Cyral puts an end to massive data leaks with the release of a new version of its platform. In addition to user interface (UI) updates, the platform enables customers to execute risk-based data governance, an approach to database security that limits exfiltration by volume limits for the most sensitive data, set at the discretion of the corporate security officer.
Hacks and breaches have become the norm in a cloud-based world. Many cybersecurity offerings focus on the attack vector, trying to keep bad actors out, but Cyral takes a different approach, securing data at the source. With Cyral’s discovery solution, business leaders can see who has access to what data, where the data resides, and the paths taken to access it.
Beyond traditional data discovery, the company offers what it has called account discovery, which lets customers know not only what sensitive data is and where it exists, but also who and what has access to it. this data to enforce least privilege access. Features like multi-factor authentication and user-specific access help keep bad actors away from cloud-based databases, but if breached beyond these initial protections, sensitive data remains secure. because the database will only allow limited access.
“It is unacceptable that hackers can exfiltrate tens of millions of records,” said Manav Mittal, CEO and co-founder of Cyral. “Not all data is equal, and there is no use case for a business to process millions of social security numbers or credit card numbers in minutes. Sensitive data should have a cap. of exfiltration, and with this product, it does.”
At the heart of Cyral’s approach to data security governance are discovery, least privilege, and audit controls for an organization’s most sensitive data sets. It comes close to least privilege with multiple authentication and authorization controls such as multi-factor authentication (MFA), field-level policies, just-in-time approvals, and seamless integration with existing data management solutions. identity and access (IAM) of an organization.
Discovery and auditing are designed to be database-centric so that information security professionals can easily see where the data is located, who can access it, and how it is being used. This approach significantly reduces the number of data breaches and the blast radius of a successful attack.
“Human Interest is growing rapidly and processing a lot of sensitive data. We needed a solution to protect customer data, and that solution needed to be secure, scalable, and easy to manage,” said Jeff Schneble, CEO of Human Interest. “The solution also had to provide great auditing capabilities, so we could see what people were doing, and create actionable alerts on that audit. We found all this in Cyral and dare to seek to extend its use.
Version 3.0 of Cyral’s platform is available now.