The ‘paradigm’ in which data leaks can solely be branded accidental is long-gone. So says Tarique Mustafa, Founder and Chief Executive Officer, GhangorCloud, who tells CNME why a new generation of Data Loss Prevention solutions is needed to combat the rise in malicious information theft.
Tell me about your GhangorCloud DLP solution.
Tarique: GhangorCloud is a fourth generation solution, and is unique in the sense that it combines traits of DLP (Data Loss Prevention) and APT (Advanced Persistent Threat) software. It has a lot of traits that are widely acknowledged as being unique. The solution itself is pure software, with no hardware dependency whatsoever. It can be packaged as a virtual appliance or based on top of commodity hardware.
On the network side we have a gateway which sits on the enterprise network and monitors traffic both coming in and going out of the enterprise. It automatically figures out if there has been any regulatory compliance violation – is any control piece of information being transferred or shared outside of the enterprise? Is the recipient someone who should have access to that kind of info?
In certain industries like healthcare and PCI – based on compliance mandates, you have to ask if parties who are accessing certain information have the authorisation to do so. In real time – it doesn’t just report after the incident – our solution can block that access, and notify the relevant parties that it’s been blocked.
Which verticals is your solution most appropriate for?
The product is targeted at six or seven key verticals. Healthcare, PCI, government regulations, the pharmaceutical industry, the legal industry, and high tech industries – the control, identification and classification of intellectual property. Government is a major target for us.
Are Middle Eastern organisations becoming increasingly aware of compliance requirements?
Absolutely. I recently attended four very important customer presentations, and a major hospital chain in Dubai in particular knew everything they could about compliance, and they’re an example of already high levels of awareness.
Which internal and external security threats necessitate DLP software?
Our product is unique and is acknowledged in the industry to be so, because it does not make assumptions about human behaviour. Third generation sofrware was built with the assumption that leaks were accidental, and this has been a major impairment for solutions.
The Ed Snowden and WikiLeaks stories were a case in point. Snowden had a good identify, and a level 4 – perfect – standard of security clearance. What happened was not accidental, it was malicious. The systems that were deployed there were based on flawed assumptions, and did not account for malicious intent. We make no such assumptions; trust no one.
Ours is a malicious data leak solution. It’s very much an identity and role-driven paradigm, which has shifted with our fourth generation approach. Our solution gives a centralised capability to authorities within an organisation either to CISO staff or anybody that the organisation designates to be in charge of centralised control or access to information.
Tools embedded within the app give the capability to that centralised authority to set all the policies in a centralised fashion. This eliminates the need for continuous intervention from the average Joe in the enterprise who cannot operate simpler systems. It’s important to determine who should have access to what information; get it wrong and it can cause business meltdown.
Our solutions automate the process of tagging information, which the average employee cannot be trusted with every time. We have important patents which simultaneously allow for topical and security-based classification. The expectation that everyone in the enterprise will tag information the right way every time is wrong.
We don’t depend on employees or actors within an organisation. Classic APT solutions only offer protection of around 28 percent, with no protection beyond that. We are very complementary to APT solutions, which is a big value proposition for our product.
There’s no point in trying to fight a losing battle. If a thief wants to come in, let them in, but don’t let them out, and exfiltrate information in the process.
What differentiates third and fourth generation solutions?
The basic premise of third generation software was the notion of accidental breaches, of everyone being a good guy. Until recently Gartner had said that over 90 percent of data leaks were accidental. They’re now saying that 92 percent are caused by malicious intent, and this has been a big vindication for us. Being able to protect both accidental and malicious leaks is a huge transition. We’ve needed to have certain innovations in place which is not easy, and we’ve spent a lot of time in the R&D phase.
A lot of DLP companies’ solutions have been acquired and not worked as they should. To make the transition, we’ve made three or four major innovations. To not depend on the human actor, we’ve added very important patents, including the auto-classification of content.
Our patents do topical based classification, which feed to our algorithms, which can determine the classification code, and what is the security-based classification of that content.
What training services do you offer for your software?
Our first type of training targets channel partners and their sales engineers. The other is aimed towards end users – our customers – so that the product doesn’t become an impediment as opposed to a facilitator.
It depends how deeply they want to train staff. One two week program is aimed at training IT staff – how to configure and manage the software – and the other is a one week course for employees.