Cyral Strengthens Risk-Based Data Security Governance to Stop Large Data Breaches
Platform update aids in discovery and setting exfiltration caps on sensitive data.
Note: TDWI’s editors carefully choose vendor-issued press releases about new or upgraded products and services. We have edited and/or condensed this release to highlight key features but make no claims as to the accuracy of the vendor's statements.
Cyral, a cloud-native data security specialist, is putting an end to massive data leaks with an update to its platform. In addition to user interface updates, the platform enables customers to run risk-based data governance, an approach to database security that caps exfiltration through volume limits for the most sensitive data set at the discretion of the company’s head of security.
Hacks and breaches have become the norm in a cloud-based world. Many cybersecurity offerings focus on the attack vector, trying to keep bad actors out. Cyral takes a different approach, securing the data at the source. With Cyral’s discovery solution, business leaders can see who has access to what data, where the data is located, and the pathways taken to access it. Beyond traditional data discovery, the company offers what it has termed account discovery, which allows customers to know not only what and where sensitive data exists but also who and what has access to that data to enforce least privilege access. Features such as multifactor authentication (MFA) and user-specific access help keep bad actors out of cloud-based databases, but in the case of a breach past those initial protections, sensitive data remains secure because the database will only permit limited access.
“It is unacceptable that hackers can exfiltrate tens of millions of records,” said Manav Mital, CEO and co-founder of Cyral. “Not all data is equal, and there is no use case for a company to process millions of Social Security or credit card numbers in a matter of minutes. Sensitive data should have an exfiltration cap, and with this product, it does.”
At the core of Cyral’s approach to data security governance are discovery, least privilege, and auditing controls for an organization’s most sensitive data sets. It approaches least privilege with multiple authentication and authorization controls such as MFA, field-level policies, just-in-time approvals, and seamless integration with an organization’s existing Identity and Access Management (IAM) solutions. Discovery and auditing are designed to be database-centric so information security professionals can easily see what data lives where, who can access it, and how it is being used. This approach significantly reduces the number of data breaches and the blast radius of a successful attack.
Version 3.0 of Cyral’s platform is available now. To learn more or request a demo, visit www.cyral.com.