Mitigating the risk of insider threats
Imperva has launched a File Security product line, the latest addition to its SecureSphere Data Security Suite. SecureSphere File Firewall prevents unauthorised access to unstructured data residing on file servers, network attached storage (NAS). Its File Activity Monitoring (FAM) allows enterprises to monitor access to sensitive file data, establish an audit trail for compliance and reduce data access rights to a business need-to-know level. With this product expansion, Imperva’s data security suite helps enterprises protect not only web applications and databases but file systems as well.
“Critical business data exists everywhere: databases, applications and, most commonly, file servers,” said Imperva CTO Amichai Shulman. “Valuable business documents, intellectual property such as software source code, finance spreadsheets, and many other types of data are stored in these files. Yet, businesses today still lack the appropriate tools needed to monitor and secure sensitive file data within their organization. And securing file systems is essential if companies wish to successfully comply with PCI, SOX or other data security mandates.”
According to research firm IDC, 80 percent of all business data is file data, which will continue to grow at 60 percent annually. At the same time, many government and private industry mandates require companies to track and monitor access to sensitive data regardless of where it resides. Imperva’s File Security products allow businesses to:
· Analyze who has access to, who owns, and who has accessed sensitive data.
· Identify where access is “excessive” and can be reduced.
· Monitor access and alert and/or block access that violates business policy.
“Activity monitoring is an important security capability for any organization. By identifying and detailing unusual activity when accessing information, insider threats can be mitigated and advanced threats that have bypassed our traditional security controls can be detected. Additionally, activity monitoring builds strong forensics capabilities while bolstering compliance programs to meet growing regulatory mandates,” explained Neil MacDonald, Gartner analyst.
