Panzura's Glen Shok explains why file security and military-grade encryption should be applied to all data stored in the cloud

Panzura's Glen Shok explains
Glen Shok, CTO and VP Cloud Architects at Panzura, looks into his crystal ball and shares with us his predictions of the developments in the cybersecurity space. In this interview, we had the opportunity to explore novel malware tactics like ransomware and data wiper exploits, and the different solutions Panzura offers enterprises to improve their security measures. Read on to learn more about upticks in this cybersecurity landscape, and how Panzura can get businesses battle-ready against these attacks.


Ransomware encrypts files so quickly that entire file systems can be compromised before organizations are even aware of a problem.

MEDIA 7: You have had an expansive career in diverse fields ranging from operations management, business development, sales and marketing, to process improvements. How has all this experience helped in your current role at Panzura?
GLEN SHOK:
I’ve been in the enterprise and software sectors for more than two decades, working at companies like Oracle, EMC, and Cisco to build industry partnerships and define market strategies for software-defined storage, data networking, data centers, and of course the cloud. I’ve seen a lot of change but when it comes to using and consuming data, the enterprise has always been moving towards less cost, more availability, and more agility, and all of this with less risk.

For my role at Panzura, this experience has given me a perspective on how business has accelerated towards the cloud. It’s about delivering on-demand IT services that are elastic and able to scale up and down when needed. I know that the cloud can do a lot of things, but without the driving forces of data management and data security, none of that is possible. As I see it, success will come from helping the enterprise simultaneously address both the IT imperative of hybrid-cloud, and the business imperative of multi-cloud, and doing it in a way that keeps data safe.

Panzura makes data available so it can be used securely, and at a much lower cost. We also increase the value of that data by enabling real-time collaboration, integrating data from many different silos, and making it easy to analyze and manage, all on a shared common platform. Getting back to the main drivers of the move to the cloud–elasticity, simplicity and security–we’re seeing that any interface for cloud storage needs to support these things for a multitude of diverse business cases. That includes banking and financial markets, healthcare and hospitals, construction, engineering, manufacturing–the list goes on.

The natural evolution of that is taking shape with Panzura, where organizations with people all around the world will be able to utilize any kind of storage, and the data that is placed in them as if it’s a single data center. As a part of that, they’ll also be able to discover the capabilities of the cloud and use this interface to manage that, too. They’ll do all of this with complete confidence that their data is protected, secure, and resilient to any type of failure. It’s that evolution and innovation that has me most excited, and it’s why Panzura is a natural fit for my experience.


M7:  How does Panzura’s immutable data architecture offer a solution to ransomware attacks?
GS:
Great question! I mentioned the fact that the enterprise has always been moving toward less risk, and the cloud has made that far more complicated. Legacy file systems were already inherently vulnerable to ransomware and other types of malware because the data held in them needs to be editable. When attacked, they do exactly what they are designed to do, which is to allow files to be changed.

Ransomware, once inside the network, can gain access to these systems and change or encrypt data making it inaccessible. Everything grinds to a halt until a ransom is paid. When you get hit, recovering “clean” files after an attack is exceptionally difficult and time-consuming. Traditional backup processes tend to run on a scheduled basis, so there is almost always a time gap that results in data loss, and restoring from a backup is time and labor-intensive.

Panzura CloudFS global file system is built in a way that makes it impossible for attackers to alter or change data. Data is resistant to attack altogether. Instead of fighting off intruders at the castle wall, it reduces the impact and recovery time after an attack by keeping data unaffected.

Read More: 'Make the customer the hero,' says Chris Kim, Director of Social Media at Airtable

M7:  How does Panzura CloudFS improve data security and backup processes?
GS:
From the attacker’s point of view, the success or failure of an attack depends on your ability to restore access to your data, unless the ransom is paid. That’s why they often go after backups first, to limit your recovery options. This leaves you with nothing but offsite backups to restore your data, and as I mentioned, that is a very slow and costly process. While all of this is happening, users are locked out of their files. Each hour that goes by is lost time and money. But our approach to data immutability, and the ability of our hybrid-cloud solution to encrypt data and make it completely useless to attackers, means Panzura CloudFS users don’t worry about downtime and never pay ransoms.

