KuppingerCole's Advisory stands out due to our regular communication with vendors and key clients, providing us with in-depth insight into the issues and knowledge required to address real-world challenges.
Unlock the power of industry-leading insights and expertise. Gain access to our extensive knowledge base, vibrant community, and tailored analyst sessions—all designed to keep you at the forefront of identity security.
Get instant access to our complete research library.
Access essential knowledge at your fingertips with KuppingerCole's extensive resources. From in-depth reports to concise one-pagers, leverage our complete security library to inform strategy and drive innovation.
Get instant access to our complete research library.
Gain access to comprehensive resources, personalized analyst consultations, and exclusive events – all designed to enhance your decision-making capabilities and industry connections.
Get instant access to our complete research library.
Gain a true partner to drive transformative initiatives. Access comprehensive resources, tailored expert guidance, and networking opportunities.
Get instant access to our complete research library.
Optimize your decision-making process with the most comprehensive and up-to-date market data available.
Compare solution offerings and follow predefined best practices or adapt them to the individual requirements of your company.
Configure your individual requirements to discover the ideal solution for your business.
Meet our team of analysts and advisors who are highly skilled and experienced professionals dedicated to helping you make informed decisions and achieve your goals.
Meet our business team committed to helping you achieve success. We understand that running a business can be challenging, but with the right team in your corner, anything is possible.
Well, good afternoon. Good morning, ladies and gentlemen, welcome to another webinar. And our topic for today is forget firewalls. Enterprise data is in new perimeter classification, encryption file protection. How to use data centric security. The speakers for today are myself. My name is Alexei Balaganski I'm senior Analyst at K call and I'm joined today by Huron circus, who is CEO of tics. Today's webinar is supported by tics. Just a few words about K call in case you are not yet familiar with our company.
We are an Analyst company doing enterprise research advisory decision support, and networking for it specifically in the areas like identity and access management, cloud technologies and cybersecurity, or our three main areas of business are research services, advisory projects, and events, events like today's webinar, or even bigger proper conferences. For example, the next one will take place next may in Munich, which is our flagship, our largest event, European conference to be the 10th anniversary EIC. So you are very welcome to attend this.
One of the most important European events in the area of E IM and cloud, before we begin some guidelines for the webinar. So all attend this center, you do not have to do anything about that feature. This webinar is being recorded. We will publish the recording tomorrow on our website. Under the podcast section, there will be a Q and a questions and answer section at the end, but you are encouraged to ask to ask your questions as soonly, just pop up in your head. Please use the questions window, which is located on the gold webinar control panel.
So our gender as usual consists of three sections. First, I am going to talk about the current situation are the current security challenges for protecting sensitive corporate data and how the, the current it trends influence or this, and how new fundamental approach to enterprise security is needed, which is data centric security. Then I will handle over to your circus who will be explaining the benefits of data centric security, and how we can make a business more agile, efficient, and secure, and provide really practical examples.
And again, the third part at the end will be questions and answers. And I would like to kick off with the copy. Nicole's favorite picture, the probable computing there three major it trends, which are shaping the scope of information security today. Namely cloud computing, mobile computing, and social computing. These three trends have profoundly changed the way we store we process and we share digital information or cloud computing means that more and more of your corporate information is store somewhere outside of your former security perimeter.
And you have to place lot of trust on the third party cloud went cloud service provider. Mobile computer means that your workers are always on the go and they need to access your corporate resources from any place at any time from various types of mobile devices, and finally social computing or implies that there are now more, there are multiple new types of identities, which you have to onboard, which you have to communicate with or on a daily basis. And these are by far not your employees. And by the way, in case you don't know if you don't speak Russian.
Troy is of course the famous Russian horse carriage with three horses abreast the prob flying Troy, which brings you into the future. It's unbelievable speed, but even fewer people know that Turku is also the name of the dreaded extra judicial commissions during the era, the era of red community terror in Soviet union, which were given free reign and, you know, bringing a lot of horrible things to you. And this is somehow fitting in both ways because the computing tracker opens up huge new business models for any company, but it also stretches the scope of information security.
