The traditional approach to data security just doesn't cut it anymore, according to startup Keyavi Data, which last week unveiled a new approach to securing unstructured data.
Its flagship product essentially wraps security around data instead of trying to control the data with traditional network and endpoint data loss prevention (DLP) solutions. The company says it is using a combination of industry-standard tools and proprietary methods and protocols to allow data to stay under the owner’s control no matter where it goes in the world or who possesses it at any given moment.
Instead of securing data at the network layer or at the endpoint where data is being transmitted, processed or stored, this approach focuses on arming the data itself with protective measures. It does that by essentially "wrapping" the data with administrator-defined policies that specify who is authorized to access the data, the time period in which specific users can access the data, where the data can be accessed geographically and on which devices the data can be accessed.
The solution also can be used in an offline mode. If, for example, a user is on an airplane and needs to work, the system can generate a one-time token that will allow the user to open, access or work with the data. Policies can determine what the token does and how long it lives.
Approaching data security this way effectively weaponizes the data, says Alissa Knight, an analyst, hacker and author. "You can let your data go anywhere you want and essentially detonate it if it gets out of your control. Imagine being able to completely [eliminate] the thing that happened with [National Security Agency whistleblower Edward] Snowden because the data itself was armed with the ability to protect itself."
This approach also virtually eliminates the need for traditional network and endpoint data loss prevention solutions. Legacy data loss prevention solutions no longer make sense, Knight said, because most company data now resides in the cloud. In addition, the network perimeter extends beyond Starbucks to the homes of employees and beyond.
"How do you apply traditional DLP on data that you have to upload to a SaaS [software-as-a-service] platform? And employees need to be able to work from home, and you have to hope they delete the data when they are finished," she said.
Knight said the Keyavi solution is a true innovation. "They aren't trying to take something and make it better. They have created something truly unique."