Let me explain! Panzura CloudFS stores file data as blocks in cloud object storage, as a single authoritative data set that every user in the organization works from. It makes no difference how many people, or how far apart they are. Every user gets what feels like a local file experience, even though the data itself is stored hundreds, if not thousands of miles away. Those data blocks are immutable, stored in a ‘Write Once, Read Many’ form, so that once stored, they cannot be changed, edited, or overwritten. That makes them impervious to all forms of malware.

Metadata pointers are used to record which blocks comprise a file at any given time. As users create or edit files, changed data chunks are moved to object storage every 60 seconds, and are stored as new data blocks. At the same time, those pointers are updated to reflect any new blocks that form the file. For example, if a file is composed of blocks A, B, C and D, and it is edited today, it might now be composed of blocks A, B, C and E. The new block E is moved to the object store, and the pointers record that A, B, C and E are required to open the current version of that file.

These immutable data blocks are further protected by system-wide read-only snapshots. These are essentially exact replicas of the data and are taken at configurable intervals–typically no more than every 60 minutes. They keep files consistent while they’re being worked on. For backup purposes, additional read-only snapshots are taken every 60 seconds, and these are used to transfer changed data to the object-store. As these are read-only, snapshots, they are impervious to ransomware, and they provide a way to restore data to any previous version in a very precise way.




Legacy file systems were already inherently vulnerable to ransomware and other types of malware because the data held in them needs to be editable.



M7: How does Panzura enable quick progress towards realistic digital transformations for organizations using AI and data analytics?
GS:
Panzura CloudFS has a built-in SaaS-based data analytics layer called Panzura Data Services. It allows users to apply cloud-based AI and ML analytics across many types of unstructured data. We partner with the leading cloud and managed service providers to deliver optimized, fit-for-purpose solutions that make it faster and more efficient to handle massive volumes of data files. These files can be stored, retrieved, searched, and analyzed using AI in compliance with the specific regulatory requirements of financial institutions, healthcare, and other key sectors.

Panzura allows organizations to migrate or re-platform data, workloads, and applications to the cloud, and to consolidate data across multiple on-premises servers and the cloud, without having to refresh existing infrastructure. Applications and data can be moved as-is to a public cloud, while enhancing or replacing some components to take advantage of cloud services, which are becoming more driven by AI, without rewrite or workflow changes.

As I mentioned before, the Panzura global file system is built on a unique immutable architecture that delivers the highest level of data protection and recovery of any solution in its category. Granular recovery capabilities are augmented by the powerful analytics of Panzura Data Services–which is also becoming more AI-driven–to identify and restore files near-instantaneously in the event of data loss, damage, or ransomware attack.

Read More: 'Enterprises that don't leverage AI and ML is likely at a disadvantage,' believes Miquido's Jerzy Biernacki

M7: What makes Panzura’s cloud data management platform stand out among its competitors?
GS:
While there are similar solutions out there, they are better for small implementations across just a few sites. None achieve real-time global file consistency or anything close to it. Those solutions typically sync data to central storage. Local filers then pull data from that storage, once it is available. The time to achieve file consistency is therefore dependent on the time taken for each location to sync changes to the cloud store, and for the querying location to retrieve it. While lower-level solutions are often good for legacy storage, they still leave users waiting on data. This significantly impacts productivity and produces data bloat with multiple, redundant but still out-of-sync file versions that make data difficult to manage. 

Panzura moves data in real-time, as it is created and when it is required. All locations in the Panzura global file system sync changed data to the cloud simultaneously, every 60 seconds. Should another location need to open a file before this occurs, a peer-to-peer connection handles the change in file ownership, as well as any changed data blocks which make the file consistent. This happens in milliseconds in the background.
No other solution provides built-in analytics for integrated search, audit, and file network analysis over an entire cloud storage infrastructure. Some even require indexing to be switched off, making it painfully slow to find files. This also means they cannot offer AI- and ML-based performance and activity alerts, and they generally don’t have tools for admins to fully diagnose and troubleshoot their environment.