So thing that it makes extremely difficult, it makes life of it. Security expert, extremely difficult. If you have a look, the corporate network, the typical structure 10 years ago earlier, there has been a one solid security perimeter around your corporate location. Sure. You would have most of your data on premise. You would have most of your workers on premise and those few outside would simply access your on premise data through something like VPN gateway.
So also very few risks out the hackers, maybe some viruses out there or the internet, but most importantly, the, it was in complete control over how the infrastructures and applications within your corporate it structure are deployed not anymore fast forward now. And your corporate network probably looks like this.
So you would have multiple locations or you would have your corporate data nearly anywhere, not just on premise or on premise at a remote location, but also in data centers in the cloud or in transit, you would also have much more mobile workers working from almost anywhere from home or Starbucks or international business travel destination. There, there is of course, a lot more new secure threat factors. I would say, not just hackers, but also nation sites and even your own government's surveillance and agencies.
And of course you have social networks where your own employers may expose your sense of different information, nearly uncontrollably, but the most important factor is that you no longer have a perimeter. So your data is no longer residing behind a wall. Now everything is now connected. If you can see there are many new actors joining your daily business operations in the digital world, it's not just your employees. These are also your partners, your customers, your potential future customers have a lot of mobile devices and smart devices. You have a lot of things.
The hope in terms of things of smart sensors at your home or at your manufacturing location vehicle nearly anywhere. So your data is again, stored can be stored at any of these places. Your data must be accessed from any of those places and your data has to be shared with all those increasing number of entities. All this have led to a profound change. The profound paradigm shift in security, you no longer can hide behind the perimeter, your traditional security tools no longer provide sufficient protection against all those new advanced persistence rates, fishing or molecules insiders.
And so on in a way you have to assume that your network will be hacked or maybe even already hacked. It's not a matter of if it's a matter of when. So basically you have to embrace a risk and you have to try to minimize the outcome of a breach as quickly as possible. And for that, of course, you have to know about your assets as much as possible, and really your assets, your enterprise data becomes the last line of defense. Another problem was mentioned is so-called shadow it because your it department resources are stretched.
So you're no longer maintain complete control over what your employees are doing with the data. Maybe they are so frustrated with the quality of your enterprise sharing services that they opt to using Dropbox to send some urgent secret document to another employee, or maybe they're using their private devices to work within your hybrid network. Maybe they even both something or free on a social network.
You really have very limited visibility and very limited control over your, over the integrity and security of your corporate information and to solve that you really have to completely rethink the way you approach your data security to so enter data-centric security concept, the concept is actually not new. And it sounds really simple since your infrastructure cannot be protected, you do not protect your infrastructure.
You protect your data directly and or here on the slide, I have listed four and one principles, which I, although definitely not the first attempt to them, but it's quite popular. And it's very concise. A security researcher named rich mogul have produced this list in 2008.
And it basically says that your data has to be, self-describing describing a defining meaning that your data have to incorporate the tools and the means to ensure its protection regardless where your data is located, the policies and controls most accountable business conduct, pretty obvious or simple, dumb firewall can no longer protect your data because it does not know anything about your business process. It doesn't know anything about identities. It doesn't know anything about specific or rules and limitations. Your company has defined within the business process.
For example, can this particular user actually access this particular document from this particular location on this particular time of day? Well, traditional static role can no longer make a reasonable decision. We need much more.
The third principle is that information must be protected if it moves from structured to unstructured in and out of applications and changing business content, again sounds pretty obvious, or whether your information is cited on your highly secured encrypted storage tower in, at your HQ over it's being sent over Gmail to your mobile worker, or whether it's being accessed or from a mobile phone from China anywhere your data has to be secured. Sounds simple, right?
Of course, it's difficult to understand how to implement it. And finally, the policies must work consistently through the different defensive layers and technologies. We implement.
