By: Alex Burkardt|
November 22, 2019|
Lessons from Fortune 100 Security Teams
Along with the many responsibilities a security team holds, they face three big, emerging and thorny challenges that don’t directly relate to fighting any particular cyber threat:
- Reducing the security risks of collaboration. Market adoption of digital collaboration platforms is escalating, with a 33% increase in data traffic year-over-year through 2019. The typical enterprise experiences a 7:1 ratio of external to internal collaborators.
- Prioritizing the flood of alerts and incidents. The security environment is full of noise – legitimate alerts but also false alarms. How does the security team handle more data created by more people in more places ― and manage the increase in alerts and notifications?
- Perhaps the most difficult challenge is justifying the investment in the tools they need to do their work. How do they demonstrate the value of new security investments and the returns they will generate?
VERA is helping the security teams at some large enterprises address these challenges head-on. What they’ve learned is that securing the ever-expanding internet requires thinking smaller. These companies benefit by getting more atomic in the way they think about information, collapsing perimeter protections down to the data itself. Here are a few examples of how they’re making progress:
- Measuring secure collaboration behavior. A Global F50 manufacturing company that works with many 3rd party suppliers monitors what percent of their files are shared externally, where their data travels to, and what their user adoption rate is for Information Rights Management and data controls. Security adoption is often a challenge for any sized organization, but especially for large businesses that have so many users to engage. VERA helps them identify data-sharing behavioral patterns, and create rules around where files may go and how they may be used, to ensure employees are complying with security standards.
- Finding and reacting to security incidents at scale. A leading financial exchange needs to continually identify its potential data loss vectors. VERA helps them see exactly where the most unauthorized access attempts occur, and where content may be unexpectedly traveling to. For example, VERA can help them detect unusual amounts of interest in a particular financial file. Or if it’s being shared or accessed too often. And, VERA’s unauthorized access report provides detailed, file-specific information like who granted access, who has access, and whose access has been revoked. The company can also see the full log of access attempts, what copies of a file have been made, by whom and when. Armed with this rich information, VERA allows them to take immediate action when risky sharing and access attempts occur.
- Calculating investment payoff. A Silicon Valley infrastructure giant wants to demonstrate the value of new security investments. That starts with justifying existing investments. VERA provides a full, non-refutable audit trail of each file it secures. That data can be easily integrated into existing Business Intelligence or Security Information and Event Management tools to inform a more complete picture of activities, behaviors and anomalies. For example, perhaps a specific employee has been heavily accessing a particular file for several months from different locations. If that appears suspect, his or her access can be immediately terminated. VERA also enables the company to establish and manage a data access baseline, and filter analysis down to finite details, such as obtaining blocked information for a particular time period. This data helps them continually refine, improve and determine the next area of security focus.
These powerful capabilities help these companies secure some of their most valuable data assets right at the asset level.
If you’d like to see more specifics about how VERA is helping these real customers gain clear, actionable information and metrics about their security program, check out our recorded webinar at Data Security Success Metrics from the Fortune 100.