense systems, automotive, railway, space, air traffic management/control, medical devices, and financial services.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Vectra Unifies AI-driven Behavior-based Detection and Signature-based Detection in a Single Solution

Prnewswire | March 27, 2023

Vectra AI, the leader in AI-driven hybrid cloud threat detection and response, today announced the introduction of Vectra Match. Vectra Match brings intrusion detection signature context to Vectra Network Detection and Response (NDR), enabling security teams to accelerate their evolution to AI-driven threat detection and response without sacrificing investments already made in signatures. "As enterprises transform embracing digital identities, supply chains and ecosystems - GRC and SOC teams are forced to keep pace. Keeping pace with existing, evolving and emerging cyber threats requires visibility, context and control for both known and unknown threats. The challenge for many security organizations is doing so without adding complexity and cost," says Kevin Kennedy, SVP Products at Vectra. With the addition of Vectra Match, Vectra NDR addresses core GRC and SOC use cases enabling more efficient and effective: Correlation and validation of threat signals for accuracy. Compliance for network-based CVE detection with compensating controls. Threat hunting, investigation and incident response processes. "CISOs and their SOC teams across Asia Pacific are working with a challenging lack of visibility across their hybrid cloud environments, as attackers continue to evolve. Vectra NDR now enables security teams to unify signatures for known threats and AI-driven behavior-based detection for unknown threats in a single solution," comments David Sajoto, Vice President Vectra Asia Pacific Japan. According to Gartner®, "recent trends in the NDR market indicate many NDR offerings have expanded to capture new categories of events and to analyze additional traffic patterns. This includes new detection techniques: by adding support for more traditional signatures, performance monitoring, threat intelligence and sometimes malware detection engines. This move toward more multifunction network detection aligns well with the use case of network/security operations convergence, but also with midsize enterprises."1 "The attack surface cyber attackers have at their disposal continues to grow exponentially creating unknown threats on top of the tens of thousands of known vulnerabilities that exist. Attackers simply have exponentially more ways to infiltrate an organization and exfiltrate data -- and do so with far more frequency, velocity and impact. Keeping pace with attackers exploiting known vulnerabilities and unknown threats is an immense challenge for every Security, Risk and Compliance officer," says Ronald Heil, Global Risk Advisory Lead for Energy and Natural Resources and Partner at KPMG Netherlands. "Today, cyber-resilience and compliance requires complete visibility and context for both known and unknown attacker methods. Without it, disrupting and containing their impact becomes an exercise in brand reputation and customer trust damage control. Vectra Match capabilities allow us to combine both worlds, having the continued AI-based detection of real-time "movement", while also having the ability to check against specific Suricata indicators -- often required during incident response or proof of compliancy (e.g., Log4J). Consolidating AI-based and signature-based detection enables optimization, because in our case, less is more." "When it comes to shadow IT, we know people with admin rights are 'building boxes off the grid.' Our SOC team cannot protect what we cannot see, thus making these unknown systems prime targets for attackers. No doubt, behavior-based AI-driven detections are great for catching attackers deploying new, evasive methods, but when it comes to attackers leveraging CVEs to compromise unknown, unpatched systems, we need signature-based detection. Combining signature-based detection with behavior-based detection gives our SOC team visibility for both the known-unknown and unknown-unknown threats. It's the best of both worlds," says Brett Fernicola, Sr. Director, Security Operations at Anywhere.re. Vectra NDR with Vectra Match Vectra NDR - a key component of the Vectra platform - provides end-to-end protection against hybrid and multicloud attacks. Deployed on-premises or in the cloud, the Vectra NDR console is a single source of truth (visibility) and first line of defense (control) for attacks traversing cloud and data center networks. By harnessing AI-driven Attack Signal Intelligence, Vectra NDR empowers GRC and SOC teams with: AI-driven Detections that think like an attacker by going beyond signatures and anomalies to understand attacker behavior and zero in on attacker TTPs across the entire cyber kill chain post compromise, with 90% fewer blind spots and 3x more threats proactively identified. AI-driven Triage that knows what is malicious by utilizing ML to analyze detection patterns unique to the customer's environment to score how meaningful each detection is, thus reducing 85% of alert noise - surfacing only relevant true positive events that require analyst attention. AI-driven Prioritization that focuses on what is urgent by automatically correlating attacker TTPs across attack surfaces, evaluating each entity against globally observed attack profiles to create an attack urgency rating enabling analysts to focus on the most critical threats to the organization. Vectra NDR empowers security and risk professionals with next-level intrusion detection. Armed with rich context on both known and unknown threats, GRC and SOC teams not only improve the effectiveness of their threat detection, but the efficiency on their threat hunting, investigation and incident response program and processes. Vectra NDR with Vectra Match is available for evaluation and purchase today. For additional information, please visit the following resources. About Vectra Vectra® is the leader in Security AI-driven hybrid cloud threat detection and response. Only Vectra optimizes AI to detect attacker methods - the TTPs at the heart of all attacks - rather than simplistically alerting on "different." The resulting high-fidelity threat signal and clear context enables cybersecurity teams to rapidly respond to threats and stop attacks from becoming breaches. The Vectra platform and services cover public cloud, SaaS applications, identity systems and network infrastructure - both on-premises and cloud-based. Organizations worldwide rely on the Vectra platform and services for resilience to ransomware, supply chain compromise, identity takeovers, and other cyberattacks impacting their organization.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Launch of Virtru Private Keystore Enables Heightened Privacy and Secure Collaboration in the Cloud

