• All
  • Company
  • Industry
  • News
  • Partners
How Do I Protect My Digital Assets?

A Guest Blog Post by Watchful Software.

May 27, New York Times:
Jawbone Accuses Fitbit of Stealing Information by Hiring Workers Away

June 1, Credit Union Times:
Email Data Breach Costs $1.3 Million

September 23, Becker’s Health IT &CIO Review:
Insider data breach: Former CVS employee compromises data on nearly 55k individuals

The headlines say it all!  CISO’s and CSO’s are constantly telling us this is what keeps them awake at night!

  • How do I protect my company’s sensitive unstructured data against a data breach?
  • How do I prevent my company’s sensitive information from walking out the door with current and former employees?
  • How do I prevent both the insider threat and the externally breach?
  • How do I prevent widespread damage to my company’s business when a data breach occurs?

Watchful Software created RightsWATCH to address all of these issues.  Hacking the perimeter, data breaches, whether malicious or non-malicious, whether from an insider or from an external source, all are addressed by RightsWATCH keeping your unstructured data protected at all times.

RightsWATCH takes a data-centric approach to protecting your unstructured data (such as emails, documents, spreadsheets, engineering drawings, etc.) and in protecting against Data Leakage, enforcing compliance through an automated data classification process without interrupting the user’s normal work flow.

RightsWATCH follows a 5 step approach to protecting your company’s sensitive data as follows:

  • RightsWATCH identifies data to be secured at creation with content and context awareness using its Dynamic Classification Engine supported by rules-based policies. All of this information is encapsulated in metadata and aligned with the data itself.
  • Classification is the corporate policy’s key element customized through assigned rights and based upon access privileges and usage.
  • RightsWATCH also provides the user with the capability to place watermarks, set up control headers and footers, and fully attach identifiable metadata.
  • RMS through templates generated by RightsWATCH manages all of the data access rights. RMS encrypts the data, completing the protection process and tying all access to the user with proper credentials. Based upon corporate policy rules, RightsWATCH can also warn and block against an accidental email transmission to an external user preventing the unwitting passage of data outside the corporate perimeter.
  • Once the data is secured, classified and identified, all activity associated with that data is logged and cataloged into a centralized database for tracking and reporting. The central management console provides the user with information necessary and sufficient to construct a regulatory compliance practice.  And this data can also be exported for more detailed forensics with Security Information and Event Management (SIEM) software.

RightsWATCH protects unstructured sensitive data from being accessed by those who are not authorized to have it.  RightsWATCH is the solution which both addresses the insider threat and the external data breach.  In the event of either a malicious or non-malicious breach, your sensitive unstructured data is secured from access by those who should not have access to it.  RightsWATCH is currently installed in leading world banking operations; is being used by leading semiconductor manufacturers; is installed in the Oil and Gas industry; has extensive exposure in Healthcare, Telecommunications, Transportation and Defense.  RIghtsWATCH is the CISO’s and CSO’s real answer allowing them a restful night’s sleep!

Sophos Guest Blog: Got encryption? Consider these 6 things to choose the right encryption solution

With the proliferation of data and the need to access it from anywhere at any time, encryption is rapidly emerging as the best place to start your data security strategy.

Despite some common ideas about encryption that it is too complicated to implement or too much of a hassle to manage, that’s not the case with the right encryption solution.

Below are six key aspects to keep in mind while choosing the right encryption solution for your organization.

1. Usability: A security product that’s too complicated to use doesn’t offer very much security at all. An encryption solution needs to be comprehensive yet simple: it should protect data everywhere – at rest, in use, or in transit – but shouldn’t take up too much time or IT resources to implement and manage.

Look for an encryption product that’s easy to set up and deploy, with an intuitive management console. It should also allow for simple key management and enforcement of your data protection policy.

2. Multi-platform: Find a solution that covers all types of encryption, including for multiple operating systems like Windows, Mac, Android, iOS.

3. Adaptability: You ideally want a solution that protects your data without getting in the way of daily work. Your encryption solution should adapt to your organization’s workflow – not the other way around.

4. Independent endorsements: Before making a decision, look at what others are saying about a product. Make sure whatever company you choose for your encryption needs has strong third-party endorsements from industry analysts, reviewers and customers.

5. Scalability: As you grow your business, you need an encryption solution that grows with you.

6. Proof of compliance: In the event that the worst happens and your data is compromised, encryption makes it unreadable and unusable by data thieves. If you work in a vertical or location that has specific data protection laws or regulations, auditors will require proof that the data was encrypted.

Learn more about how encryption can work for you, and how to choose the right encryption product. Check out our free and easy-to-understand guide to encryption, fun videos showing you why you need to encrypt, and a comprehensive encryption solution buyers guide at sophos.com/encrypt.

We would like to thank Sophos for providing this Guest Blog Post. The article featured above originally appeared on Sophos Blog.