Insider threat accounts for an increasing number of data breaches

According to the Cyber Security Index, IBM Security found that 60% of breaches were caused by insiders either as inadvertent actors compromising their credentials or those with malicious intent. So, in spite of the roughly $75 billion spent on cybersecurity reported by Gartner, data breaches continue to escalate. This is because the way breaches are occurring is changing. Rather than penetrate an organization’s IT network by breaching the firewall, hackers pose as legitimate administrators through compromised credentials and lie in wait for months before attacking the data repositories. Insider threats are very difficult to address because the use of valid credentials fools conventional security mechanisms into interpreting malicious actions as legitimate. Even if behavioral analytics tools are used, the potential for false negatives and false positives ensures that hackers can eventually circumvent these tools.

Our Product

How Baffle Helps

Baffle mitigates insider threat and privileged access risk

Insider threat and privileged access has continue to grow as a source of significant data leaks and breaches. Existing solutions such as encryption at-rest and transparent data encryption (TDE) mitigate this risk.

Advanced and persistent attack threat mitigation

By encrypting data in memory, in process and at-rest, Baffle makes data theft and exfiltration much more difficult for advanced attack schemes. Memory scraping and side channel attacks will only yield encrypted data.

Protect data from insider threat

Baffle’s Advanced Data Protection turns the database tier into an AES encrypted brick with no key present. This prevents privileged users from accessing sensitive data records while still allowing them to perform operational tasks.

Simplify encryption implementations

Implementing encryption can be costly and difficult. Baffle is implemented via a no code data abstraction layer that simplifies application-level encryption while saving on development time and costs.

Supports operations on encrypted data

Baffle’s Secure Multiparty Compute (SMPC) method allows for sort, wildcard search and mathematical operations on encrypted data. This eliminates breakage of application functionality and increases adoption.

Use Cases

See How Baffle Can Protect Your Data

Schedule a live demo and get answers to your questions

TiE Award

TiEcon Winner 2017

CRN Security Award

2017 Security 100

RSAC Award

RSAC 2017 Finalist

Related Posts