Cloud Content Governance: Egnyte’s Approach to Data Security
Are our systems secure? Is our valuable content safe? These are tough questions to tackle when news headlines regularly bombard us with messages of cyberattacks and security breaches. Centrify, a zero-trust and privileged access management provider, reported that 71 percent of business decision-makers are concerned that the move to remote working creates a significant increase in the risk of cyberattacks. And that risk increases the longer workers remain connected via their personal access points while working away from the office.
The team at Egnyte pays close attention to these concerns and has carefully studied the common causes of data breaches, ransomware, and other threats to understand the elements that put content and systems at risk.
Egnyte has been designed to address the very real day-to-day requirements of system and data governance necessary to keep content safely and accurately managed. Egnyte’s platform is also designed to enable compliance with the many laws, rules, and data management requirements of today.
Securing business-critical and sensitive content
In addition to the potential theft of valuable and private information stored within your content repositories, data breaches and other forms of cyberattacks create additional risks. When security does not match compliance frameworks, audits can leave companies with fines and restrictive penalties. Damage to company reputation and the risk of customer flight are also key concerns. And perhaps, most importantly, there is the regret of having let down customers who have trusted your company with their data.
But cyberattacks are not the only threat. In the traditional in-house managed enterprise, internal threats have wreaked havoc, cost companies millions of dollars in loss of data and intellectual property, and have even ruined systems. These attacks tend to mimic normal operations and usage and are therefore difficult to detect. If an employee leaves or is terminated by the company and is not immediately removed from the organization’s LDAP or Active Directory, they can—in a very short time—do massive damage, including:
- Downloading megabytes, terabytes, or even petabytes of valuable company intellectual property.
- Stealing the protected, personally identifiable information (PII) of customers.
- Deleting valuable files, directories, and even entire drives of data without which the company cannot conduct day-to-day operations.
- Enabling a third party to impersonate a terminated/departed employee.
Departed employees are not the only threat. Many IT departments have no dedicated system logic—or even a human-directed effort—to spot-check the patterns of unusual or dangerous activity described above being carried out by employees in good standing in the organization.
Removal from LDAP/Active Directory repositories and/or revocation of role-based permissions can take hours and even days. The above types of damage can be perpetrated very rapidly with today’s high-speed USB devices. Nefarious deletion can occur in minutes if the employee in question has the right kind of role-based permissions.
Egnyte brings immediate security improvements and delivers a robust context that minimizes the data and content risk of the traditional in-house managed enterprise. The platform supports immediate de-activation of accounts, real-time monitoring of system use, and can flag unusual user behavior in time to intervene before any serious damage is done.
Cloud content governance
In Egnyte, user authentication via two-step verification and encryption of data and content—both in transit and at rest—is the foundation for smart governance that strictly defines and enforces boundaries of how data is being accessed and used. The Egnyte Platform is vetted through continuous security auditing and simulation of penetration attacks, as well as manual and audited code reviews as specified in Static Application Security Testing (SAST) and Dynamic Application Security Testing (DAST). But most importantly, governance is embedded in the Egnyte Platform, as it guides users to select rules related to permission management, monitoring, and data repository access in a way that is easy to understand and adapt to individual teams and company needs.
A framework for compliance adherence
Security and governance—built into the Egnyte Platform—are essential elements that keep an organization in compliance with the many data and content rules that exist in the array of compliance frameworks that impact digital business operations.
Egnyte automates the discovery of sensitive data across your largest data repositories, including inside Egnyte, as well as popular data sources such as OneDrive, Windows File Server, SharePoint, Amazon S3, Google Cloud, GSuite, Box, Microsoft Azure Blob, and generic CIFS/SMB repositories. Egnyte speeds the process of data discovery by scanning and classifying files using both out-of-the-box classification policies based on regulations like GDPR and HIPAA, and custom policies tailored to your business. Egnyte offers the fastest time-to-value in the market: flip a switch and start discovering sensitive data immediately.
The General Data Protection Regulation (GDPR) is complex and the Egnyte Platform expressly supports the rapid location and compliant handling of a specific person’s data in response to GDPR Subject Access Requests, as well as compiling the data necessary to provide Breach Notification within the defined timelines.
Egnyte’s Platform also supports compliance with the California Consumer Privacy Act and related state-level rules, which are now in effect and will help minimize your organization’s risk for violations and related fines. The Egnyte team is actively watching emerging regulatory requirements, like the next generation of the Health Insurance Portability and Accountability Act (HIPAA), and other global data handling laws and statutes in order to enhance the Egnyte Platform with tools for compliance with new rules as they emerge.
The language of GDPR also states that personal data may be retained in easily identifiable formats for the time necessary to process that data. No set time period is specified, but companies are still responsible for adhering to a reasonable interpretation of this requirement. The Egnyte Platform gives users a flexible way to create document and data retention, deletion, and archival settings with Content Lifecycle settings. Retention policies let administrators retain specific files automatically based on matches to classification policies or folder locations. Files covered by multiple retention policies are retained according to the policy with the most extended retention period.
The confluence of security, governance, and tools that support present and future compliance are core to the Egnyte Platform and what gives it the ability to manage a company’s data, content, and systems versus the traditional in-house managed enterprise or other so-called “secure cloud” environments.
Learn more with our Data Trends Report, which provides insights on data governance trends from 400 CIOs and IT leaders.
Photo by Patrick Baum on Unsplash