M7: What do you consider to be the best practices for streamlining data infrastructure?
GS:
We come at this from a couple of angles. Panzura’s hybrid-cloud approach makes files immediately consistent across sites and provides enterprise-grade durability without replicating files for backup and disaster recovery. Legacy approaches house user files and replicate them to a secondary site, so users from both sites have access to the same files. In this scenario, the company investment is already twice the original storage investment to satisfy the RPO and remote collaboration requirements.

Instead of replicating files across locations, Panzura uses public, private or dark cloud storage as a single authoritative data source. Virtual machines at the edge, on-premises, or in cloud regions, overcome latency by holding the file system’s metadata as well as intelligently caching the most frequently used files to achieve local-feeling performance.
Much has been written about the exponential growth of unstructured data. Much less has been said about how legacy approaches to file systems and data management contribute to that increase.

Cloud providers automatically create redundant copies of data across different repositories and locations by building durability into their service. When you consider that unstructured data is already growing at an incredible pace, adding more storage to compensate is not only complicated and costly but doesn’t solve the real problem. Under the strain of this load, most organizations quickly find that their existing storage systems are cumbersome at best. Traditional network-attached storage–or NAS–is plagued by insufficient workflows and performance, not to mention security risks.

The inefficiency and inflexibility create delays in access to files which makes it impossible to work productively, and that problem is even worse when multiple people in different locations collaborate on files. Along with delays, people may end up editing files that are already being edited by another employee. These legacy NAS systems may have virtually no backend tech managing file edits, leaving duplicate files to run rampant.
As a result, each site is sharing with the wider enterprise their mess of siloed, redundant data. The spread of mismanaged data amounts to a stockpile of badly maintained clutter. It’s a lot of work to navigate, consolidate, and tolerate these flaws.

Panzura CloudFS uses a single, authoritative data set as the “golden copy” of each file. Dynamic caching based on usage patterns keeps duplicates at bay. What’s more, it uses file sync methods alongside intelligent and conservative file locking, to keep the storage space tidy and duplicate-free.

Read More: 'No company operating in the cloud should ever lose data' says Sam Gutmann, CEO and Co-Founder at OwnBackup




Traditional network-attached storage–or NAS–is plagued by insufficient workflows and performance, not to mention security risks.



M7: Panzura CloudFS is set to replace legacy solutions. How do you see this segment growing as the threat from ransomware increases?
GS:
Well, I think the threat of ransomware is going to continue to grow alongside other novel malware tactics like data wiper exploits. We’re already seeing this unfold in very disturbing ways with state-sponsored cyber-crime now emerging as a threat that could easily dwarf rogue criminals out to make a profit from holding data ransom. In many ways, I see this as the final nail in the coffin for legacy solutions. The need for more and better data management solutions to contain these threats has shifted the landscape, which was already moving toward the cloud as we discussed.

For one thing, we’re seeing demand for self-service ransomware recovery capabilities that make it easier for organizations to take data recovery and restoration into their own hands when an attack happens. One way we’re addressing this is to roll out self-managed snapshot recovery that lets IT teams revert files or directories to a pre-ransomware state without the need for external support. If we can trim downtime by shaving off minutes with these types of capabilities, there’s the potential to save entire industries billions of dollars in lost time due to delayed work, and millions of IT man-hours.


M7:  Few years down the line, how do you see AI changing the world around us?
GS:
Looking into my crystal ball, in a few years, I’m certain we’ll begin to see AI algorithms that are self-learning and when unleashed on an organization’s data network, will quickly learn data usage patterns, and begin shifting cloud capacity around automatically to make the entire network move faster. We’ll also see predictive AI serving up data and files to the right people, when and where it’s needed, anticipating the workflows of an organization in real-time.

But I think of this in terms of how ransomware and cyberwarfare are compressing timelines and bringing innovations that would have otherwise taken years to happen. Ransomware encrypts files so quickly that entire file systems can be compromised before organizations are even aware of a problem. Solving this problem is an area where Panzura is breaking new ground right now. We’re getting ready to introduce new AI-powered features that provide early detection and confirmation of ransomware attacks, and then send notifications via text and emails.