Again, this is probably the most complicated and the least addressed principle as of now, meaning that your data has to be, you should be able to access the still access your data should be able to maintain the same level of security and the same rules of protecting your data regardless of today or tomorrow, regardless of some older or some future mobile device platform and so on. So this is the theory. The question is how do we actually approach this concept, how to be begin addressing all those requirements. So here are the primary requirements listed.
First of all, you cannot protect what you don't even know exist. So you have to know where your data is, or you have to rely on specific tools, hopefully automated tools, but unfortunately it doesn't always work automated in automated fashion, but you have to know where your data is located, regardless of it's on premise or in the cloud or on your employees, laptops or somewhere else, you have to discover all of your data and you have to keep you eye on it. Your data has to be classified because not all data is created equal.
Some data is more sensitive than the other, and you don't don't really have enough resources to treat all your data as highly sensitive and top secret, an important point here that each organization will probably have their own data taxonomy. So you cannot really create one solution which would address all possible scenarios. The next point is data visibility. Sure. Once you have discovered your data fine, but it's not enough.
You always have to keep an eye on what's happening with your data at any time who is accessing it, where is it being moved, or basically you have to follow your data along its whole life cycle data protection sounds obvious your data have to be encrypted because without encryption or even very short access or very stupid hacker to your network will probably lead to complete to a league of Euro, complete enterprise sensitive information. Just remember the fame, snow, the accident. So your data has to be protected at rest.
And of course in transfer, especially when this transfer happens across the wild internet on there, where it's not directly protected by your traditional security tools. And of course you have to be able to keep an eye on. You have to keep the whole history, the whole audit trail, and also real time overview of all decisions, all access scenarios regarding your data. At all times, you need alerting, you need auditing, you need compliance. And of course you need some kind of remediation actions in case of a data breach.
No, this is all fine. This is all theory. The question is, do we actually have anything like that already on the market? And in fact, yes, to a certain extent we do. And this technology is called information rights management. The whole idea of information rights management is that your document never leaves your data storage without an armor. And this armor is a layer of encryption around your data and another layer of access control. So basically your data is not always not only self protecting with the encryption.
It's also self governing because regardless of where your data, your piece of data is being accessed. Now somehow through the IM technology, it should always know which actions or this particular identity, this particular user is allowed to perform on, on this piece of data and which he is not again in serious. So it's very simple in, in reality, it's not that easy at all. Still what has to say that this technology is pretty mature. It exists probably for a good part of Medicaid. At least it's already available for multiple vendors and many partners.
The biggest ones are of course, Microsoft and Adobe addressing the specific requirements for protecting Microsoft office documents and PDF documents, respectively, or, and there are of course, other vendors likes who are offering their own solutions to information, right management and data centric security. And really, if you, if you think about it, there is no other feasible alternative to information rates management. It's the only future proof way because your data will never be able to stay within a secure encrypted container. Your data will never remain in a silo forever.
And in fact, with further parameterization with the further development of those three computing trends, that will be less and less silos and less and less perimeter to hide your data behind. So IRA is really the only future proof. There are however, two major obstacles on the road to universal adoption of IM obviously your IM solution will only work if your application is supported and this is where it comes to grinding halt. So what you say, each vendor has their own implementation. There is very little interoperability, however, between those implementations.
Now our view as Analyst that this area is in the di need of standardization, just have a look at fi at what fi Alliance has done for strong authentication industry. We had to struggle for years within compatible implementations. And now just within a year, they have been able to develop a widely accepted standard. And within a few more years, it'll be ubiquitous. I am definitely looking forward towards the same development in the area for information rights management.
And the other big problem is lack of awareness for very strange reason, not even among it experts, not too many people know that this technologies not just exist on paper let's they are actually are, have also problem solved and widely deployed and widely, widely. They offered by many vendors and integration partners. This is where we need more education. This is why we need more webinars like this.
Of course, this is why you probably need to go outside. And I think your current approach towards your data security and reach out to vendors like for example, and this is where I'm actually going to hand over to urine circus, who is going to explain how they are, how their company is solving this problem, how they are, which are their best practices to solve those requirements. So Huron please. Okay. Thank you very much.
