Protecting the Perimeter: Egnyte at the WSTA
A couple of weeks back, I found myself way outside my normal routine: suited up and on stage at the Yale Club in New York.I presented at the Wall Street Technology Association seminar, which was centered around “Assessing Cybersecurity Business Risk and Managing Threats”. My talk, which closed the day, discussed a variety of security strategies to implement when enabling content collaboration.It’s fitting that the topic was security, particularly its ongoing voyage from the server room to the courtroom. If you wanted to start a heated debate in a room full of people, especially a room that includes a majority of folks involved in finance and security, ask them where they stand on the government being able to unlock an iPhone.In a sea of security threats, from cybercrime and internal breaches, to government surveillance and requests for data, to full-on cyberwarfare, the government has evolved its own version of Silicon Valley scrappiness. That’s what it took for the FBI to hack the San Bernadino shooter’s iPhone.In a climate like this, it’s pretty logical that a highly regulated sector like Wall Street needs to be educated on a topic like cloud integration, which has been historically . For every security expert who thinks the cloud is cool and wants to embrace it, another doesn’t trust it at all.Just look at the numbers. According to the Identity Theft Resource Center, 77 data breaches had been recorded in 2016 as of March 22nd. More than 4.6 million records were exposed.The business sector accounts for the largest number of breaches, with 82 incidents exposing 365,000 records this year. The healthcare sector suffered 63 data breaches, exposing more than 3.82 million records.Of most interest to the people in the WSTA, however, is the four data breaches in finance that compromised more than 4,000 records. That brings us to the crux of the current situation: how do we keep people out of the perimeter?The definition of perimeter itself has changed. With everyone working remotely, companies operating multiple offices, and device variety exploding, we’re left with a much larger surface area for attacks and breaches.Mobile is a fact of life. Unfortunately, wireless will never be as secure as hard-wired, at least not in the foreseeable future.While the workplace itself has evolved, rules and policies still live in the paper era. The rise of shadow IT creates blind spots within IT that affect all departments.Protecting the perimeter means making data simultaneously available and secure with a file sync and share solution designed with the enterprise in mind. Consumer-driven solutions just don’t have the built-in controls that enterprises need to mitigate risk across all devices.Step one is data security and access control. Just having the door locked and alarmed isn’t enough. Organizations can, for instance, encrypt data at rest. That way even if someone were to gain access, they wouldn’t be able to read anything.With Egnyte, customers can deploy granular file controls for sensitive materials. Our customers use preview-only links that prevent downloads, printing and copying. They can take advantage of detailed tracking for complete visibility into the activity around these files.To secure the perimeter, we also have to secure how devices interact with the network. IT needs to be able to remotely secure or wipe data from any of an employee’s devices.I concluded my presentation by diving into three case studies:A large insurance and asset management company offers a diverse range of financial services solutions. Egnyte enabled wealth planners to collaborate with clients on their portfolios using secure “workrooms.” Sensitive documents were shared, but remained secure.Another large financial services company offered corporate health, wealth benefits, retirement planning, and brokerage services. They used storage sync to secure highly confidential information within their brokerage services for individual dealers.Or consider a large stock exchange. They needed full visibility and control over their content, while eliminating potential content leakage. Using Egnyte CFS, admins gained the ability to centrally terminate users, audit external sharing, and recover content if an external user deleted it.The WSTA’s members are a who’s-who of the financial services world. Unsurprisingly, their concerns with data protection and security are very familiar to us. If there’s one thing that delivering this keynote confirmed for me, it’s the universal importance of protecting the perimeter.