One of our core beliefs at VERA is that you should have direct control over how anyone can access and use your information, no matter where that data is. Today, we’re taking the next step towards helping customers protect their most valuable content from unwanted access. I’m pleased to announce that you can now add a dynamic second authentication factor to any Vera-protected file or email. Alongside our own native capabilities, we’re also launching integrations with Duo Security and RSA SecureID to let businesses simplify their multi-factor authentication strategy.
Possession of data shouldn’t equal access.
There are two reasons this is such a critical capability for our customers and our platform. First and foremost, there’s a growing need for enterprises to align their data security and their classification efforts. Every organization has their own version of “top secret” data – that highly classified set of files and email that can define (or undermine) their success. As a result, it’s increasingly important to match the security and access controls surrounding the data to its formal classification.
More importantly, this dynamic second factor will dramatically improve usability and security awareness for employees handling top secret data. We’ve already designed VERA to provide those subtle nudges to collaborators that they’re working with sensitive files, but now when challenged for a second factor when accessing truly classified content, employees and contractors will know without a doubt that they’re handling valuable intellectual property. By enabling a context-aware second factor to your content, you’ll naturally improve how employees treat that data.
Multi-factor authentication is a proven way to defend accounts and applications against phishing attacks. These attacks are increasing in their sophistication and effectiveness, and the recent Verizon 2017 Data Breach Investigations Report highlighted that Manufacturing companies, Financial Services Firms, and Media and Entertainment producers are some of the most likely to succumb to a phishing attack. These industries all have one thing in common – a high volume of incredibly valuable information and IP locked away in files.
VERA is an ideal solution to protect against phishing-initiated data loss, as we can tie access to information directly to the identity, authentication, and permissions of specific people. And, by enabling this extra authentication check on individual files, you can now be confident that attackers who have taken Crown Jewels data still won’t be able to access it.
For more information on how you can use multi-factor authentication (with Vera, Duo, or RSA) to protect your top secret files, check out our newest How-To blog post. And, for more ideas on how you can control how data is used across your organization, check out the other dynamic data protections we offer.