eSafe Systems
You may as well ask “Where does my cat go during the day when I’m at work?”
In both instances, nine hundred and ninety-nine times out of a thousand, the answer aligns with what you expected. Unfortunately, data leakage statistics are based on those instances when bad behaviour is actually detected. Nobody really knows what your cat does.
At e-Safe Systems, a member of the Goal Group, they have a data leakage statistic that is based on threat detections by the eSafe software, a system that operates and reports in near-real-time.
It’s not pretty.
Globally, across the detection statistics we’ve gathered (with the clients active participation!), e-Safe Compliance software detects data leakage at the following rate…
One instance of data leakage, for every hundred employees…every month!
But what if they could do better? A great deal better?
What if the responsible Primes could also reassure themselves around confidentiality, integrity and availability (CIA) of their data, with high degrees of confidence? Imagine the difference in data security if a Prime could:
- Ensure correct data classification was applied and preserved on all data
- Ensure all iterations of that data were classified in the same manner
- Ensure that all data remained encrypted, in motion, at rest, and in use
- Ensure that data was only available to authorised users
- Monitor data security in near-real-time
- Maintain a catalogue of information assets
- Revoke access to data assets
The reality is that Primes can do all of these things inside their own networks. Now imagine doing all this outside the Prime network…down through the supply-chain!
To data assets anywhere on earth, from anywhere on earth!
That reality is powered by e-Safe Compliance
e-Safe Compliance identifies and secures sensitive data using a simple 4 step approach:
Step 1: Identifies and classifies sensitive data.
The first step in protecting data is to know what is sensitive in line with specific regulations like ITAR, EAR, NIST 800-171 and Data privacy. e-Safe Compliance fulfils this requirement by identifying and classifying sensitive data through content analysis, data type, naming conventions, data tags, storage location, data origin and its creation mechanisms as required by these regulations.
Step 2: Discovers and protects sensitive data from breach or loss using encryption.
Once the classification scheme has been established e-Safe Compliance discovers and secures all sensitive data using persistent encryption. This ensures sensitive data remains segregated and secure when accessed, when stored in network or cloud drives and when being moved using any method like USBs or email attachments. Persistent encryption ensures data remains protected in the event of a breach or loss and from unauthorised disclosure. In addition to this e-Safe’s encryption also applies access control on sensitive data protecting it from unauthorised access by both internal and external users…and when shared with authorised 3rd party suppliers.
Step 3: Provides data breach monitoring and alerting of sensitive data.
e-Safe Compliance monitors the access and movement of sensitive data on all corporate and non-corporate channels. It helps to establish strong data monitoring and auditing controls to the extent needed to enable alerting, analysis, investigation, and reporting of unlawful or unauthorised activity.
Step 4: Facilitates Information Disposal.
Periodic disposal of sensitive data that is no longer required is an essential step in reducing a company’s risk and ensuring compliance. e-Safe Compliance maintains a complete registry of where sensitive data is stored and all its versions and copies. Once a project is over, companies can use e-Safe to locate and dispose of sensitive data that has reached the end of its useful life.
This unique challenge of controlling sensitive data outside of one’s organisation and across multiple organisations makes selecting an appropriate security solution a difficult job.
e-Safe Compliance SOLVES THIS PROBLEM USING CUSTODIAL INFORMATION SECURITY (cis)
e-Safe Compliance solves this problem using custodial information security. Primes can add suppliers as trusted organisation to receive sensitive information and have visibility and control over their information even when it is in supplier’s network. e-Safe Compliance achieves this through the following steps:
Step 1: Supplier is added as a trusted organisation.
Primes add the supplier organisation as a trusted organisation in e-Safe Compliance to allow them access to sensitive information. The level of control and responsibility over sensitive information is configurable and can follow the agreed working model between Primes and supplier.
Step 2: Identify and classify sensitive data to be transferred.
e-Safe Compliance provides several means to identify and classify sensitive information to be transferred. This includes manually tagging or using automated means like placing it in a designated shared folder location.
Step 3: Protects sensitive information using encryption across multiple organisations.
Classified sensitive information is protected using persistent encryption. Information can then be transferred without decryption to the trusted supplier using any means like shared links, USBs and emails. The trusted supplier can access this encrypted information seamlessly and transparently without the need to apply any manual passwords or keys. Sensitive information remains encrypted and secure on supplier’s network and when being accessed or transferred back by them.
Persistent encryption ensures data remains protected in the event of a breach or loss and from unauthorised disclosure. In addition to this e-Safe’s encryption also applies access control on sensitive data protecting it from unauthorised access by both internal and external users.
Step 4: Monitors and alerts on the usage of sensitive data by suppliers.
With e-Safe Compliance Primes have complete visibility on the usage of their sensitive information by their suppliers, where it is being stored and if it is being handled in an insecure fashion. The system can alert Primes and suppliers in the event of a potential risky actions, breach or loss.
Step 5: Automates disposal of data handled by suppliers.
e-Safe Compliance maintains a complete registry of where sensitive data is stored and all its versions and copies. Once the contract is over Primes can use e-Safe to dispose of all copies of their information on suppliers’ network.
Comments
Gartner views e-Safe Compliance in the same light. Following are comments about e-Safe by Gartner’s head of their Data Leak Prevention research division.
“E-Safe’s approach seems to provide a simplified approach to identifying sensitive data, creating DLP policies and providing controls to ensure data is protected in accordance with policies. The integration of encryption and digital rights management solutions as part of the remediation framework simplifies deployments and offers medium and small organizations a means of deploying advanced security and protection features without the complexity of manually integrating complex solutions.”