8/9/2019 Sentrycom Releases Data Centric Security Suite Dealing
With the Falure to Keep the Bad Guys Out
1/3
PR Log - Global Press Release Distribution
SentryCom releases data-centric security suite , dealing with
the falure to keep the bad guys out.
By Dr. Eli Talmor, CEO SentryCom Ltd.
Dated: Jun 10, 2010
Traditional security have relied upon guarding the perimeter of
a companys network. Businesses realize
that rather than continuing to add layers of security, its more
effective to protect critical data , regardless
of where it resides or moves.
IT security professionals engaged in a game of cat and mouse
with hackers . As fast as they deploy security
countermeasures, these rogue elements discover loopholes or
entirely new avenues of attack.
Traditional security methods have relied upon closely guarding
the perimeter of a companys network. The
continuously escalating and mutating threat environment has led
many firms to layer security
countermeasures one upon another; starting with firewalls,
companies have added intrusion detection and
prevention systems, malware filters, client-side firewalls, and
encrypted network tunnels. Networked
business can create a virtual fortress around its infrastructure
but still must share information with mobileemployees, external
business partners, and remote customers. This fortress is not
providing business with
the adequate level of security and stopping from hackers preying
for sensitive data.
In most organizations, 70-90% of business data is in an
unstructured or semi-structured state and recent
research indicates that only 23% of organizations feel this data
is properly protected. Unstructured data
includes files of any kind such as office documents, images,
videos and so forth, not to mention the
billions of emails and instant messages generated every day.
Much of this is sensitive data, such as
personally identifiable information (PII) and intellectual
property (IP) that must be protected with
appropriate measures.
Another challenge of unstructured data is that the data must
support multiple distribution needs: from
enterprise servers, to laptops, to USB drives, through email or
on top of cloud storage.
Many businesses now realize that rather than continuing to add
layers of infrastructure security, its more
effective to protect critical data throughout its life cycle,
regardless of where it resides or moves. This
concept of protecting data rather than devices is known as
data-centric security.
Data-centric security must provide data protection at rest
(storage) and transit. The unstructured data that
requires protection is encrypted before it is transferred or
stored.
Paul Stamp from Forrester Research said that: "In an evolving,
more complex business and IT
environment, organizations need to work toward a more
data-centric approach to protecting the most
sensitive information. Sensitive data needs to be encrypted as
close to its point of creation as possible, and
decrypted as close to its point of use as possible."
In practical applications the point of creation is one user's PC
and point of use is same user's PC or other
user's PCs. Data is created and used in decrypted form only,
using computer software residing on user'sPCs. Therefore for
security reasons - decrypted data must be manually destroyed after
creation and/or use.
Any data-centric technology must include: data rights
management, real-time strong authentication and
encryption.
Not everyone is a technology guru. Most users concentrate on
getting their work done, not on the
underlying technology powering that work. And when security
solutions are deemed too difficult to use,
many users will circumvent the solution as well as the security.
Data rights management and strong
authentication require user intervention and therefore cannot be
transparent. The issue is how easy these
steps for users. Reviewing the example below:
http://www.sentry-com.net/files/SecureContentDecrypt_2FA.swf
we see that creating encrypted file, includes the steps of:
1.choosing file for encryption,
2.defining rights management rule
3.defining file sensitivity (medium or high)
Page 1/3
http://www.prlog.org/http://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/
8/9/2019 Sentrycom Releases Data Centric Security Suite Dealing
With the Falure to Keep the Bad Guys Out
2/3
PR Log - Global Press Release Distribution
and takes ~15 sec of user's time.
Deleting decrypted file after encryption will take another ~5
sec of user's time.
In order to prepare for use and decrypt the encrypted file we
will take the steps of:
1.choosing file for decryption
2.user's strong authentication.
which takes ~10 sec of user's time.Deleting decrypted file after
viewing will take another ~5 sec of user's time.
So encrypting/decrypting routine of medium to high sensitivity
files will take ~20-25 sec.
Overall this scheme is applicable across the board, independent
of enterprise infrastructure and for any
type of unstructured data.
What is missing from this discussion: transaction-based data.
Transaction-based data must be protected in
real-time, from being modified by malware and not only from
being stolen. This needs to be dealt with
separately.
Last year there were more online bank robberies than there were
actual on-site bank robberies .Many
consumers suffered ID theft and decided to abandon Online
Banking altogether.
Gartner analysts published in December 2009 that all existing
means of strong authentication are
inadequate to protect transaction integrity - for simple reason
that Trojan horse malware resident on our
infected PCs circumvent existing means. Nearly 50% of PCs
worldwide are infected with some sort of
malware.
Therefore US regulators and FBI recommend that all financial
activities will be performed only from
dedicated computers. Obviously this is short-term solution. The
need exists for long-term malware-resilient
solution to the problem.
Our solution is based upon Software-as-a-Service, capable of
coping with malware infested environment. It
includes data verification module that ensures that What you See
is What you Sign, Strong Authentication
that ensures the identity of the person signing transaction and
Advanced Electronic Signature that ensures
transaction integrity in transit and at rest.
Our solution is generic and is applicable to Banking transfers,
E-commerce purchases, Insurance claims,Healthcare prescriptions,
E-Gov voting.
This solution is 2 part : user signing transaction as shown
below:
http://www.sentry-com.net/files/2FA_demo3.swf
and service provider (bank, e-commerce site , etc) authorising
transaction as shown below:
http://www.sentry-com.net/files/TransactionVerification.swf.
For presentation summary of data privacy trends and data-centric
solution see :
http://www.youtube.com/watch?v=nnozOeZ01uE.
###
SentryCom is a SaaS and "on-premises" provider of user-friendly
solutions for data-centric security ,
transaction verification and ID Fraud prevention, using
proprietary and patented Strong Authentication and
Crypto technologies,reducing ID Fraud revenue losses and at the
same time reducing the cost of ID Fraud
prevention.SentryCom technologies are protected by US patents
7,689,832,5,913,196 and 6,510,415.
Category Computers, Internet, Security
Tags data-centric security, enterprise it security, granular
authorisation., transaction verification
Email Click to email author
Phone 972-4-8342392
Fax 972-3-7255867
Address POB 56263City/Town Haifa
State/Province Haifa
Page 2/3
http://www.prlog.org/http://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://cat-computers/http://cat-internet/http://cat-security/http://cat-security/http://tag/transaction-verification/http://www.prlog.org/email-contact.html?id=10723695http://tag/transaction-verification/http://tag/transaction-verification/http://tag/transaction-verification/http://il%2Chaifa%2Chaifa/http://il%2Chaifa/http://il%2Chaifa/http://il%2Chaifa%2Chaifa/http://tag/transaction-verification/http://tag/transaction-verification/http://tag/transaction-verification/http://www.prlog.org/email-contact.html?id=10723695http://tag/transaction-verification/http://cat-security/http://cat-security/http://cat-internet/http://cat-internet/http://cat-computers/http://cat-computers/http://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/
