Insider threat accounts for an increasing number of data breaches
According to the Cyber Security Index, IBM Security found that 60% of breaches were caused by insiders either as inadvertent actors compromising their credentials or those with malicious intent. So, in spite of the roughly $75 billion spent on cybersecurity reported by Gartner, data breaches continue to escalate. This is because the way breaches are occurring is changing. Rather than penetrate an organization’s IT network by breaching the firewall, hackers pose as legitimate administrators through compromised credentials and lie in wait for months before attacking the data repositories. Insider threats are very difficult to address because the use of valid credentials fools conventional security mechanisms into interpreting malicious actions as legitimate. Even if behavioral analytics tools are used, the potential for false negatives and false positives ensures that hackers can eventually circumvent these tools.
How Baffle Helps
Baffle mitigates insider threat and privileged access risk
Insider threat and privileged access has continue to grow as a source of significant data leaks and breaches. Existing solutions such as encryption at-rest and transparent data encryption (TDE) mitigate this risk.
Advanced and persistent attack threat mitigation
By encrypting data in memory, in process and at-rest, Baffle makes data theft and exfiltration much more difficult for advanced attack schemes. Memory scraping and side channel attacks will only yield encrypted data.
Protect data from insider threat
Baffle’s Advanced Data Protection turns the database tier into an AES encrypted brick with no key present. This prevents privileged users from accessing sensitive data records while still allowing them to perform operational tasks.
Simplify encryption implementations
Implementing encryption can be costly and difficult. Baffle is implemented via a no code data abstraction layer that simplifies application-level encryption while saving on development time and costs.
Supports operations on encrypted data
Baffle’s Secure Multiparty Compute (SMPC) method allows for sort, wildcard search and mathematical operations on encrypted data. This eliminates breakage of application functionality and increases adoption.