So as a, in 2014 and 2015, several organization includes home Depot staples, the us post postal service target Sony suffered from demanding data breaches where sensitive data was stolen. I assume that all of you familiar with those cases, they were all over the news.
Currently, things seems to be getting worse, not better. Sonic created a big impact on the industry and kind of a wake call to many CEOs, executives and board members.
So just, okay, so what's happened. What's what's they have in common. So assume that different professional people will provide different answers. I will keep you in a suspense once more slide and let you know. So why do they happen? Okay. If it in today's vibrant business environment, the information security paradigm has changed dramatically. Okay.
We all need to share information with third party with legal advisor, with accountant printing houses, external directors, customers, and more in most of the cases at the moment that the file that the information left the organization, we don't have any more control. What has been done with our data. The landscape is becoming more and more complex. We all want the information to be available on multiple platform to share it with different partners, to support multiple type of files in a multi type of application, the cloud that become a legitimate platform.
And we see more and more organization that move their business end operation processes to different cloud providers is also become a major player in our domain. So large organization facing difficult situation in number of areas, the threats landscape continue to grow increased dangerous while wave of new technology further describes sensitive data across devices, location, and data repositories. So the security challenge, as we will all agree now extend beyond of the normal boundaries of the enterprise, which makes also classification and protection much more or even more complicated task.
Currently the data remains challenge. Okay. So massive volume of confidential information are leaving your organization every day. It's relevant to every of every one of you, the cloud via memory stick through emails, the data it's all over. So in order to really, to protect it to secure without enormous investment and huge overhead to the it department, we need to classify the information and we need a simple, transparent solution that will assist us to protect it like a bodyguard.
I'm I will emphasize the issue of data classification because I think that data or information right management is indeed crucial element, but in order to be able to protect this terror or this massive information, we need first to understand what is the information and how to classify it. So the data classification is a fundamental phase to secure and monitor our information. Another slide about the current situation. So previously when managing privacy and security, it simply a classified, secure parameter okay. As an organization. So everything inside of it was a, a was safe. Okay.
Security, defense focus on network. And the endpoints, as we mentioned, currently, the landscape has been changed information constantly moved beyond those parameters currently. So we cannot anymore use the garden, the gate approach, or the traditional DLP.
We will, we will, I will touch upon this issue in a moment sensitive data monitoring can be based upon manual process and sort reports. So we believe that it's time to build walls around our information rather than to try and to bring all the information beside four walls. So the new paradigm, it's easy to say how we can implement, you know, it's easy to say, but how we can implement a walls around the information okay. Approach.
It is kind of DLP that goes with the file data-centric security technology, combined four main tech main technologies, classification, DLP M, and also data encryption that what, what we Inex built it is actually can act as a bodyguard to the file. So the technology that, that we develop enable persistence protection and security throughout the information and the data life cycle. Okay.
Classification, it enable to classify the information and assign policy to content and let policy travel with the content and eliminate needs to exchange keys directly because encryption or key management is one of the, I think was one of the disadvantage of this technology. Everything of course should be fully transparent to the end user and enable the user to walk without changing the normal behavior. So in a world without boundaries, organization are a astonishing new security parameters.
Again, the concept that we, that we build Inex, and this is the data centric, it goes from information control to information flow. We believe that the, the, the organization should stop trying to control information and instead determine how it flows and protect the information, whatever it is. So we'd like to compare between what we call the traditional DLP and the new model, the new paradigm of trust zero trust approach.
So the main differentiation between the traditional DLP, the data leakage prevention, the Q all familiar with a, a ground in a, a guard in the gate approach to the data centric technology, which is much more much like a bodyguard approach is that the traditional DLP tried to keep the data within the, the walls, keep intrus outs okay. And special treatment for sensitive data cannot can be go out open, cannot open print, cannot print cetera in the new paradigm we attach right.
