Data Protection Solutions

Data Protection

Financially motivated threats continue unabated across the globe targeting banks and other financial organizations. Most of these attacks target stealing financially relevant information including credit card, debit card details, customer account information required to embezzle money from accounts of unsuspecting users. These incidents have far reaching and long lasting impacts, from tarnished brand image and loss of customer's trust, to financial losses, litigations and frauds. Though important, conventional security measures such as Firewalls, AntiVirus, IPS etc, will not be sufficient in protecting 'Data' in an environment where, data is travelling beyond organization boundaries, there are many users, many repositories and data size is growing exponentially. The number of possible threats and ways to steal information is staggering.

Today the need is to enhance security with a focus on "Data Protection". Controls are needed to secure data throughout its life cycle, from creation to destruction. At Paladion we understand the importance of Data Centric Security, and offer our solutions and services to help organizations protect their business confidential data and comply with standards and regulations. Some of the data protection solutions which we are offering to the customers include,

  • Data Leakage Prevention (DLP) Solution
  • Data Classification & Labeling Solution
  • Database Activity Monitoring (DAM) & Security Solution
  • Data Rights Management (DRM) Solution
  • Data Encryption Solution
  • Data Masking Solution
i. Data Leakage Prevention (DLP) Solution

A DLP solution is a strong technical control to prevent leakage of sensitive business data from corporate environment. DLP is a unified solution to Discover, Monitor and Protect data across Network, Endpoint and Storage systems, whether the users are on or off the corporate network. A DLP solution enables companies to protect confidential data such as customer identity and account information, intellectual property, financial results—assisting them in demonstrating regulatory compliance while protecting customer trust and the company brand. The DLP solution does deep content inspection and contextual security analysis of transaction (attributes of sender, data object, medium, recipient/destination etc) within a centralized management framework to prevent data leakage. To summarize here are the key benefits of DLP solution,

  • Identify sensitive data across IT infrastructure
  • Monitor how employees use sensitive data and block sensitive data loss activities
  • Educate employees in real time about data security policies
  • Demonstrate data leakage risk reduction to management

We have successfully implemented DLP solutions at large enterprises. Our optimized implementation methodology, structured deployment process and capabilities to define accurate policies will help you derive maximum benefit out of the solution. In addition you can avail our managed services to monitor DLP alerts and manage the solution.



Data Classification Solution:  In any Data Protection initiatives the first step is to identify and classify the data. Data Classification helps in understanding the kind of data one has, the location, sensitivity & help in taking appropriate measures. Data Classification also helps in effective implementation of Data Leakage Prevention and Information Rights Management solutions.

To automate the entire activity of Data Classification, Paladion has partnered with some of the leading Data Classification solution providers. Some of the unique benefits one derives out of it are:

  • Data Classification being performed at the User Level
  • Protective Labelling
  • Policy verification
  • Assist in meeting compliance standards
  • Complement the related technologies like DLP & IRM


ii. Database Activity Monitoring (DAM) & Security Solution

For many data breach incidents, Databases have been prime Targets. Because that's where the money is, in the form of proprietary company information or customer specific information. Securing databases is complex, and controls such as authentication and authorization checks alone may not be sufficient. Recent breaches are also driving increased focus on regulatory compliance and many regulations consider database access auditing as a key control.

A DAM solution protects against potential data breaches by monitoring all access to database, looking for malicious, suspicious activities, data anomalies and alerting or blocking policy violations. A particular benefit is ability to audit database activities without relying on native auditing facilities of the database. It even allows auditing of all activities carried out by privileged users such as DBA. Apart from activity monitoring DAM solutions also provides capability to discover sensitive data, perform vulnerability assessments, change management, user rights management etc. We have implemented and are managing the DAM solutions at large enterprises.



iii. Data Rights Management (DRM) Solution

Today most organizations need to share data with entities outside the organization, with customers, partners, service providers etc. This growing need to collaborate and outsource is also increasing the risk of data breaches. The shared data can be misused and lead to various incidents. Organizations need to protect data confidentiality at all times to ensure security, comply with growing regulations and meet customer expectations of privacy.

A Data Rights Management (DRM) solution provides the ability to control access to data, secure and track sensitive data wherever it resides—inside or outside the firewall. DRM enhances document security by applying rights for who can view, edit, print, forward information, ensuring that sensitive information remains secure as it is shared both internally and externally. DRM helps to proactively protect business confidential data or intellectual property from being misused. It restricts confidential information to only certain individuals and helps ensure secure collaboration.

Following are some of the key features of a DRM solution,

  • Provide persistent protection various kinds of documents with cryptograpy
  • Access to a protected document will be available only to authorized users, irrespective of where the document resides
  • Set fine-grained permissions that define exactly what an authorized user can do with a protected document
  • Audit each recipient's use of a protected document and know whenever a document has been viewed, printed, copied, modified, and more.


iv. Data Encryption

Sensitive data may reside in various formats, as structured data in Databases or as unstructured data in the form of documents, files etc. Unencrypted sensitive data can be accessed by unauthorized users and misused by them, which may lead to various incidents. Protecting data confidentiality with encryption is an important requirement both for security as well as compliance to various regulations.

Here are some of the key encryption solutions that we implement for securing data

Database Encryption – To encrypt column data in various types of databases. This solution does not use native encryption facilities and hence does not affect database performance. The security and manageability is also enhanced as a common solution is used to encrypt multiple databases and the encryption keys are stored outside database in a secured repository.

File and Folder Encryption – To encrypt sensitive files on servers as well as end points, so that only authorized users can access them.

Full Disk Encryption – To implement disk level encryption, which protects data-at-rest on the hard drives of desktop and laptop computers.

Email Encryption – To encrypt emails with sensitive data.



v. Data Masking

Enterprises may need to share data with various constituents while also protecting the sensitive aspects of the data. Masking data means replacing certain fields with a Mask character (such as an X). A data masking solution provides protection to data by masking it, which can be either dynamic or static. Dynamic masking protects data confidentiality, on the fly, when data is accessed.

Some of the scenarios where data may have to be masked include the following but there can be many more,

  • While giving access to customer data to customer support personnel (dynamic masking)
  • While copying production data into non-production environments for the purposes of application development, testing or data analysis (static masking)
Download brochure PDF

Case Study

Project - Holistic & Continual Security Management. The client is a fast-growing private sector retail bank. Ensuring security of banking transactions and customer privacy has been a norm for the bank since its inception.

View Case Study

Testimonial

“I was very pleased with the overall effort of the Paladion Networks team. They provided qualified..”
Bill Dziwura,
Executive Officer/CIO
Office of the Pardon Attorney
Department of Justice, USA

All Testimonials

Plynt

Paladion tests and certifies your application against security risks.300+ Organizations in 25 US States & 15 Nations worldwide benefit from Plynt Security testing program.

Visit Plynt site