INSIDER THREAT PROTECTION
Define and log access policies by job function, and manage privileged users to block insider and external threats.
Avoid Costly Breach Mitigation Requirements
Some of the largest and most notable data breaches have resulted from insider actions, both accidental and malicious, via opportunities such as lack of security training, broadly defined or excessive access permissions, and privileged user escalations. Companies need to be cognizant and protect against potential unintended internal threats like users with weak passwords or employees that may open an email with phishing/malware, as well as defending against the intentional “rogue user”.
Hackers look to exploit any vulnerability they can discover, whether an application, user account or dissatisfied employee. These events are often hard to predict and defend against, and are even harder to assess and remediate once they occur. Ideal protection includes access limitations to only those roles requiring sensitive data in a usable format to perform their job, privileged access and escalations, as well as real-time monitoring of all data access and access attempts, whether authorized or not.
Prepare and Protect with DataKeep
DataKeep protection is built upon customer-defined policies that manage who, how, where and when users access decrypted data. Policies use role-based access (RBAC) permissions, including defaults for least privileged access (LPA) and privileged access management (PAM) so only those needing data access are allowed. DataKeep logs all user data access requests, whether approved or denied, in real-time to allow for prompt remediation. Event logs can be forwarded to Systems Information and Event Management (SIEM) for analysis and reporting.
Protect Against and Recover from Accidental or Malicious Actions
“DataKeep’s data-centric model enables our government and DoD customers to leverage the benefits of cloud-based computing and storage without risk by protecting sensitive data from the point of creation to deletion, and not just while the data is in storage.”
Eric Vollmecke, president of SENGEX
"SecurityFirst's DataKeep solution is integral to CMA's overall cybersecurity Risk Management Framework solution portfolio with its best-in-class data-centric protection capabilities. DataKeep's ability to safeguard federal organizations’ data across on-premises, cloud or hybrid environments positions it ideally for most every solution strategy and architecture."
John H. Frey, Director, Channel & Alliances, GWAC Program Manager