VeraData data loss prevention.

Insider threats are something that enterprises face daily. Whether it’s a disgruntled employee or one who’s been fired recently; a large percentage of data leakage has been attributed to insider thefts. Usually there’s not much that anyone could have done about it. Most of the data leakage occurs through USB or some other storage medium or sometimes, email. This is where data loss prevention programs come into play. Data loss prevention is the field of preventing secure data from leaving a site. It utilizes various technologies such as network monitoring, end point policing and others to ensure that the data that does leave is not ones that are marked as confidential or important to the business. However most of the current data loss prevention solutions that exist does not take into account slight modifications that occur on the target files. Another thing that is common in the security industry is to use software to implement data loss prevention. Although software based data loss prevention has its merits, software that’s not on a dedicated system run the risk of being influenced by malware or other malicious causes. All these reasons contributed to the research of a new data loss prevention system at Icarus Labs.

VeraData is the latest offering from IcarusLabs. It allows you to control your data and its movements. It uses single board computers such as the Raspberry Pi as it’s operating hardware. Before it begins, a list of confidential data is selected by a trusted employee using the VeraData control panel. VeraData then creates fuzzy hashes of all the files listed as confidential. These hashes are then stored at all the endpoints at which the VD devices are deployed. When a USB storage device is brought for scanning, VeraData software scans the entire contents of the device and then creates fuzzy hashes for each of them. The hashes are then compared against listed confidential files. If the similarity percentage is above a certain threshold, an alert is triggered. The main reason that we chose to use fuzzy hashes over normal hashes is that this allows VeraData to not only recognize documents in their original form but also ones that have been edited slightly. The amount of change to be detected can be set at the control panel.

By using embedded platforms as well as fuzzy hashing, VeraData improves on existing data loss prevention software by a large amount. Another important feature is it’s cost effectiveness. The entire package can be setup and initialized at a fraction of the cost of current implementations.

For more details contact: [email protected]

Leave a Reply

Your email address will not be published. Required fields are marked *