A new managed service to support data loss prevention (DLP) is now being piloted by a Waltham, Mass.-based security vendor Verdasys, which plans to extend the offering to the channel later this year.
Verdasys is specifically targeting the enterprise and midmarket with a cloud-based managed service intended to protect sensitive data while at the same time supporting secure collaboration and compliance requirements.
The offering is currently being marketed as the "Verdasys Managed Service for Information Protection (MSIP)," and it's currently being piloted by a handful of customers, according to marketing vice president Bill Munroe.
"Our customers don't want to have to be security experts anymore," he said. "They don't want to spend the money necessary to keep up with the ever-changing threat landscape. It just becomes too expensive. They don't want to have to purchase 17 different security products from eight different vendors and then try to figure out how to make it all work together. Not only is it expensive to purchase, it's expensive to maintain and can take five or six months to bring online. Then, they end up working with a business partner who does not take IT security very seriously, and everything that they have invested serves no purpose because of vulnerabilities elsewhere."
The service is deployed, configured and administered by Verdasys personnel through the company's secure cloud, which is hosted by Rackspace, as well as a number of other providers across the globe. Promised benefits include enhanced IP and trade secret protection, insider threat management, advanced data risk analysis and policy enforcement, PII/PCI and PHI compliance, advanced cyber defense and management of export control restrictions. Supported platforms include Linux, Mac OS and Windows.
"It's a giant risk assessment for the first five or six days while we are collecting all the data," said Munroe. "Agents that are installed on laptops, desktops, servers and sometimes even networking gear send metadata about what is happening back into the cloud. Because it is metadata that is being sent into the cloud, we can alleviate some of the cloud security concerns. We start with the risk view and show them where the risks are, and then we help them to build control models as to which types of employees should have access to what types of data, the training that each of these classifications will require anywhere specific types of data can be moved. Over time we monitor the results and assess what adjustments might need to be made."
Metadata is encrypted, hashed and digitally signed before being transferred to Verdasys' hosting facilities via FIPS 140-2 certified messaging protocol.
NEXT: Channel Differentiation