If you look around, you will find hundreds of examples of data security being breached. Even large and well-established organizations with highly skilled and qualified staff and multiple layers of security are not safe. One just has to look at breaches at TJX Companies (94 million credit card details lost). Heartland Payment Systems (134 million credit cards exposed), RSA Security (40 million employee details lost) and Department of Veteran Affairs (26.5 million veterans and serving military persons affected) to realize that the enormity of the problem.These breaches carry a lesson for us. Well-established organizations are still struggling to protect their data because they are not focused on data. They protect everything else – the network, the perimeter, endpoints and the servers. This worked fine many years ago when the entire IT infrastructure was company owned and proprietary. Today’s businesses collaborate to compete and with the proliferation of cloud applications, smartphones and tablets data is no longer confined to a secure zone. Businesses are simply not keeping up with the threat and are paying the price for it.Historically, IT security specialists have tended to add security layers to solve the problem of data security. Lets us look at how this happened down the years:
- Late in the last century, we relied on the https protocol to set up a secure channel. While this ensured data security in transit, sensitive information was left unprotected once it reached its destination. Often it was even stored in clear text.
- Early this century, attackers shifted focus to attacking credentials instead of the transport layer. This led to phishing attacks that still continue today.
- In the last few years, we have shifted to multi-factor authentication and biometrics, but data still gets stolen.
Over the last few years, our security systems have focused on making it difficult for an attacker to reach critical data. Some would say that even this has not happened. As a result, the ordinary user is increasingly wary of the security of the Internet. Solutions that may have worked a few years ago are passé now. Surrounding data with layers of protection does not function anymore because at some stage the data has to be worked upon and it has to be shared. Once this happens, we lose tight control over our data and may no longer be able to say where it goes and where it resides.
Therefore, it is the data that has to be protected. We need to invert the protection model and protect the data while assuming that a breach will occur. CloudMask works with this premise – data protection under breach. If the threat has evolved, doing more of the same old things will not solve the problem. If we have to get people to trust the Internet again, we have to evolve better security systems and start by protecting our data.
If traditional security has hit limits, you need a solution that is innovative and that can cater to newer threats. Consider CloudMask; it is built to handle just the kind of threats that are emerging today.
Read “Data Protection and the new security paradigm”
With CloudMask, only your authorized parties can decrypt and see your data. Not hackers with your valid password, Not Cloud Providers, Not Government Agencies, and Not even CloudMask can see your protected data. Twenty-six government cybersecurity agencies around the world back these claims.
Watch our video and demo at www.vimeo.com/cloudmask
