By Sanjay Chetwani, Senior Director, Alliances & OEM at CipherCloud
With the adoption of technology across consumers and businesses, data as we know it will continue to increase quantity and value both. Today’s digital-first approach adopted by major organizations has elevated “Data” as the new king. This is the mantra that drives the tech industry. While data has become the single most important valuable commodity in the industry, the proliferation of the same poses a new challenge for organizations – how to protect the data from cybercriminals? There are two types of data that cybercriminals are interested in:
- Data that identifies customers or potential customers categorized as Personal Identifiable Information (PII).
- Data that describes processes, source code for a competitive product, company acquisition information or any data that is described as Intellectual Property.
Data is the foundation of business and technology growth
Data is changing the way we work, live, and play. Thanks to cloud applications, social applications, and IoT devices our personal data is easier than ever to collect and correlate with business applications melding our personal life with work life. Digital transformation over the last few years has also provided more credence to data by spurting a wave of cloud adoption. Organizations have an increasing amount of data that is inevitably increasing the need to store them in larger repositories. This alone is creating a new industry by driving the need for new technology such as big data analytics with machine learning and artificial intelligence to make sense of the data.
Data is driving cloud adoption
Data is not the most important driver of cloud adoption; it is the only driver of cloud adoption. For businesses and consumers alike, creating, sharing, and using information is the foundation of messaging, SaaS, and IaaS, creation, and adoption.
Data is a leading motivation driving cyber-criminal activity
The biggest exploits in the industry impacting businesses and consumers are data breaches. The value of data to cybercriminals such as nation-states, organized criminals, activist hackers, or general bad actors, is increasing every year and so are the exploits.
The shift to Data-Centric or Information-Centric Security
While we have built our industry-leading CASB+ platform to provide a holistic solution for everything from UEBA, DLP, Adaptive Access Control, Cloud Discovery, etc. there was a need to address data security issues at the source. That is regardless of the cloud (or not), application, device (mobile to the mainframe), organizations need a modern, scalable, plug-and-play best in class Encryption & Tokenization, Masking, and Rights Management which is on-demand, offered as a service and does not cost a fortune.
Enter DSaaS (Data security-as-a-service) ->
CipherCloud DSaaS (Data Security as-a-Service) solves this challenge by enabling your business to secure any data (incl. PII, PHI) through a frictionless API at the application level. Gone are the days of increased deployment complexity at higher technology stack levels. With CipherCloud DSaaS and its rich feature set and compliance standards, your business can integrate high-level data security practices despite business model complexity.
Built on our patented technology, DSaaS is way more than a run-of-the-mill API. We have built it for scale and speed in adopting use-cases involving Fintech, Healthtech, Industrial IoT, 5G-powered Telco, and in general hyper-connected, uber-gig economy, and enterprises with massive amounts of data generation at warp speeds and adding new clouds by the hour.
In reality, you needed a RESTful API which makes it a breeze to apply any masking (tokenization or encryption) for any data element while preserving the functionality of apps, systems and databases – backed by CipherCloud’s AES 256 technology battle-tested over 10+ years and operational at some of the largest banks, medical providers and more.
DSaaS Key Features:
- DSaaS inherently supports various data types and formats for PII, PHI, such as Phone Number, First Name, Last Name, SSN, Email, Credit Card Info, etc.
- 100% support for desirable features like Sort, Prefix, Suffix, search-ability, Case sensitive, etc.
- RESTful/SOAP APIs for both legacy and modern apps
- Built-in Encryption Key Management System (KMS), support for external Key Managers and vaults
- Included Information Rights Management protects files from unauthorized copying, viewing, printing, forwarding, deleting, and editing. Covers violations, quarantine, and DRM wrapper.
- Baked in Content Security DSaaS solution helps securely structured (field level) and unstructured (files and free-form text) data – i.e. any information really.
- Flexible deployment model – Cloud-delivered, on-premise, and hybrid
- Multiple Key Management Options Including BYOK & HYOK
With the overwhelming response we are seeing in a short amount of time since the Beta, we believe, DSaaS will pave the way to secure the data (network storage, cloud, structured, unstructured) in a manner never thought possible. The agentless nature of this offering will empower anyone to not only meet the compliance and regulatory requirements, but also data residency mandates. With the flexibility of a SaaS, hybrid or on-premise deployment, DSaaS will be one-size-fits-all as it brings the power of securing data (at the source) within reach while being future-proof to cover any new app, cloud or regulation or policy control.
Don’t wait for your cloud or SaaS provider to put the controls and be the guardian of the valuable data your customers entrust you with, instead take control and secure it before you move it, share it, and store it across, within and outside of your perimeter. That is perhaps the most optimal way to protect your data and ensure it doesn’t become part of the next breach.
According to Gartner, “Through 2025, 90% of the organizations that fail to control public cloud use will inappropriately share sensitive data”. The time is now to act on data security.
CipherCloud introduced the first CASB solution to the market in 2011 and continues to reshape the cloud security market. CipherCloud’s recognized data protection expertise forms the foundation for the industry’s only zero-trust CASB solution, providing seamless zero-trust security across all clouds with unified policies, trusted data protection, and automated compliance for the cloud-mobile era.
The post Introducing CipherCloud Data security-as-a-service (DSaaS) appeared first on CipherCloud.
*** This is a Security Bloggers Network syndicated blog from CipherCloud authored by CipherCloud. Read the original post at: https://www.ciphercloud.com/introducing-ciphercloud-data-security-as-a-service-dsaas/