Comprehensive software reviews to make better IT decisions
Symantec Now Has Zero Trust for Cloud DLP
Symantec recently announced new features for its Integrated Cyber Defense Platform (CDP) aimed at boosting data loss prevention (DLP) strategies in the cloud via zero trust technologies from Luminate, which was acquired by Symantec back in February. These upgrades are meant to address what Art Gilliland – executive vice president and general manager of enterprise products at Symantec – refers to as the “dissolu[tion]” of “[t]raditional network perimeters” that are occurring “as cloud technologies change the way we work.”
Because the cloud can be accessed from anywhere, it presents a particular challenge for organizational DLP. To combat this, Symantec is now using a zero-trust approach to cloud access authentication, which requires that users prove their identity and right to use the data before any access is granted, so that data cannot simply come and go from the cloud as it has sometimes done in the past. In theory, this should greatly cut down on accidental cloud-related data loss.
Check out the SoftwareReviews rating of this Symantec product: Accessed August 19, 2019
Symantec’s got an interesting approach with this one. This zero-trust model is definitely an improvement for decreasing data loss in the cloud, especially when it comes to accidental data loss resulting from privilege management issues (i.e. cases where people who don’t use sensitive data have access to it and don’t know how to handle it). However, these new features won’t be able to stop someone bent on maliciously leaking data to which they rightfully have access.
When it comes down to it, DLP solutions should be used to enhance a data classification program, not replace it. To protect your data properly, you need a full understanding of the sensitivity of your data. Without knowing this information, you won’t be able to decide who does and does not need access to such data.
Want to Know More?
Among the full set of features available in Zecurion’s new DLP product is the ability to perform user behavior analytics to help spot data loss events before they occur.
Zecurion has one of the most robust DLP products on the market and this fact was recently recognized by SC Magazine, who placed the product in its “pick-of-the-litter" category for DLP.
Kenna Security deployed their new data driven vulnerability management program, Kenna.VM and accessory program, Kenna.VI. Released on April 28th, Kenna.VM was created with the purpose to set service-level agreements (SLAs) with risk tolerance in mind.
We often hear that businesses are continually cyber insecure or under attack. However, recent penetration testing from Rapid7 shows that businesses are getting better at securing their networks against cyberattacks. While organizations continue to have exploitable weaknesses, attackers are having greater difficulty penetrating deeper into businesses’ networks.
Four zero-day vulnerabilities were discovered in IBM’s Data Risk Manager. While the vulnerabilities are concerning, more so is IBM’s response when addressed. The company simply stated, “It’s out of scope.” – meaning it had no intention to rectify or address the issue.
Will New IoT Security Frameworks Push Compliance Obligations to the Forefront of Security Discussions?
The Internet of Things is increasingly embedded with our daily lives. While these devices make life more accessible, for every new device, a new attack vector for cyberattackers is created.
Qualys VMDR Is Now Live: Increasing Security Threats Requires Strong Vulnerability Management Software
Qualys VMDR has hit the live market. Originally unveiled in February 2020 at Qualys Security Conference, VMDR is now publicly available as of April 16, 2020. Partnering with both large and small MSSPs, VMDR is designed to be scalable to any business enterprise and to automate the entire management cycle on all endpoints.
GTB Technologies has been recognized as “Best Data Loss Prevention Solutions Provider for 2020.” With organizations addressing digital transformation and a growing remote workforce, the risk of data breaches is increased from both insider and outsider perspectives.
Microsoft’s end-of-life support for Windows 7 has run into its first set of issues with its extended security updates (ESUs). Administrators who paid for the ESU found out their downloads are not applying.