Part, right, right. Data to right person on right devices in a securely way. Okay. So we actually support the actual business situation, which the ecosystem is built around the model of open collaboration and trust. And as we said, enable persistence, trace, monitor, and monitoring to protect the data.
And sec, to secure it throughout the information and the data life cycle, we discuss it. So I will explain it very briefly, what is needed for data security centric, what is needed in order to implement solutions like covert solution.
So, first of all, we need to, to discover what is the, where is our data? The big problem with classification is knowing where to start.
And we, eh, eh, focus, we put a lot of efforts in our solution, in our technology to assist, to discover the data within a sensitive data, strong throughout internal networks and external clouds, the security people need to need an efficient tool to scan system and databases, to discover all copies of sensitive unstructured data where it's resist. And this is exactly what we have.
We always, when we install our solution, start at the beginning with, in a discovery mode and try to find out where the classified information is. Second, the data classification. Okay. So classification is, is one of the most difficult task facing security organization. Someone has to take the time and determine how information should be classified. So even if you have the tools, you need to define how to do that, classification decision goes behind security. They effect backup and data recovery and business continuity.
When the information is in active use, it's need to be protect stored ahead and managed. So the more confidential and top secret your information, the more expensive all this become. And this why we believe that the classification capabilities or model become a crucial issue. There is a statistic that I saw that they mentioned that at any single point of time, an organization of more than 50 people probably has more than 100,000 unstructured data files. So no one has the time to classify them all, let along to protect them. We need an efficient tool that will assist, assist us with this tool.
And that's why we build in our tool, a lot of toolkits templates to assist to typical CSO, to classify these information. We need also an end-to-end visibility. So data's discover, and the classification projects are often limited to particular data center or business unit or, or the it environment it's makes sense for early stage project. But organization ultimately needs more comprehensive perspective to accomplish this. The CSOs need to know about sensitive data anywhere it's resist inside or us outside the network.
And, and, and therefore our tool and our technology is not limited only internally, but you can also classify information and of course, protect and monitor it outside the organization. And last but not least the data security analytics for risk management. So compliance, privacy and security are based upon security people knowing where sensitive data is and who has access and what are the, what they are doing with it, who did what, when and where with our information.
This is a crucial element that we enable in our tool with our simulation mode and discovery mode, to actually being able to monitor your information and movement approach. We have a three mode of, eh, eh, implementing the solution, the discovery, the simulate, and the active, the active of course enable to encrypt it. But you can also use the solution without encrypt the solution, the, the, the information. So it's go from prevent to the tech, go prevent, detect, actually in response.
So we stopped focusing efforts on solely to preventing and also balance investment access protection detection, and response. We have a movement monitoring capabilities that we can simulate to attach touch covert to any type of file, define a policy and only monitor who did what with our information, where, and when this is a very useful model. And a lot of our customers use it at the beginning. Also use it for long term. So I would like to finish with some efficient recommendations of some food for thought, okay.
So as we mentioned, and I will summarize, first of all, you need to classify and segment your content. Okay. Initial review, discover the sensitive unstructured information and shift from an open internal assets. As we mentioned, it's also about who will ultimately take responsibility. So it's not just, I mean, the barrier of classification, generally, isn't just the technology. Second secure information, not system, the slogan that we didn't develop. We heard it access rights, travel with documents and access rights governed by policy.
Remember, we are all living world without boundaries. So not to, you should not stick only to information that you hold or store inside your data center, external extend your internal risk model outside the firm. Remember that a lot of confidential information currently move and travel outside your organization. So extension of a, a, a vaulting technology, ethical world solution, virtual data room solution, all of them mitigate part of your risk. Okay. They do not give you a comprehensive solution extension of DLP outside the, the, the firm. You cannot anymore.
Just look on the information that you have inside your office, inside your data center. And of course, it's not only about protection. You should also be able to monitor and anomalies on information asset, identify the business streets and clock the version from standard behavior. Thank you. Thank you very for your interesting presentation. Now let's switch back to myself and let's head for the Q and a session.
