Data “in use” has been guarded by many, but successfully protected by none, until now…

Data breaches can be devastating to an organization from legal, financial, customer trust, and brand points of view.  The asymmetric playing field allows attackers to exfiltrate large amounts of data from organizations in an automated manner by attacking the “weakest link” in an organization, while the organization has to protect all its attack surfaces.

Encryption is a mature technology and has gotten stronger over time. Strong encryption protects data “at rest” and “in transit”, but so far, the industry has no way to protect data “in use”, for example when the data is opened by an application running on a compromised computer.

As a result data breaches happen:

By Humans (malicious insiders / human error).  Technical malicious insiders aiming to steal data can upload files out of the organization or use tools such as debuggers to access memory where unprotected sensitive information “in use” resides. Similarly, human error can result in accidental Data Breaches.

At Endpoints (encrypted data that is decrypted by applications in memory).  Unencrypted data in application memory can be easily stolen by kernel mode Rootkits and user mode malware, which can read the data out of memory.  A classic example of this technique is RAM-scraping malware that steals credit card information on Point-Of-Sale systems.  POS malware and other data exfiltration malware is often stealthy and can go undetected for days, months or years, collecting intelligence on the target organizations.

Data can be easily exfiltrated from current:

  • DLP-Data Loss Prevention
  • IRM-Information Rights Management.   (ask us to show you how easy it is to bypass them).

Another common trend in the DLP and antivirus industry is to attempt to detect, classify or analyze data and behaviors. This trend is destined to fail because it does not consider that attackers are innovative and adaptive and are constantly changing their Tactics, Techniques and Procedures to evade security products’ behavioral and heuristic analysis.

Therefore, current DLP/DRM/IRM solutions in the market:

  • are vulnerable to anomalous attack patterns and Steganography
  • cannot generically protect your data “in use”

Is your cloud trustworthy?

Your valuable data residing in the cloud may be encrypted in transit between you and your cloud provider, but how do you manage encryption on the files at rest?  Clouds can be breached and cloud providers might not be fully trusted.

Stay ahead of the threat with proactive hardware-enforced security.

See our “Advantages” page to understand how A1FILO is unique.




WordPress Lightbox