Globenewswire | March 24, 2023

Virtru, the global leader in data-centric security and privacy, today announced the immediate availability of the Virtru Private Keystore, allowing organizations to leverage the power of industry-leading cloud collaboration platforms with the confidence that their data is completely private and shielded from their cloud provider. The Virtru Private Keystore gives businesses a simple way to encrypt their cloud data and store the keys in an environment separate from their cloud provider. It is available for Google Workspace, Google Cloud, and all of Virtru’s products. Privacy-preserving technology has become a top priority for businesses and individuals alike, as evidenced by Google’s rapid expansion of Client-Side Encryption for Google Workspace and customer-managed encryption keys for Google Cloud. Google has undertaken these efforts to win and retain privacy- and compliance-sensitive customers. Virtru is one of a select number of Google-recommended private encryption key management partners to support these initiatives. Paris-based HR tech firm, Maki People, uses Virtru as its key management solution provider for Google Cloud, and views the Virtru Private Keystore as a way to build trust with its customers. “The Virtru Private Keystore is super seamless,” said Benjamin Chino, CPO and Co-Founder, Maki People. “Everything is running smoothly. From a customer standpoint, it really makes a difference – they now feel that they're much more in control, and that Google will not be able to access their data.” “Safeguarding data privacy and control is our top priority, and the Virtru Private Keystore plays a crucial role in helping us achieve this objective,” said Ali Umana, Network Administrator, Kulite Semiconductor Products, Inc. Around the world, regulatory requirements continue to tighten. The Virtru Private Keystore helps organizations meet compliance and data sovereignty obligations such as the International Traffic in Arms Regulations (ITAR) and the EU’s General Data Protection Regulation (GDPR). “Our customers choose Virtru because our products are easy to use, and they integrate seamlessly with the apps they work in every day,” said Bill Bauman, Product Marketing, Virtru. “The Virtru Private Keystore does that, too. It simplifies key management for our customers and runs seamlessly in the background. It does more than just key exchanges, though: It adds policies to the keys and has audit capabilities. So, everyone can collaborate more confidently in the cloud and have final decision over who can access their data.” The Virtru Private Keystore supports the full suite of Virtru products, including Virtru for Microsoft Outlook 365, Virtru for Gmail, Virtru Secure Share, and Virtru Data Protection Gateway, and is a trusted solution for Google Workspace Client-Side Encryption (or CSE, including CSE for Gmail) and Google Cloud External Key Manager (EKM). It can be deployed in a public or private cloud, or a private or co-hosted data center, and supports hardware security modules (HSM), with additional support for HSM Proxy Connector. About Virtru Virtru is a global leader in data privacy and protection. At Virtru, we equip our customers to take control of their data—everywhere it’s shared—through end-to-end encryption for Google, Microsoft, and other data sharing platforms. Our team is creative, collaborative, and passionate about creating a brighter future for data privacy. Above all, we support our colleagues and empower each other to do our best work.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