Again, let me remind you that you can submit your questions through the, this question tool on the go to webinar control panel. Please start doing it. Now. We need as more, as much as many questions as possible and or well, before we are waiting for first question, let me ask one myself. So you mentioned the term zero trust.
So why, why, why the name whom we actually suppose not to trust anymore At the moment that currently at the moment that we share our information with different business associates or with different people, we don't, we cannot guarantee that our information reached out to the people that we use. We all currently use unsecure sharing platform. We share information via WhatsApp. We share information via Dropbox, G drive, Azure and others.
And we hope that our information reach out the people that we want since we cannot guarantee, we believe that it is a zero trust model that you need to protect your information, whatever it is. Okay. Makes sense. So it's not that you should not trust your own users, but you should not trust that actually just your users, the right people accessing your data. Yeah. Makes sense. Okay. I have a first question.
So, or yeah, DRM technology and DL due to the rights management technology and DLP as well, exists for many years already. So what exactly is the reason for this emerging technology, which you have just described? Okay. So as mentioned in my presentation, this technology has become important due to many developments of the landscape in, in the landscape that took place. So since we are living in a world without boundaries, the DLP solution are much more limited.
The, I would say the information location is not conf confined within four walls and therefore protection data only within the organization does not make sense anymore. Also the DRM world has also developed, however, protecting the data and not the device seems much better integration of ability of sorting data and adding protection in a way that does not change the normal user behavior.
This combined with wide scope of protection file store in values, cloud envir infrastructure or platforms makes in, in my opinion, a, a, a winning opportunity and makes currently the, the technology, the data-centric technology much more relevant. Okay. Okay. Makes sense. And by the way, speaking of the cloud, or here is the next relevant question. So what exactly are the additional obstacles or any specific problems, which are your technology is facing when or moving data to the cloud? Okay.
So our technology provides to an organization, an additional security layer when their data is stored in the cloud. So the advantage of our technology OFX technology is in storing the encryption key on premise, rather than on cloud. This mean additional layer of protection and a better protection, not just from hackers that might hack to your cloud providers, but also the, from the cloud's it team as well. So our knowledge in this respect includes files and emails, by the way, we can protect emails and as well, for example, that goes audits store on office three, five, or a Google.
So to summarize five and emails in the clouds are, will be fully protected against potential hacking attack, but also from the it, the it guys of the cloud provider. Okay, great.
So again, please, another reminder to our attendees, submit the questions, use the question tools, and while we are waiting for another submission, I have my own question again. So you just talked about securing the data in the cloud, but what about the actual infrastructure for your solution? I assume that you have to deploy some kind of centralized server or another kind of architecture to manage those keys, to maintain analytics and somewhere. So can you deploy those components in the cloud as well? Or does it have to be on premise?
We, we can support both currently our solution support on premise and on the cloud. So you can install it in your organization and control and have your encryption key on-premise, or you can use a cloud provider or install it on the cloud. Both ways can, can move.
Oh, can you maybe just explain in a few words, so which components does your solution include and where can they be deployed? Okay. So we have a, we have a management server that can be integrated easily with the active director of the organization and save a lot of time and efforts to maintain and manage our solutions. So we can retrieve all the groups, remission privileges from the active directory. We have two type of solution, one required installation and of agent.
The other one is an agent less that enable limited functionality, but we have a flexible solution that based on the use case of the organization, enable him to use it on premise on the cloud with the installation of agent, or without depends. As I mentioned on the use case, the agents that we have support windows, support Mac, we also support the mobile platform, Android iOS, and yeah. Android and iOS. Sorry.
Okay, thanks. So I have another question coming in. Let me rephrase it a little bit for clarity. So when implementing DLP, okay. When implementing DLP, one of the biggest challenges is to map and understand the processes within your organization.
So yeah, I guess the question refers to discover and classification of your data. Okay. So how exactly can your solution or support people responsible for that specification? Is it just, you know, automating their manual work or do you have some specific smart algorithms for automated classification? So how does that work?
