Your data is at risk. That's a cold hard fact of today's computing environment Cybercrime is expanding at an alarming rate. And the threat can come from anywhere - hackers attacking your networks or employees copying data right from their own computers. ConnectingBlox has long recognized the wide variety of threats and helps our customers mitigate those risks. We offer services and consulting for complete data protection - from firewalls and anti-malware to encryption, data leak prevention (DLP) and vulnerability management.
Understanding the Risks
You have a business to run. You can't be expected to stay up on all the latest threats to your company's networks and data. That's a full time job all on its own. ConnectingBlox spends countless hours sifting through threat reports, examining malicious code and even studying psychology texts to understand the mind of cyber criminals. We apply everything we learn through all those hours to the protection of our customers. We make it our job to understand the risks and take steps to mitigate them.
Encrypting Your Data
Encryption is a good way to protect your data. When considering encryption it is important to know the difference between at-rest and in-transit data.
- Encryption at-rest
- Data is encrypted as you write it to your storage (hard drives, network shares, flash drives) and only users or computers with the correct key can read the files. Volume and container encryption software and self-encrypting hard drives are examples of at-rest encryption. It is a cost effective and simple solution that fits most business needs.
- Encryption in-transit
- Data is encrypted by your computer before it is sent over the network to another computer - it can only be decrypted and used if the other computer has the correct key. The most common use of in-transit encryption is SSL certificates on web sties or SSL-VPN connections to remote offices. In-transit encryption of data on your company's local network can be costly and unless there is a specific compliance or trade-secret requirement ConnectingBlox doesn't typically recommend total in-transit encryption
Perhaps the most critical data point for encryption is also the most overlooked - email. Millions (maybe billions) of pieces of sensitive data are transmitted via email daily. Even if those email are only sent to people within your company, chances are they still leave your network. Hosted and cloud-based email always leaves your network, many employees receive their email on mobile devices or through web interfaces at home or even at public computers, and often those employees are connected to unprotected WiFi networks in public places. As a result there are many opportunities for cyber criminals to grab data from your emails. Some industries have taken to regulating email use and requiring encryption. ConnectingBlox can help you select the appropriate encryption solutions for your email.
Data Loss Prevention (DLP)
As much publicity as hackers and malware get, the majority of data theft is actually perpetrated by insiders. Data Loss Prevention (or DLP) is designed to stop these crimes - and as a result also helps prevent data theft by hackers. DLP is driven by your business rules which classify data and determine what users are allowed to do with that data. DLP rules can be used to prevent corporate emails from being forwarded to outsiders, prevent files from being sent to public cloud sites such as DropBox and even prevent users from copying data to and from USB drives connected to their computers. ConnectingBlox has been at the forefront of DLP from day one. We were writing tools to prevent use of USB drives long before there were commercial DLP suites and as the tools become more commonplace and user-friendly, we have built relationships with leading DLP vendors to offer our customers the best possible solutions and services to protect valuable data assets.
Risk & Vulnerability Management
Like everything else in technology, threats evolve and change. New vulnerabilities are uncovered on a daily basis and criminals are constantly becoming more savvy. That's why a Risk & Vulnerability Management plan is now a critical tool in preventing data loss and theft. Risk & Vulnerability Management encompasses your entire computing environment and helps plan for and mitigate potential attacks. A typical Risk & Vulnerability Management plan includes:
- Agents on corporate owned computers to scan for insecure software, uninstalled operating system patches, and out-of-date (or non-existent) anti-virus software
- Implementation of a DLP system
- Periodic reviews or firewalls and perimeter security devices and rules
- Periodic penetration tests to verify the strength of your perimeter security
- User training on safe computing methods
When your company requires compliance to a standard that includes technology, ConnectingBlox can provide assistance in navigating technical requirements and implementing compliance solutions. We have worked with compliance rules in a variety of industries and can help you achieve and maintain compliance with standards such as:
- 21 CFR Part 11
- HIPAA / HITECH
Our Preferred Solutions
ConnectingBlox has partnered with Jetico to provide best-in-class encryption solutions. The Jetico product line includes whole-disk and volume encryption as well as tools to securely wipe data from drives as they are taken out of service. Easy to use tools, solid performance and reliability at a reasonable price make Jetico products an excellent choice for encryption needs.
Websense has long been an industry leader in web security. The Websense product line includes comprehensive web, email and DLP solutions packaged as easy to install appliances and software which can be deployed on your own servers or in your cloud environment. Websense also offers best-in-class content filtering products and eDiscovery solutions.