How Actifile's Data Security Platform Secures your Data
Autonomous Data Monitoring and Encryption shapes how organizations successfully defend their most valuable assets from both external and internal threats.
Here’s how it works
1. Deploy Actifile Sentry across your endpoints and cloud
In the cloud-based, hybrid working environment of today, conventional data security methods that depend on network access for visibility and control are ineffective. Actifile's platform offers a novel solution for the current way of working; tracking and securing data in a perimeter-less environment.
Actifile Sentry discovers sensitive data at rest across your endpoints, file servers, NAS, and Cloud repositories, tracks the flow of sensitive data in and out of the organization, quantifies the data risk in real-time, and secures data from external and internal threats.
Three deployment modes give organizations comprehensive visibility and control over data
The platform has two components:
The first one is a cloud-based, multi-tenant data risk management application.
The second one is a lightweight agent
designed from the bottom up to utilize standard OS APIs and to perform all data processing at the endpoint, so that no sensitive data is uploaded to the cloud. The agent is optimized for data monitoring, so it doesn’t slow down or crash devices.
There are 3 Agent versions:
Actifile connects to your sanctioned applications like Office 365 and Google Workspace to gain visibility into content created and shared natively in the cloud.
For workstations and laptops: Windows, MacOS and LinuxVM.
For server OS: Windows and Linux
For cloud-managed file repositories like Office365 (Google Workspace, Amazon S3 and others are coming soon), through standard Cloud API connectors. The agent is installed remotely on any cloud or on-premise.
1
2
3
The Actifile approach is unmatched in assessing data risk, proactively defending sensitive data with automatic encryption, and giving you the peace of mind that other legacy solutions can't provide.
2. Monitor data at rest and in motion
Employees working remotely, with and without VPN, use cloud apps and shadow IT applications, like Monday.com and Slack. Files flows to and from these applications, exposing sensitive private data and increasing the organization's liability.
.jpg)
Once deployed, Actifile Sentry immediately starts scanning for sensitive data at rest, according to pre-templatized or customized patterns. Additionally, the Sentry tracks the flow of data throughout as well as in and out of the organization, without the need to integrate to any application. The Sentry then calculates data risk in real-time, assigning each type of sensitive data (PII, CUI, PPI, Intellectual Property, others) risk in monetary value (USD).
Data risk per type (.i.e. credit cards, social security numbers) across all file types and locations.
Data risk per device
Data risk changes over time
Number of files and records, and the total associated data risk exfiltrated to Slack, Skype, and WhatsApp Web.
Number of files and records downloaded from the likes of Salesforce, OneDrive, or Cerner Healthcare.
Here are some examples of the data risk values Actifile monitors in real-time:
3. Data Risk Remediation leveraging Automatic Encryption
.jpg)
We can greatly simplify data security by switching from "chatty" DLP methods, that require handling of each and every event, to preemptively encrypting each sensitive file in advance.
Instead of blocking each option to exfiltrate sensitive files through any type of application, applying automatic encryption secures the file, and in the event of the file being stolen or leaked - it will not open without Actifile Sentry and the organization's decryption key.
However, sensitive files are peppered throughout the organization, with multiple file types and file locations, and new ones are always being created.
The approach has to be top-down and efficient, and this is where data risk monitoring and quantification helps greatly.
Tracking sensitive data files as they are created, downloaded or copied, then tagging them and adding them to the quantified risk classification in real time, allows for those files not only to show up-to-date data risk, but also enables them to be encrypted via 1-click action at the data risk level.
It is in this fashion, that all the files that are included in this data risk classification are automatically and efficiently encrypted.
Actifile Encryption Wizard
The Encryption Wizard provides a guided procedure, to quickly and efficiently secure the the risk types you would like to automatically encrypt. For example, if Actifile identified USD 2.6M for Credit Card PII across 26 file instances , 12 file types and 7 locations, the wizard will guide you how to encrypt them all with one click of a button.
Automatic Encryption Phased Approach
Actifile Encryption Wizard walks you through the encryption process, highlighting how many files will be encrypted, how much data risk will be remediated, and what applications will be enabled to decrypt the files. Defaults are provided for most file types like Office or PDFs, and can be customized to include more.
4. Users transparently decrypt files with no changes to the way they work.
By leveraging the OS AES 256 standard encryption libraries, all existing and future files with the sensitive data tag are automatically encrypted. The files are decrypted from wherever they reside: on the endpoint, or a file server, or on a cloud application, There is no need to enter any username or password, and the encryption is instant, with no latency
.jpg)
Your data is audited at all times, and data risk is updated to reflect changes in how much sensitive data the organization has in real-time.
Incident Review with Actifile is simple/seamless within your SIEM/SOAR or any other 3rd party tool.