Yeah, we have a classification. First of all, we have a crawler that can actually crawl information and classify it. We have a classification engine that, that tag the information and based on the classification model, that is very flexible in our tool. You can define what kind of classification you want to attach to any piece of information. So in order to assist to, to the security guys, to classify it, we enable them, first of all, to discover.
And second, we have a tool kit, as I mentioned, and we have templates of classification that assist them to build the classification model or to support the classification model in their organization. So you may not, I don't have to.
I mean, they responsible person doesn't have to start with empty page. They have some kind of starting template, which can be customized for the specific requirements, right? Yeah. They should not start from scratch, which is anyway difficult task.
They have, as I mentioned, the toolkits, they have some best practices inside the tool that assist them to adopt a, a classification model and to implement it in their organization. So can you define some complex subject, like for example, automatically define every piece of data, which has something to do with PCI DSS as confidential, or I don't know, detect internal, do documents automatically.
We, we, we have in our engine, we have capabilities to detect variety type of information we are using on regular expression. We have our own. So currently we have customers that actually scan the unstructured or crawl and look for UN in their unstructured environment, look for a credit card numbers, social security numbers, PII Phi depends on what they defined. And based on the information based on the classification actually attach the security layer of cover to protect this information.
So it's not just detected, just also prevent from a non legitimate user later on to access or to use the information. But if I understand you correctly, you mentioned that there is a simulate mode in your solution. Right. Which is basically just detecting and classifying, but not adding any protection. Correct. Excellent. Yes. Yeah. And I have a question on that as well. So why would your customers, you mentioned that some customers are using simulate mode in the long term, so why would they do that?
Kind of, to me, it sounds like buying a gun for protection and then carrying it out without bullets. What is the point of that?
No, there are, there are some organization that didn't want to class to encrypt the data. They are afraid from a cases that they, that something will happen and they just use it as a movement monitoring who did what with my information, where, and when some of them take this information, which is actually kind of data behavioral and integrated into their SIM solution in a way that they can correlate the information and add to the rules.
So think about it that currently you can know every type of operation that your business associate did with your information outside your organization and know if he need, or if there is any deviation I would say from your policy. So I think it's a very strong tool to actually continue to monitor your information and knows if there is any suspicious event outside the organization. Yeah. But without encryption, how can you be sure that those data is not temper with, and by the way, let me continue that you have exactly a question coming up on that topic.
So you mentioned the agent, which has to be installed or somewhere, is there any possibilities in which the agent may be unsecure, especially with regards to mobile devices? Yeah. So what happens if the, the part of your solution is somehow insecure? Is it possible at all?
Okay, so I will answer both question, first of all, just to refer to your first question indeed, in the simulate mode, the data is not secure, but it, it, but you actually can monitor everything that done with it. So if, for example, you will decide to forward or to do something that you are not allowed, you will be able to do.
So, but at least me as the information owner or the organization is the information owner will get an alert about it. This is the simulate mode. So it enable you, first of all, to understand better the processes, understand better the, to classify, understand better the workflow. And then if you would like you can shift to an active mode encrypted that's that's the first, second question. If I understand you, right. You ask about the stress, the strengths of how much secure is our agent. Am I right? Yeah. Okay.
So we are working on a filter drive level and we are actually go through an external audit by, or an audit, sorry, by an external party every half a year to check the strengths of our, of our agent till now none of the parties or the entities that to review it, succeed to bypass and to access the information is a non legitimate user. Currently this solution is installed in banks, insurance companies, national bodies, and more, and like every security product. We cannot guarantee that we are 100% secure, but we put a lot of resources in order to make sure that we will be very secure.
Well, let me emphasize again, the question what's specifically regarding mobile devices, do you have any okay. Additional information on that? Yeah. So in regards to mobile devices, we are mainly using the, in our method, the agentless solution. We enable them to use the information for a li limited functionality with a capability limited functionality of view, only with capabilities to annotate the information we are actually launching now a secure container that will enable them to open and to edit the information inside the secure container.
