Prime Factors Blog

Endpoint Protection – Reactive vs Proactive?

Posted by Pete Flagella on Oct 30, 2018 11:00:00 AM

Find me on:


The Second Line of Defense

There are so many existing solutions offering ‘data security’ protection today. It can be very difficult, let alone challenging, to wade through an understanding of what they actually do and how any one or several can help you achieve a ‘real sense of security’ for the data in your business. One of the first aspects of defining your data security strategy is when and where to be ‘Proactive’ versus ‘Reactive’

Data Perimeter Security solutions like SIEM, IAM, UEBM and others provide some level of access control to business networks, applications and data. They are focused on the ‘first line of defense’ – users and devices to provide a ‘Proactive’ solution. They are fundamentally critical in achieving a total data security profile in any business environment, especially in situations where users and devices number in the hundreds to thousands. This ‘Proactive’ approach attempts to mitigate unauthorized access to businesses, mission critical networks, applications and databases by cyber attacks. 

So what happens when a breach occurs through these ‘Proactive’ and ‘first line of defense’ systems?

Under various terms with some overlapping functionality and features, Endpoint Protection provides virus protection, whitelisting of approved sources, and reporting of the malicious access with alerts followed by quarantine. Solutions like Symantec, McAfee, Kaspersky and many others (over 40+) provide various levels of protection if setup properly as a ‘second line of defense’ once access is compromised. They are ‘Reactive’ solutions that should compliment the ‘Proactive’ solutions protecting the data perimeter. Unfortunately, they are typically not integrated with the ‘first line of defense’. Rather, they are a ‘second line of defense’ focused on malicious access, code and the sources they originated from.

Being both ‘Proactive’ at the ‘first line of defense’ and ‘Reactive’ at the ‘second line of defense’ can certainly help mitigate data theft and loss, particularly with disparate IT infrastructure systems. However, what about the ‘last line of defense’, the applications, and data at the heart of your business?

Is it possible to be ‘Proactive’ at the ‘last line of defense’ after the first and second lines are breached?

Encryption utilizing cryptology techniques like Key Management and Tokenization at the application and data level ensure just that. If a breach occurs, the attack vector has been minimized and mitigated; rendering any data compromised useless to the attackers.

With Tokenization and Key Management, parties agree to secure data access as well as exchange parameters between trusted partners, entities and systems (like POS systems). Without allowing all the data to be ‘open in the wild’, this allows selective exposure to limited data segments. 

Being ‘Reactive’ takes on a different context, meaning, and purpose with this type of data security initiative. It means that being ‘Reactive’ to the onslaught of cyberattacks, data breaches and theft by implementing encrypted data solutions is a ‘Proactive’ response.

This solution is available today with EncryptRIGHT from Prime Factors.

Whether you’re in a position of being ‘Reactive’ or ‘Proactive’, or somewhere in between trying to sort it out, taking the initiative to protect the ‘last line of defense’ with encryption is vital. In fact, it can be the single most important, immediate and critical data security initiative any business owner and technology professional should consider.

EncryptRIGHT’s multi-platform, multi-database architecture enables data security and protection across all major industry sectors and businesses; regardless of size or technology infrastructure.  

With a common web based user interface, EncryptRIGHT makes the process of installation, training, configuration, deployment and management easy for both programmers and non-programmers alike. This process reduces complexity, costs and time from months or years to days or weeks.

EncryptRIGHT’s unique Data Protection Policy (DPP) Dashboard makes deployment and management of Tokenization, Key Management, PGP and PCI Compliance simple and fast. It allows flexible configuration and implementation using either the Data Protection Policy Dashboard—our extensive API library—or both. 

With cross-platform deployment in a single common user interface, EncryptRIGHT is a cost effective, mission critical data security solution for any business needing to protect their data whether at rest or in motion. EncryptRIGHT’s architecture allows integration with current and future Data Security Initiatives. How would you like your data security a reality today and ready for the future?

Contact Prime Factors today and let us show you how EncryptRIGHT can make a difference in your data security profile!

Topics: encryption, data breach, EncryptRIGHT, siem, iam, uebm