Advanced Persistent Threat Solutions

Advanced Persistent Threats are highly sophisticated and customized attacks that are designed to get around the traditional network perimeter and endpoint security measures used by organizations. They are challenging to detect and protect against in the following ways.

• Bypass Signature-based Systems: Traditional antivirus solutions are ineffective at detecting and blocking APTs, since they rely on signatures that use pattern matching techniques. Whereas, APTs are polymorphic in nature that frequently change identifiable characteristics like file names, file size, and encryption to make the malware unrecognizable.
• Generate Unusual User Activity: APTs generate unusual user activity, such as increase in-logins late at night using compromised credentials, or large amount of data flows from internal systems to external command and control servers operated by cyber criminals to steal data. Very few security solutions track user behavior anomalies that lead to data breaches.
• New Threat Vectors from Cloud Adoption: Increased adoption of hybrid cloud infrastructures introduce a host of threat vectors, where an organizations current security controls do not integrate. This introduces security blind spots such as Shadow IT, where unauthorized software-as-a-service (SaaS) applications are used by lines of businesses that puts sensitive corporate data at risk.

Organizations have realized that investing in a comprehensive data security is the last line of defense against APTs. With robust data security solution, which includes data discovery and protection, fine-grained access control and centralized key management solution any organization can encrypt/tokenize sensitive data such as – personal identifiable information (PII), personal health information (PHI), and financial data (credit card numbers, account numbers). Hence, that data is rendered unreadable, and has no value to the cyber attacker.

The CipherTrust Data Security Platform from Thales unifies data discovery, classification, data protection, unprecedented granular access controls with centralized key management – all on a single platform.

• Discover and classify data: Discovering and classifying your sensitive data is the critical first step in this process. Knowing where your business sensitive resides across the enterprise, and what type of risk it poses with regards to data privacy and compliance is an important first step
• Protect sensitive data: Implementing the right king of access controls and encryption or tokenization policies to obfuscate the data prevents sensitive data from being exposed to unauthorized users or advanced cyber criminals.
• Control encryption keys: Any robust cryptographic solution depends on the security of the cryptographic keys used to encrypt the data. As organizations deploy ever-increasing numbers of siloed data repositories encryption solutions, they need to be able to manage security policies across disparate data siloes, with centralized key life-cycle management and fine-grained access control to keys and data.

The CipherTrust Data Security Platform offers the following benefits to organizations in defending against APTs.

• Simplify Data Security: Discover, protect, and control sensitive data anywhere with next-generation unified data protection. The CipherTrust Data Security Platform simplifies data security administration with ‘single pane of glass’ centralized management console that equips organizations with powerful tools to discover and classify sensitive data, combat advanced persistent threats, guard against insider abuse, and establish persistent controls, even when data is stored in the cloud or in any external provider’s infrastructure. Organizations can easily uncover and close privacy gaps, prioritize protection, and make informed decisions about privacy and security mandates before a digital transformation implementation.

• Accelerated Time to Compliance: Regulators and auditors require organizations to have control of regulated and sensitive data and reports to prove it. CipherTrust Data Security Platform capabilities, such as data discovery and classification, encryption, access control, audit logs, tokenization, and key management support ubiquitous data security and privacy requirements. These controls can be quickly added to new deployments or in response to evolving compliance requirements. The centralized and extensible nature of the platform enables new controls to be added quickly through the addition of licenses and scripted deployment of the needed connectors in response to new data protection requirements.

• Secure Cloud Migration: It offers advanced encryption and centralized key management solutions that enable organizations to safely store sensitive data in the cloud. The platform offers advanced multi-cloud Bring Your Own Encryption (BYOE) solutions to avoid cloud vendor encryption lock-in and ensure the data mobility to efficiently secure data across multiple cloud vendors with centralized, independent encryption key management. Organizations that cannot bring their own encryption can still follow industry best practices by managing keys externally using the CipherTrust Cloud Key Manager. The CipherTrust Cloud Key Manager supports Bring Your Own Key (BYOK) use-cases across multiple cloud infrastructures and SaaS applications.