That way, administrators will be alerted to ransomware attacks in near real-time so they can organize a quick response, cutting down on downtime and disruption, and even reducing recovery efforts. So, in many ways, the future is now, and that’s very exciting. But what comes next, for example, is self-healing cloud data management systems with AI at the helm, and the ability to connect entire industries into living data ecosystems–that’s even more incredible.

ABOUT PANZURA

Panzura makes hybrid multi-cloud data management seem easy. Panzura’s data management platform is a single, unified data engine designed to securely power the most rigorous, large-scale multi-site enterprise data workflows across the globe. Intelligent edge technologies enable LAN performance with cloud economics together with simplified data management, advanced analytics, reduced operational complexity, and improved security. Find out more at panzura.com.

More C-Suite on deck

‘In the industry, we've observed fragmentation, especially among larger organizations,’ says Chris Fisher

Media 7 | October 16, 2023

Chris Fisher is a seasoned marketing professional who specializes in digital marketing and demand generation to fuel business growth. I integrate product messaging and innovative strategies with data-driven marketing to achieve quantifiable outcomes. Read on to know his thoughts about safeguarding the layers of Cyber-security.

Read More

'AI & ML algorithms will play a critical role in identifying cyber threats,' asserts Trishneet Arora

Media 7 | July 28, 2023

Trishneet Arora, a self-made individual, demonstrated remarkable vision, intellect, and competence when he established a startup at the young age of 19. Under his guidance, the flagship venture has expanded into both the entertainment and educational sectors. With Trishneet at the helm, the potential for growth and success knows no bounds. Let's delve into his insights on securing UPI-based applications.

Read More

‘Data and analytics play a crucial role in shaping our advertising strategies,' asserts Aleksander Groshev

Media 7 | June 28, 2023

Aleksander Groshev is the CEO and Co-Founder of Autobahn Security. Previously he was Vice President of Product responsible for the product development of the SaaS platform. Before joining Autobahn Security he held the position of Head of Product at Fincite, a wealth management B2B platform.

Read More

‘In the industry, we've observed fragmentation, especially among larger organizations,’ says Chris Fisher

Media 7 | October 16, 2023

Chris Fisher is a seasoned marketing professional who specializes in digital marketing and demand generation to fuel business growth. I integrate product messaging and innovative strategies with data-driven marketing to achieve quantifiable outcomes. Read on to know his thoughts about safeguarding the layers of Cyber-security.

Read More

'AI & ML algorithms will play a critical role in identifying cyber threats,' asserts Trishneet Arora

Media 7 | July 28, 2023

Trishneet Arora, a self-made individual, demonstrated remarkable vision, intellect, and competence when he established a startup at the young age of 19. Under his guidance, the flagship venture has expanded into both the entertainment and educational sectors. With Trishneet at the helm, the potential for growth and success knows no bounds. Let's delve into his insights on securing UPI-based applications.

Read More

‘Data and analytics play a crucial role in shaping our advertising strategies,' asserts Aleksander Groshev

Media 7 | June 28, 2023

Aleksander Groshev is the CEO and Co-Founder of Autobahn Security. Previously he was Vice President of Product responsible for the product development of the SaaS platform. Before joining Autobahn Security he held the position of Head of Product at Fincite, a wealth management B2B platform.

