Upload
eligahu
View
216
Download
0
Embed Size (px)
Citation preview
8/9/2019 Sentrycom Releases Data Centric Security Suite Dealing With the Falure to Keep the Bad Guys Out
1/3
PR Log - Global Press Release Distribution
SentryCom releases data-centric security suite , dealing with the falure to keep the bad guys out.
By Dr. Eli Talmor, CEO SentryCom Ltd.
Dated: Jun 10, 2010
Traditional security have relied upon guarding the perimeter of a companys network. Businesses realize
that rather than continuing to add layers of security, its more effective to protect critical data , regardless
of where it resides or moves.
IT security professionals engaged in a game of cat and mouse with hackers . As fast as they deploy security
countermeasures, these rogue elements discover loopholes or entirely new avenues of attack.
Traditional security methods have relied upon closely guarding the perimeter of a companys network. The
continuously escalating and mutating threat environment has led many firms to layer security
countermeasures one upon another; starting with firewalls, companies have added intrusion detection and
prevention systems, malware filters, client-side firewalls, and encrypted network tunnels. Networked
business can create a virtual fortress around its infrastructure but still must share information with mobileemployees, external business partners, and remote customers. This fortress is not providing business with
the adequate level of security and stopping from hackers preying for sensitive data.
In most organizations, 70-90% of business data is in an unstructured or semi-structured state and recent
research indicates that only 23% of organizations feel this data is properly protected. Unstructured data
includes files of any kind such as office documents, images, videos and so forth, not to mention the
billions of emails and instant messages generated every day. Much of this is sensitive data, such as
personally identifiable information (PII) and intellectual property (IP) that must be protected with
appropriate measures.
Another challenge of unstructured data is that the data must support multiple distribution needs: from
enterprise servers, to laptops, to USB drives, through email or on top of cloud storage.
Many businesses now realize that rather than continuing to add layers of infrastructure security, its more
effective to protect critical data throughout its life cycle, regardless of where it resides or moves. This
concept of protecting data rather than devices is known as data-centric security.
Data-centric security must provide data protection at rest (storage) and transit. The unstructured data that
requires protection is encrypted before it is transferred or stored.
Paul Stamp from Forrester Research said that: "In an evolving, more complex business and IT
environment, organizations need to work toward a more data-centric approach to protecting the most
sensitive information. Sensitive data needs to be encrypted as close to its point of creation as possible, and
decrypted as close to its point of use as possible."
In practical applications the point of creation is one user's PC and point of use is same user's PC or other
user's PCs. Data is created and used in decrypted form only, using computer software residing on user'sPCs. Therefore for security reasons - decrypted data must be manually destroyed after creation and/or use.
Any data-centric technology must include: data rights management, real-time strong authentication and
encryption.
Not everyone is a technology guru. Most users concentrate on getting their work done, not on the
underlying technology powering that work. And when security solutions are deemed too difficult to use,
many users will circumvent the solution as well as the security. Data rights management and strong
authentication require user intervention and therefore cannot be transparent. The issue is how easy these
steps for users. Reviewing the example below:
http://www.sentry-com.net/files/SecureContentDecrypt_2FA.swf
we see that creating encrypted file, includes the steps of:
1.choosing file for encryption,
2.defining rights management rule
3.defining file sensitivity (medium or high)
Page 1/3
http://www.prlog.org/http://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/8/9/2019 Sentrycom Releases Data Centric Security Suite Dealing With the Falure to Keep the Bad Guys Out
2/3
PR Log - Global Press Release Distribution
and takes ~15 sec of user's time.
Deleting decrypted file after encryption will take another ~5 sec of user's time.
In order to prepare for use and decrypt the encrypted file we will take the steps of:
1.choosing file for decryption
2.user's strong authentication.
which takes ~10 sec of user's time.Deleting decrypted file after viewing will take another ~5 sec of user's time.
So encrypting/decrypting routine of medium to high sensitivity files will take ~20-25 sec.
Overall this scheme is applicable across the board, independent of enterprise infrastructure and for any
type of unstructured data.
What is missing from this discussion: transaction-based data. Transaction-based data must be protected in
real-time, from being modified by malware and not only from being stolen. This needs to be dealt with
separately.
Last year there were more online bank robberies than there were actual on-site bank robberies .Many
consumers suffered ID theft and decided to abandon Online Banking altogether.
Gartner analysts published in December 2009 that all existing means of strong authentication are
inadequate to protect transaction integrity - for simple reason that Trojan horse malware resident on our
infected PCs circumvent existing means. Nearly 50% of PCs worldwide are infected with some sort of
malware.
Therefore US regulators and FBI recommend that all financial activities will be performed only from
dedicated computers. Obviously this is short-term solution. The need exists for long-term malware-resilient
solution to the problem.
Our solution is based upon Software-as-a-Service, capable of coping with malware infested environment. It
includes data verification module that ensures that What you See is What you Sign, Strong Authentication
that ensures the identity of the person signing transaction and Advanced Electronic Signature that ensures
transaction integrity in transit and at rest.
Our solution is generic and is applicable to Banking transfers, E-commerce purchases, Insurance claims,Healthcare prescriptions, E-Gov voting.
This solution is 2 part : user signing transaction as shown below:
http://www.sentry-com.net/files/2FA_demo3.swf
and service provider (bank, e-commerce site , etc) authorising transaction as shown below:
http://www.sentry-com.net/files/TransactionVerification.swf.
For presentation summary of data privacy trends and data-centric solution see :
http://www.youtube.com/watch?v=nnozOeZ01uE.
###
SentryCom is a SaaS and "on-premises" provider of user-friendly solutions for data-centric security ,
transaction verification and ID Fraud prevention, using proprietary and patented Strong Authentication and
Crypto technologies,reducing ID Fraud revenue losses and at the same time reducing the cost of ID Fraud
prevention.SentryCom technologies are protected by US patents 7,689,832,5,913,196 and 6,510,415.
Category Computers, Internet, Security
Tags data-centric security, enterprise it security, granular authorisation., transaction verification
Email Click to email author
Phone 972-4-8342392
Fax 972-3-7255867
Address POB 56263City/Town Haifa
State/Province Haifa
Page 2/3
http://www.prlog.org/http://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://cat-computers/http://cat-internet/http://cat-security/http://cat-security/http://tag/transaction-verification/http://www.prlog.org/email-contact.html?id=10723695http://tag/transaction-verification/http://tag/transaction-verification/http://tag/transaction-verification/http://il%2Chaifa%2Chaifa/http://il%2Chaifa/http://il%2Chaifa/http://il%2Chaifa%2Chaifa/http://tag/transaction-verification/http://tag/transaction-verification/http://tag/transaction-verification/http://www.prlog.org/email-contact.html?id=10723695http://tag/transaction-verification/http://cat-security/http://cat-security/http://cat-internet/http://cat-internet/http://cat-computers/http://cat-computers/http://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/10723695.htmlhttp://www.prlog.org/8/9/2019 Sentrycom Releases Data Centric Security Suite Dealing With the Falure to Keep the Bad Guys Out
3/3
PR Log - Global Press Release Distribution
Zip 34989
Country Israel
Page 3/3
http://www.prlog.org/http://tag/transaction-verification/http://il/http://il/http://tag/transaction-verification/http://www.prlog.org/