Symantec has unveiled new technology that automatically encrypts and tracks data as it moves outside of managed environments.
The company states that CEOs believe data loss is the top internal threat for businesses this year. As data is shared through many different channels such as email to USB to on-premises, it leaves little room for visibility and control.
Who has access to critical data? Trusted partners, vendors, contractors using their own devices, and is that information then being passed on? How do organisations get that data back if the relationship ends?
To address those gaps, Symantec developed a solution called Information Centric Security that can track data as it moves across channels, including data shared on 'bring-your-own-devices'. The company says that other DLP solutions stop tracking as soon as data is transferred to unmanaged devices, or other apps.
According to Nick Savvides, Symantec's manager, Cyber Security Strategy, Asia Pacific and Japan, there's more to protecting data than just installing software. You need to refine policies and improve processes.
"One of the other major problems has been ensuring that the right users have access to the right data, which has led to many rights management applications and systems being built. These have generally all failed in real world applications because they put too much burden and decision making on the end-users and have difficulty in identifying external authorised users," he says.
Symantec has combined its data loss protection with CASB (cloud access security broker) and encryption with identity authorisation. Organisations can automatically encrypt, track and revoke data for any user in any location and at any time.
- Automatically discover sensitive data across communication channels or manually classified by the users creating it.
- Automatically identify and encrypt sensitive data reducing the likelihood of accidental data loss through DLP.
- Intercept data moving to the cloud through CASB and extends DLP protection within such environments previously unmanaged.
- Provide Multi-Factor Authentication through Symantec VIP that integrates user authentication credentials with a decryption key to ensure only the intended user has access.
"A number of countries in our region are introducing mandatory data breach notification laws with hefty penalties. Now combine this with the region’s insatiable appetite for cloud services, and it just makes sense," Savvides adds.
The company says that the solution is not just tied to Symantec products, but also open for third party integration by developers and data-centric vendors.
Symantec Information Centric Security is very important to Symantec’s APAC operations. Organisations in New Zealand, Australia and further afield have been struggling with data management, and Symantec is delivering them a technology that is easy enough to be deployed by even the smallest of organisations," Savvides concludes.