Read More

Related News

Data Security

GuidePoint Security Announces Portfolio of Data Security Governance Services

GuidePoint Security | January 30, 2024

GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, today announced the availability of its Data Security Governance services, which are designed to help customers address the challenges of unstructured data and data sprawl through a proven process and program to meet their unique needs. GuidePoint’s Data Security Governance services consist of policies, standards, and processes leveraging the newest technologies to meet organizations’ data governance goals in both on-prem and cloud environments. Once the right strategy is determined with the customer, GuidePoint Security consultants will review program requirements, assess current policies and controls, perform gap analysis, design and develop/enhance the program, recommend and implement supporting technologies, and create operational processes and metrics. “Whether an organization is just beginning to build their data security governance program or needs help assessing and improving an existing program, our team and service capabilities are built to meet them at their current maturity level,” said Scott Griswold, Practice Director - Security Governance Services, GuidePoint Security. “We work side by side with the customer to conduct the necessary data discovery in their environment and provide tailored recommendations for solutions and processes to ultimately build/improve upon the data security governance program.” GuidePoint’s Data Security Governance Services include: Sensitive Data Cataloging: For organizations just getting started in the process of protecting their sensitive data, GuidePoint offers Data Identification workshops to identify sensitive data types in the environment, including trade secrets, intellectual property, and sensitive business communications. Data Security Governance Program Assessment: For organizations with existing Data Security Governance or Data Protection programs, GuidePoint Security experts will assess the program to identify policy non-compliance, gaps in data protection requirements—whether legal, regulatory, contractual, or business—and program maturity levels. Data Security Governance Program Strategy Development: The GuidePoint team will work with an organization's key stakeholders to design a program strategy aligned with relevant requirements. The outputs of this effort include delivering ongoing sensitive data discovery, automated classification and labeling, the application of required sensitive data protections, restrictions on where sensitive data can be stored and sent, and data retention policy enforcement. Merger and Acquisition Data Identification: This offering provides the ability to identify sensitive data within an M&A target or recent acquisition (including locations, amounts, and access rights) and then perform penetration testing on the storage repositories where that sensitive data exists to determine the risk of data compromise. About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. Learn more at www.guidepointsecurity.com.

Read More

Software Security

Keeper Streamlines Compliance Processes With Granular Sharing Enforcements

Keeper Security, Inc. | January 11, 2024

Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, passkeys, privileged access, secrets and remote connections, announces Granular Sharing Enforcements will soon be available for all products in the Keeper® platform. Granular Sharing enables administrators to enforce detailed creating and sharing permissions at the user level. By implementing these permissions, organizations can ensure employees only have access to the resources necessary for their roles, minimizing the risk of unauthorized access, data breaches and lateral movement within a network. "It's critical for organizations to have security solutions that help them adhere to increasing regulations and compliance requirements," said Craig Lurey, CTO and Co-founder of Keeper Security. "Granular permission control helps organizations enhance their security posture by restricting access to sensitive information and systems. With Granular Sharing Enforcements, it's easier than ever for IT administrators to better control the principle of least privilege and streamline operations within their organizations." Keeper's added Granular Sharing Enforcement policies provide more detailed restrictions that administrators can apply to users for both creating and sharing records. Most employees do not need access to all of the data or functionalities within an organization, and many industries and geographical regions have specific regulations and compliance requirements regarding data protection and privacy, including HIPAA, GDPR, PCI DSS and SOX. Granular permission controls enable organizations to align with local and industry regulations by allowing them to define and enforce access policies. This helps in ensuring the organization is compliant with industry standards and legal requirements. Key features of Keeper's Granular Sharing Enforcements include: Auditing: Keeper provides clear alerting and reporting on over 100 different event types. Version control: Only a small subset of users have permissions to update or share records, helping teams ensure information is consistent and accurate. Seamless access on any device: Keeper provides the same user experience across platforms, ensuring cross functionality and ease of use, whether on web, desktop or mobile. Encryption: Keeper provides secure sharing with elliptic curve encryption, ensuring cybercriminals cannot intercept passwords or other shared records in transit. Keeper Administrators can easily customize permissions to best suit the compliance needs of their organization. Administrators modify permissions in the Enforcement Policies section of the Admin Console for the chosen role by selecting Creating and Sharing. Most permissions are activated by default for maximum security. Enforcements have been designed to be simple and powerful, allowing admins to choose the appropriate settings for their unique needs. Granular Sharing Enforcements will be available for all sharing needs within Keeper's Enterprise Password Manager, Keeper Secrets Manager and KeeperPAM. With Keeper's zero-knowledge password management and security platform, IT administrators have complete visibility into employee password practices, enabling them to monitor password use and enforce password security policies, including strong, unique passwords, Multi-Factor Authentication (MFA), Role-Based Access Control (RBAC), and other security policies. Keeper Secrets Manager® is a fully managed cloud-based, zero-knowledge platform for securing infrastructure secrets such as API keys, database passwords, access keys, certificates and any type of confidential data. Its latest offering, KeeperPAM™, provides next-generation Privileged Access Management (PAM) that is disrupting the traditional PAM market. KeeperPAM delivers enterprise-grade password, secrets and privileged connection management within a unified SaaS platform that is cost-effective, easy to use and simple to deploy. KeeperPAM enables least-privilege access with zero-trust and zero-knowledge security. Enterprises select Keeper because of its strong security architecture, ability to support federated and passwordless authentication with any identity provider, seamless integration into on-premises, cloud or hybrid environments and ease of use across desktop and mobile devices. About Keeper Security Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper's affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance. Trusted by millions of individuals and thousands of organizations, Keeper is the leader for best-in-class password and passkey management, secrets management, privileged access, secure remote access and encrypted messaging.