AdaCore Launches RecordFlux

Businesswire | March 28, 2023

AdaCore, a trusted provider of software development and verification tools, today announced the launch of its new RecordFlux technology, designed to ease the development and security of binary communication protocols. The technology comprises a Domain Specific Language (DSL) to precisely describe complex binary data formats and communication protocols, and a toolset to verify specifications and generate provable SPARK code that can be executed on a target CPU. Through RecordFlux, users can define and implement complex communication protocols and prove security properties, such as memory safety, at much less cost and effort than would be possible with a manual approach. The precision of the RecordFlux DSL ensures that the specifications are unambiguous, the high-level nature of the DSL makes the specifications easily understandable by domain experts, and the expressive power of the DSL can capture the most complex real-world protocols. And since the RecordFlux code generator produces source code in the formal methods-based SPARK language, users can obtain automated proofs of a wide range of security properties in the resulting software. The net effect is more secure and reliable code, at lower cost. “Interaction between software components is governed by protocol and format specifications. Unfortunately, most specification documents are complex texts written in English which need to be translated to software implementations manually, leaving room for human error,” said Alex Senier, AdaCore’s RecordFlux Team Lead. “Logic errors and critical flaws are often poorly mitigated by the widespread use of unsafe programming languages, resulting in severe security vulnerabilities. With RecordFlux, we aim to provide a solution that saves time and money by automating provable code generation while ensuring the absence of low-level vulnerabilities like buffer overflows that attackers could exploit.” About RecordFlux RecordFlux is a toolset for creating high-assurance implementations of binary data formats and communication protocols. The technology includes a Domain Specific Language, a comprehensive toolset, and customized expert support. By using SPARK Pro, developers can take the SPARK code generated from RecordFlux specifications and automatically prove that the code is free of run-time errors and respects the original specification. Code generated by RecordFlux is also compatible with GNAT Pro Assurance, AdaCore’s complete solution for projects with the most stringent requirements for reliability, long-term maintenance, or certification. The compiler-hardening options provided by GNAT Pro Assurance can be used to mitigate further attacks on network-facing protocol-handling code. About AdaCore Founded in 1994, AdaCore supplies software development and verification tools for mission-critical, safety-critical, and security-critical systems. Over the years, customers have used AdaCore products to field and maintain a wide range of critical applications in domains such as commercial and military avionics, defense systems, automotive, railway, space, air traffic management/control, medical devices, and financial services.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Vectra Unifies AI-driven Behavior-based Detection and Signature-based Detection in a Single Solution

Prnewswire | March 27, 2023

Vectra AI, the leader in AI-driven hybrid cloud threat detection and response, today announced the introduction of Vectra Match. Vectra Match brings intrusion detection signature context to Vectra Network Detection and Response (NDR), enabling security teams to accelerate their evolution to AI-driven threat detection and response without sacrificing investments already made in signatures. "As enterprises transform embracing digital identities, supply chains and ecosystems - GRC and SOC teams are forced to keep pace. Keeping pace with existing, evolving and emerging cyber threats requires visibility, context and control for both known and unknown threats. The challenge for many security organizations is doing so without adding complexity and cost," says Kevin Kennedy, SVP Products at Vectra. With the addition of Vectra Match, Vectra NDR addresses core GRC and SOC use cases enabling more efficient and effective: Correlation and validation of threat signals for accuracy. Compliance for network-based CVE detection with compensating controls. Threat hunting, investigation and incident response processes. "CISOs and their SOC teams across Asia Pacific are working with a challenging lack of visibility across their hybrid cloud environments, as attackers continue to evolve. Vectra NDR now enables security teams to unify signatures for known threats and AI-driven behavior-based detection for unknown threats in a single solution," comments David Sajoto, Vice President Vectra Asia Pacific Japan. According to Gartner®, "recent trends in the NDR market indicate many NDR offerings have expanded to capture new categories of events and to analyze additional traffic patterns. This includes new detection techniques: by adding support for more traditional signatures, performance monitoring, threat intelligence and sometimes malware detection engines. This move toward more multifunction network detection aligns well with the use case of network/security operations convergence, but also with midsize enterprises."1 "The attack surface cyber attackers have at their disposal continues to grow exponentially creating unknown threats on top of the tens of thousands of known vulnerabilities that exist. Attackers simply have exponentially more ways to infiltrate an organization and exfiltrate data -- and do so with far more frequency, velocity and impact. Keeping pace with attackers exploiting known vulnerabilities and unknown threats is an immense challenge for every Security, Risk and Compliance officer," says Ronald Heil, Global Risk Advisory Lead for Energy and Natural Resources and Partner at KPMG Netherlands. "Today, cyber-resilience and compliance requires complete visibility and context for both known and unknown attacker methods. Without it, disrupting and containing their impact becomes an exercise in brand reputation and customer trust damage control. Vectra Match capabilities allow us to combine both worlds, having the continued AI-based detection of real-time "movement", while also having the ability to check against specific Suricata indicators -- often required during incident response or proof of compliancy (e.g., Log4J). Consolidating AI-based and signature-based detection enables optimization, because in our case, less is more." "When it comes to shadow IT, we know people with admin rights are 'building boxes off the grid.' Our SOC team cannot protect what we cannot see, thus making these unknown systems prime targets for attackers. No doubt, behavior-based AI-driven detections are great for catching attackers deploying new, evasive methods, but when it comes to attackers leveraging CVEs to compromise unknown, unpatched systems, we need signature-based detection. Combining signature-based detection with behavior-based detection gives our SOC team visibility for both the known-unknown and unknown-unknown threats. It's the best of both worlds," says Brett Fernicola, Sr. Director, Security Operations at Anywhere.re. Vectra NDR with Vectra Match Vectra NDR - a key component of the Vectra platform - provides end-to-end protection against hybrid and multicloud attacks. Deployed on-premises or in the cloud, the Vectra NDR console is a single source of truth (visibility) and first line of defense (control) for attacks traversing cloud and data center networks. By harnessing AI-driven Attack Signal Intelligence, Vectra NDR empowers GRC and SOC teams with: AI-driven Detections that think like an attacker by going beyond signatures and anomalies to understand attacker behavior and zero in on attacker TTPs across the entire cyber kill chain post compromise, with 90% fewer blind spots and 3x more threats proactively identified. AI-driven Triage that knows what is malicious by utilizing ML to analyze detection patterns unique to the customer's environment to score how meaningful each detection is, thus reducing 85% of alert noise - surfacing only relevant true positive events that require analyst attention. AI-driven Prioritization that focuses on what is urgent by automatically correlating attacker TTPs across attack surfaces, evaluating each entity against globally observed attack profiles to create an attack urgency rating enabling analysts to focus on the most critical threats to the organization. Vectra NDR empowers security and risk professionals with next-level intrusion detection. Armed with rich context on both known and unknown threats, GRC and SOC teams not only improve the effectiveness of their threat detection, but the efficiency on their threat hunting, investigation and incident response program and processes. Vectra NDR with Vectra Match is available for evaluation and purchase today. For additional information, please visit the following resources. About Vectra Vectra® is the leader in Security AI-driven hybrid cloud threat detection and response. Only Vectra optimizes AI to detect attacker methods - the TTPs at the heart of all attacks - rather than simplistically alerting on "different." The resulting high-fidelity threat signal and clear context enables cybersecurity teams to rapidly respond to threats and stop attacks from becoming breaches. The Vectra platform and services cover public cloud, SaaS applications, identity systems and network infrastructure - both on-premises and cloud-based. Organizations worldwide rely on the Vectra platform and services for resilience to ransomware, supply chain compromise, identity takeovers, and other cyberattacks impacting their organization.