And we are using a, you know, common best practices in order to make sure that the information cannot open outside those secure containers. Okay. Yeah. And just as a side note, this is an issue we were actually writing and blogging and talking about. So many times that mobile platform manufacturers are probably the least, really vendors to cooperate with security researchers and with developers of security solutions. And this is one of the crucial problems where developers have to resort to this kind of workarounds or limited functionality solutions and so on. Okay.
I understand the follow up question. What about updates are they installed automatically or does customer have to check for updates? No updates can install automatically of the, the distributing system of the organization via other method. We have also our own internal distribution system.
So it's, it's a very smooth and easy, easy process that integrated in our software. Okay, great. So dear attendees, this is your last chance to submit your questions. We only have a few minutes left, so please act quickly if you have your questions, otherwise we would, you could also submit your questions for email or to recall ORs directly, and we will get back to you to answer them. Okay. Let me just make one final observations.
Or if you go back to that question regarding simulation mode, no, please don't be like those people who are afraid of using encryption because encryption is a single most reliable, most useful tool for securing your data. Sure. You can probably use it without encryption, but you will never guarantee that your results result of your analytics, that your audit trails will be temp proof. And that actually replicate the reality and not being hacked by someone, not just a hacker, but maybe a malicious administrator within your company.
And by way, speaking of that, do you have any specific methods to protect from those malicious privilege to access Actually is part of the, the whole, I would say the whole concept around is that we, you enable to protect, or you protect the, the data or the content from, I would say Nel from the basic Yeah. I mean content. Sure. But what about audit trails? What about those analytics data? How can you ensure that those are not timber?
So, Okay. I'm not sure. Can you repeat the question?
I mean, you mentioned that even in the simulation mode, or you can still track all the operations which are, are done on, on, on the company's data. So this audit trail is going somewhere it's stored probably in some kind of a database, which you can then use for analytics or create compliance reports, stuff like that. How do you ensure that those analytics trails, those audit trails are not actually, they cannot be Aries? Yeah.
So I think, I think that the question is relevant, by the way, to any security product, you can, you know, raise the same question for Palo Alto networks or checkpoint or semantic. What, what we, what we did, we integrate a lot of security mechanism, of course, inside our solutions. Since we gather a lot of information to make sure that those, that, those piece of information that, that all the information that we gather are maintain, kept process in store in a secure way.
So first of all, take into account that in regards to those audit trades and analytics, we gather a lot, a lot of information. There are some customers that use cover as kind of forensic for forensic events. Since we are kind of envelope, every activity is, goes through tics. Every activity will file with the information goes through tics.
So we, we gather a lot, a lot of information that later on, we can enable you to analyze it now, how we can make sure that this information kept in a secure way and not, no one can temper it. This is part of the best practices and part of the efforts that we invest on a regular basic, like a normal security company, or like any other vendor. So we put a lot of efforts in order to make sure that those, this information is managed and kept in a secure way. Okay.
Just wanted to bring that little bit more attention to that particular topic, because especially here within the European union, it's actually a very, it's always a very hot topic, you know, data security and especially privacy. And especially when it comes to cloud deployment, it's your solution can be deployed in the cloud is actually something which you have to explicitly address every time you talk to someone from the EU, especially from Germany or just, yeah. So I would like, yeah, I would like just, I just want to, to add another top, you know, just last comment.
So in regards to this, to, to the safe Harbor, one of the main advantage is that we can, even though that the solution is installed on cloud, you can make sure that, for example, all the logs, all the alerts can be open only on premise. So, you know, we can, we have an hybrid solution that even though if you have it on premise or on cloud, you can define specific rules how to protect and where the information from where the information can be accessible. Okay. Makes sense.
Well, and now, since we do not have any for the questions, and since we have reach the top of the hour anyway, I think I have to say if thank you very much, Joran for your very interesting presentation and or answers to our questions, thanks to all the attendees. And I hope to see you at one of our next webinars and maybe even in Munich next may at our European identity cloud conference, have a nice day. Thank you. And goodbye. Thank you.
