INSIDER THREAT PROTECTION:
Protect against and
recover from accidental
or malicious actions.
Some of the largest and most notable data breaches have resulted from insider actions, both accidental and malicious, via vulnerabilities such as lack of security training, broadly defined or excessive access permissions, and privileged user escalations.
DataKeep protection is built upon customer-defined policies that manage who, what, when, where and how users access decrypted data. Policies use role-based access (RBAC), privileged access management (PAM) and default to least privileged access (LPA) so only those needing data access are allowed. DataKeep logs all user data access requests, whether approved or denied, in real time to allow for prompt remediation. Event logs can be forwarded to Systems Information and Event Management (SIEM) for analysis and reporting.