Read More

Platform Security

Stellar Cyber and Proofpoint Strategic Alliance to Deliver Comprehensive Email Security Solution For SecOps Teams

Stellar Cyber | January 23, 2024

Stellar Cyber, the innovator of Open XDR, announced a new partnership with Proofpoint, a leading cybersecurity and compliance company. Through this alliance, Proofpoint and Stellar Cyber customers benefit from an out-of-the-box integration enabling swift email investigations and real-time response actions to email-driven attacks. Proofpoint Targeted Attack Protection monitors emails to identify suspicious emails and potentially malicious attachments and URLs. Once identified, the findings are shared with Stellar Cyber automatically. Stellar Cyber’s Open XDR platform ingests, normalizes, and analyzes Proofpoint findings and other collected data to deliver a comprehensive threat picture. As security analysts conduct investigations, they can instruct integrated third-party products – including Proofpoint – on corrective actions. “Protecting organizations against email-borne attacks is a top priority, and security teams need a way to automatically correlate threat telemetry across the entire attack surface in order to quickly remediate threats,” said Andrew Homer, VP of Strategic Alliances, Stellar Cyber. “This new partnership with Proofpoint is the latest example of Stellar Cyber delivering on its Open XDR strategy to provide customers turn-key integrations that improve productivity and threat detection.” “Email attacks remain the number one entry point into an organization, and the level of sophistication of these attacks continues to grow exponentially,” said D.J. Long, Vice President, Strategic Alliances & Business Development, Proofpoint. “We’re thrilled to work with Stellar Cyber on this strategic alliance to help customers protect against advanced email-based threats and unify their cybersecurity defense.” Through this alliance, Stellar Cyber and Proofpoint give security teams an advantage over attackers, resulting in the following: Real-time threat signals exchanged for proactive detection Correlation of Proofpoint alerts across the entire attack surface Automated response actions for immediate threat containment About Stellar Cyber Stellar Cyber’s Open XDR Platform delivers comprehensive, unified security without complexity, empowering lean security teams of any skill level to secure their environments successfully. With Stellar Cyber, organizations reduce risk with early and precise identification and remediation of threats while slashing costs, retaining investments in existing tools, and improving analyst productivity, delivering an 8X improvement in MTTD and a 20X improvement in MTTR. The company is based in Silicon Valley.