Read More

DATA SECURITY, PLATFORM SECURITY, SOFTWARE SECURITY

Launch of Virtru Private Keystore Enables Heightened Privacy and Secure Collaboration in the Cloud

Globenewswire | March 24, 2023

Virtru, the global leader in data-centric security and privacy, today announced the immediate availability of the Virtru Private Keystore, allowing organizations to leverage the power of industry-leading cloud collaboration platforms with the confidence that their data is completely private and shielded from their cloud provider. The Virtru Private Keystore gives businesses a simple way to encrypt their cloud data and store the keys in an environment separate from their cloud provider. It is available for Google Workspace, Google Cloud, and all of Virtru’s products. Privacy-preserving technology has become a top priority for businesses and individuals alike, as evidenced by Google’s rapid expansion of Client-Side Encryption for Google Workspace and customer-managed encryption keys for Google Cloud. Google has undertaken these efforts to win and retain privacy- and compliance-sensitive customers. Virtru is one of a select number of Google-recommended private encryption key management partners to support these initiatives. Paris-based HR tech firm, Maki People, uses Virtru as its key management solution provider for Google Cloud, and views the Virtru Private Keystore as a way to build trust with its customers. “The Virtru Private Keystore is super seamless,” said Benjamin Chino, CPO and Co-Founder, Maki People. “Everything is running smoothly. From a customer standpoint, it really makes a difference – they now feel that they're much more in control, and that Google will not be able to access their data.” “Safeguarding data privacy and control is our top priority, and the Virtru Private Keystore plays a crucial role in helping us achieve this objective,” said Ali Umana, Network Administrator, Kulite Semiconductor Products, Inc. Around the world, regulatory requirements continue to tighten. The Virtru Private Keystore helps organizations meet compliance and data sovereignty obligations such as the International Traffic in Arms Regulations (ITAR) and the EU’s General Data Protection Regulation (GDPR). “Our customers choose Virtru because our products are easy to use, and they integrate seamlessly with the apps they work in every day,” said Bill Bauman, Product Marketing, Virtru. “The Virtru Private Keystore does that, too. It simplifies key management for our customers and runs seamlessly in the background. It does more than just key exchanges, though: It adds policies to the keys and has audit capabilities. So, everyone can collaborate more confidently in the cloud and have final decision over who can access their data.” The Virtru Private Keystore supports the full suite of Virtru products, including Virtru for Microsoft Outlook 365, Virtru for Gmail, Virtru Secure Share, and Virtru Data Protection Gateway, and is a trusted solution for Google Workspace Client-Side Encryption (or CSE, including CSE for Gmail) and Google Cloud External Key Manager (EKM). It can be deployed in a public or private cloud, or a private or co-hosted data center, and supports hardware security modules (HSM), with additional support for HSM Proxy Connector. About Virtru Virtru is a global leader in data privacy and protection. At Virtru, we equip our customers to take control of their data—everywhere it’s shared—through end-to-end encryption for Google, Microsoft, and other data sharing platforms. Our team is creative, collaborative, and passionate about creating a brighter future for data privacy. Above all, we support our colleagues and empower each other to do our best work.

Read More

Events