Skip to content

Ransomware

ransomeware icon-small

Public or Private, Large or Small – Every Organization is at Risk

Ransomware either locks your computer or locks your data before demanding a ransom in exchange for regaining control over your critical assets. Unfortunately, the impact from ransomware extends far beyond paying or not paying a ransom. The disruption of critical services can have an even greater impact on revenue, safety, reputation and brand.

According to the U.S government Cybersecurity and Infrastructure Security Agency (CISA) in August 2019, “ransomware has rapidly emerged as the most visible cybersecurity risk playing out across our nation’s networks, locking up private sector organizations and government agencies alike. And that’s only what we’re seeing – many more infections are going unreported, ransoms are being paid, and the vicious ransomware cycle continues on.”

 

The Health of Your Systems and Data Requires Good Security Hygiene

The growing sophistication and proliferation of ransomware has many organizations assuming an attack is inevitable, but the reality is that many of these same organizations are still unprepared. Protecting against ransomware requires implementing good security hygiene to manage the health and quality of your data throughout its lifecycle. This means applying timely updates and patches, properly configuring firewalls, managing how networks, servers and data are accessed, using up-to-date anti-malware software and making sure your critical data assets are encrypted in transit and at rest, as well as backed up on a regular basis.

How DataKeep™ from SecurityFirst helps supports good security hygiene for ransomware protection

  • White Checkmark

    Manage data access by role or group, including privileged access with zero trust

  • White Checkmark

    Manage data access by specific, approved applications including data backup apps

  • White Checkmark

    Encrypt data-at-rest and manage encryption keys

  • White Checkmark

    Audit data access requests / denials for encrypted personal data

breach prevention

Protect and Prevent with DataKeep

DataKeep addresses key elements of good security hygiene as outlined by government agencies and security professionals.

DataKeep uses customer-defined policies that manage who, what, when, where and how users access decrypted data. DataKeep allows you to define access policies that can be as narrow as -- a specific user, can only see specific data decrypted, when using a specific hashed process/application on a specific server. Policies use role-based access (RBAC), privileged access management (PAM) and default to least privileged access (LPA) so only those needing data access are allowed. Access can also be limited through specific applications.

DataKeep encrypts data-at-rest on servers at a volume or file-level, on network file systems and prior to sending data to S3 object storage. DataKeep combines AES-256 encryption and internal key management that is certified to be FIPS 140-2 compliant.

DataKeep logs all user data access requests, whether approved or denied, in real time to allow for prompt remediation. Event logs can be forwarded to Systems Information and Event Management (SIEM) for analysis and reporting.

 

Disclaimer: Gartner does not endorse any vendor, product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Copyright © 2019 Security First Corp.     Terms of Use     Privacy Policy     Support Desk    Contact Us

Pin It on Pinterest