Read More

Data Security

GuidePoint Security Announces Portfolio of Data Security Governance Services

GuidePoint Security | January 30, 2024

GuidePoint Security, a cybersecurity solutions leader enabling organizations to make smarter decisions and minimize risk, today announced the availability of its Data Security Governance services, which are designed to help customers address the challenges of unstructured data and data sprawl through a proven process and program to meet their unique needs. GuidePoint’s Data Security Governance services consist of policies, standards, and processes leveraging the newest technologies to meet organizations’ data governance goals in both on-prem and cloud environments. Once the right strategy is determined with the customer, GuidePoint Security consultants will review program requirements, assess current policies and controls, perform gap analysis, design and develop/enhance the program, recommend and implement supporting technologies, and create operational processes and metrics. “Whether an organization is just beginning to build their data security governance program or needs help assessing and improving an existing program, our team and service capabilities are built to meet them at their current maturity level,” said Scott Griswold, Practice Director - Security Governance Services, GuidePoint Security. “We work side by side with the customer to conduct the necessary data discovery in their environment and provide tailored recommendations for solutions and processes to ultimately build/improve upon the data security governance program.” GuidePoint’s Data Security Governance Services include: Sensitive Data Cataloging: For organizations just getting started in the process of protecting their sensitive data, GuidePoint offers Data Identification workshops to identify sensitive data types in the environment, including trade secrets, intellectual property, and sensitive business communications. Data Security Governance Program Assessment: For organizations with existing Data Security Governance or Data Protection programs, GuidePoint Security experts will assess the program to identify policy non-compliance, gaps in data protection requirements—whether legal, regulatory, contractual, or business—and program maturity levels. Data Security Governance Program Strategy Development: The GuidePoint team will work with an organization's key stakeholders to design a program strategy aligned with relevant requirements. The outputs of this effort include delivering ongoing sensitive data discovery, automated classification and labeling, the application of required sensitive data protections, restrictions on where sensitive data can be stored and sent, and data retention policy enforcement. Merger and Acquisition Data Identification: This offering provides the ability to identify sensitive data within an M&A target or recent acquisition (including locations, amounts, and access rights) and then perform penetration testing on the storage repositories where that sensitive data exists to determine the risk of data compromise. About GuidePoint Security GuidePoint Security provides trusted cybersecurity expertise, solutions and services that help organizations make better decisions that minimize risk. Our experts act as your trusted advisor to understand your business and challenges, helping you through an evaluation of your cybersecurity posture and ecosystem to expose risks, optimize resources and implement best-fit solutions. GuidePoint’s unmatched expertise has enabled a third of Fortune 500 companies and more than half of the U.S. government cabinet-level agencies to improve their security posture and reduce risk. Learn more at www.guidepointsecurity.com.

Read More

Software Security

Keeper Streamlines Compliance Processes With Granular Sharing Enforcements

Keeper Security, Inc. | January 11, 2024

Keeper Security, the leading provider of zero-trust and zero-knowledge cybersecurity software protecting passwords, passkeys, privileged access, secrets and remote connections, announces Granular Sharing Enforcements will soon be available for all products in the Keeper® platform. Granular Sharing enables administrators to enforce detailed creating and sharing permissions at the user level. By implementing these permissions, organizations can ensure employees only have access to the resources necessary for their roles, minimizing the risk of unauthorized access, data breaches and lateral movement within a network. "It's critical for organizations to have security solutions that help them adhere to increasing regulations and compliance requirements," said Craig Lurey, CTO and Co-founder of Keeper Security. "Granular permission control helps organizations enhance their security posture by restricting access to sensitive information and systems. With Granular Sharing Enforcements, it's easier than ever for IT administrators to better control the principle of least privilege and streamline operations within their organizations." Keeper's added Granular Sharing Enforcement policies provide more detailed restrictions that administrators can apply to users for both creating and sharing records. Most employees do not need access to all of the data or functionalities within an organization, and many industries and geographical regions have specific regulations and compliance requirements regarding data protection and privacy, including HIPAA, GDPR, PCI DSS and SOX. Granular permission controls enable organizations to align with local and industry regulations by allowing them to define and enforce access policies. This helps in ensuring the organization is compliant with industry standards and legal requirements. Key features of Keeper's Granular Sharing Enforcements include: Auditing: Keeper provides clear alerting and reporting on over 100 different event types. Version control: Only a small subset of users have permissions to update or share records, helping teams ensure information is consistent and accurate. Seamless access on any device: Keeper provides the same user experience across platforms, ensuring cross functionality and ease of use, whether on web, desktop or mobile. Encryption: Keeper provides secure sharing with elliptic curve encryption, ensuring cybercriminals cannot intercept passwords or other shared records in transit. Keeper Administrators can easily customize permissions to best suit the compliance needs of their organization. Administrators modify permissions in the Enforcement Policies section of the Admin Console for the chosen role by selecting Creating and Sharing. Most permissions are activated by default for maximum security. Enforcements have been designed to be simple and powerful, allowing admins to choose the appropriate settings for their unique needs. Granular Sharing Enforcements will be available for all sharing needs within Keeper's Enterprise Password Manager, Keeper Secrets Manager and KeeperPAM. With Keeper's zero-knowledge password management and security platform, IT administrators have complete visibility into employee password practices, enabling them to monitor password use and enforce password security policies, including strong, unique passwords, Multi-Factor Authentication (MFA), Role-Based Access Control (RBAC), and other security policies. Keeper Secrets Manager® is a fully managed cloud-based, zero-knowledge platform for securing infrastructure secrets such as API keys, database passwords, access keys, certificates and any type of confidential data. Its latest offering, KeeperPAM™, provides next-generation Privileged Access Management (PAM) that is disrupting the traditional PAM market. KeeperPAM delivers enterprise-grade password, secrets and privileged connection management within a unified SaaS platform that is cost-effective, easy to use and simple to deploy. KeeperPAM enables least-privilege access with zero-trust and zero-knowledge security. Enterprises select Keeper because of its strong security architecture, ability to support federated and passwordless authentication with any identity provider, seamless integration into on-premises, cloud or hybrid environments and ease of use across desktop and mobile devices. About Keeper Security Keeper Security is transforming cybersecurity for people and organizations around the world. Keeper's affordable and easy-to-use solutions are built on a foundation of zero-trust and zero-knowledge security to protect every user on every device. Our next-generation privileged access management solution deploys in minutes and seamlessly integrates with any tech stack to prevent breaches, reduce help desk costs and ensure compliance. Trusted by millions of individuals and thousands of organizations, Keeper is the leader for best-in-class password and passkey management, secrets management, privileged access, secure remote access and encrypted messaging.

