Cloud Data Security: ‘360-degree’ Protection Against Malicious Data Use
Cloud security technology providers Palerra and Okta have joined forces on what they call a scalable “360-degree” cloud data protection offering that guards data from without and within.
The partnership starts with Okta’s user credentials capabilities that act as a gatekeeper, protecting access to data in the cloud from outside attacks. Then, after users pass through the firewall, Palerra’s behavior analytics is like a video camera on the inside, monitoring users’ data activity.
Although the perception is dwindling that data in the cloud is inherently less secure than on-premises data, it’s also true that user mobility offers more data accessibility, via laptops and hand-held devices, than existed five or 10 years ago.
“User behavior analytics is one of the most powerful developments in data security right now because quantifying the actions of users within your enterprise is of critical importance to detecting early warnings of insider threats,” said David Baker, Chief Security Officer, Okta, which claims 3000 enterprise customers and more than 1 million login authentications per day. Given the increasing sophistication of hackers and insider breach risk, he said, “the firewall has in effect become how you evaluate the behavior of users, which is why this solution sits at the user level.”
According to Palerra founder and CEO Rohit Gupta, the Palerra-Okta solution is a scalable cloud-based system that can monitor hundreds of thousands of users at once and report suspicious behavior in minutes. Available now, it operates across the enterprise cloud service environment, including Amazon Web Services, Salesforce, Box, Microsoft Office 365 and ServiceNow.
Gupta cited a manufacturing customer with 450,000 employees that Palerra’s LORIC security platform monitors for data use anomalies. A typical scenario: members of the sales team about to leave the company – voluntarily or not – export reams of contact and account information from Salesforce in order to use that data at their next jobs. LORIC recognizes this behavior and either notifies a manager or shuts down the user’s access to Salesforce.
Another scenario: tech workers with access to valuable IP. Most workers’ behavior is quite predictable during the course of the day – arrival and log in at or near a given time in the morning, work through the day with a lunch break, log out and then log in from home at night. In the case of a hacker from, say, eastern Europe who has gained user name and password credentials, behavior is suddenly changed: data and applications are accessed at different times of the day and night, files are downloaded in a different manner and in greater quantities. Using machine learning techniques that builds upon previous activities, LORIC behavioral analytics understands users’ typical interactions with downstream applications, recognizes actions that don’t fit the user’s customary pattern and takes appropriate remedial action.
Gupta said Palerra’s data security offerings were designed with scalability and speed-of-detection in mind. LORIC scales across large user organizations due to its out-of-band API-based architecture. He said proxy and other gateway architectures require all traffic, whether relevant to security analysis or not, to traverse through a gateway, resulting in a bottleneck as the number of users and overall traffic grows. LORIC analyzes the various user activities in an intelligent manner by extracting only the relevant information through an API on the back-end tightly coupled with the cloud applications, reducing detection times to minutes, Gupta said.