Read More

Platform Security

Stellar Cyber and Proofpoint Strategic Alliance to Deliver Comprehensive Email Security Solution For SecOps Teams

Stellar Cyber | January 23, 2024

Stellar Cyber, the innovator of Open XDR, announced a new partnership with Proofpoint, a leading cybersecurity and compliance company. Through this alliance, Proofpoint and Stellar Cyber customers benefit from an out-of-the-box integration enabling swift email investigations and real-time response actions to email-driven attacks. Proofpoint Targeted Attack Protection monitors emails to identify suspicious emails and potentially malicious attachments and URLs. Once identified, the findings are shared with Stellar Cyber automatically. Stellar Cyber’s Open XDR platform ingests, normalizes, and analyzes Proofpoint findings and other collected data to deliver a comprehensive threat picture. As security analysts conduct investigations, they can instruct integrated third-party products – including Proofpoint – on corrective actions. “Protecting organizations against email-borne attacks is a top priority, and security teams need a way to automatically correlate threat telemetry across the entire attack surface in order to quickly remediate threats,” said Andrew Homer, VP of Strategic Alliances, Stellar Cyber. “This new partnership with Proofpoint is the latest example of Stellar Cyber delivering on its Open XDR strategy to provide customers turn-key integrations that improve productivity and threat detection.” “Email attacks remain the number one entry point into an organization, and the level of sophistication of these attacks continues to grow exponentially,” said D.J. Long, Vice President, Strategic Alliances & Business Development, Proofpoint. “We’re thrilled to work with Stellar Cyber on this strategic alliance to help customers protect against advanced email-based threats and unify their cybersecurity defense.” Through this alliance, Stellar Cyber and Proofpoint give security teams an advantage over attackers, resulting in the following: Real-time threat signals exchanged for proactive detection Correlation of Proofpoint alerts across the entire attack surface Automated response actions for immediate threat containment About Stellar Cyber Stellar Cyber’s Open XDR Platform delivers comprehensive, unified security without complexity, empowering lean security teams of any skill level to secure their environments successfully. With Stellar Cyber, organizations reduce risk with early and precise identification and remediation of threats while slashing costs, retaining investments in existing tools, and improving analyst productivity, delivering an 8X improvement in MTTD and a 20X improvement in MTTR. The company is based in Silicon Valley.

Read More

Spotlight

Panzura

Panzura

Panzura makes hybrid multi-cloud data management seem easy. Panzura’s data management platform is a single, unified data engine designed to securely power the most rigorous, large-scale multi-site enterprise data workflows across the globe. Intelligent edge technologies enable LAN performance with cl...

Events

Resources