The rapid, near maniacal business adoption of cloud computing services, has created a significant gap in network security, as well as dramatically increased the level of risk associated with accidental or malicious exposure of critical business information — commonly referred to as ‘leaks’.
Common Cloud Computing Risks
The most widely deployed cloud computing services for businesses consist of:
- Communication services – Office 365, Google Apps, GoToMeeting, etc.
- Collaboration services – Slack, Evernote, GitHub, etc.
- Storage services – Google Drive, Apple iCloud, Dropbox, etc.
- Data backup services – Carbonite, Backblaze, etc.
Data Leak Risks
All of these services, by their nature, have a higher risk of confidential information leaking and being exposed to the public than the traditional workstation-server based business infrastructure.
Data is at the most risk:
- Where data is not encrypted on the client or sending side, but on the distributed infrastructure (incorrectly, but commonly referred to as ‘cloud’).
- Where data access controls lack sophistication and granular permission management.
- Where data access has little to no access, change, or permissions auditing.
- Where confidential business information is shared with anyone outside of the business organization, especially in combination with other risks.
Understanding Business Concerns
Of chief concern to businesses is data that may be exposed to the public.
This type of exposure occurs most commonly under one of four circumstances:
- Unencrypted data leaving the company network via the internet.
- Data being shared with individuals outside of the organization.
- Confidential information on cloud storage or collaboration services accidentally shared with the public.
- Employees or individuals outside of the corporate network copying sensitive data to unmanaged systems or unsecured media.
As mentioned, the rapid adoption of cloud services by businesses and employees, for both personal and professional use, combined with BYOD, has blurred many lines in security and data ownership previously considered sacrosanct.
Compounding the issue, businesses, employees, and outside contractors will most likely use several different cloud services from any given system.
Even with sophisticated monitoring and management systems, it was nearly impossible to identify and monitor all corporate information across all platforms on any system.
There are several methods that have been implemented by businesses in the past to mitigate data loss and theft.
Policies & Procedures
Implementing policies and procedures are only effective in two areas:
- Properly informing the individual being granted access of their rights and responsibilities regarding sensitive data access.
- To establish in court that #1 occurred after a data breach has already happened and a responsible party has been identified.
User monitoring solutions monitor a user’s behavior on a business network for every action, which can range from time spent on non-business related applications or web surfing during hours of operation to copying corporate data from a secure network share.
While certain solutions exist to monitor systems not connected to a domain, none has fully expanded into identifying sensitive corporate data potentially at risk across multiple disconnected cloud platforms.
Unfortunately, these more ‘traditional’ methods of controlling and auditing data exposure are not proactive enough to address modern cyber security concerns.
SecuriGo is a Software as a Service (SaaS), agent-based, cloud solution that monitors personal and company cloud computing installations across multiple platforms for potential data leakage and risk.
We had the opportunity for a brief Q&A with the Founder and CEO of SecuriGo, Moty Yacov, who was gracious enough to answer several questions we had about SecuriGo’s business, service, positioning, and prospects.
Q&A With SecuriGo Founder & CEO – Moty Yacov
Please, briefly, tell us about SecuriGo as a company.
What are the company’s defined purpose and goals?
“SecuriGo’s objective is to allow every corporation the ability to monitor the sensitive information that freely flows into the Cloud by providing complete visibility of their SaaS usage.
With an ever expanding list of enterprise cloud applications, corporations are experiencing dangerous potential leakage of sensitive data. We provide a 360-degree view of our customer’s cloud usage and assets.
Using a multidimensional analysis engine combined with an internal database, SecuriGo provides a unique solution to:
Identify confidential data that is passing into the public domain.
Analyze in an auto-learning series what are safe practices.
Provide a comprehensive overview and drill down for managers.”
How does SecuriGo envision itself positioned in the cyber security market for consumer / end users?
For small to enterprise businesses?
“Any enterprise organization with basic security awareness is a potential customer.”
How does SecuriGo bridge the gap between traditional network security practices and current cloud security implementations?
“The traditional security practice is to block the access of users to many cloud applications.
This patchy solution is not working due to the rapid growth of the number of cloud applications and the fact that corporate employees love cloud services since: you don’t need to buy any hardware, train anyone, build anything, secure anything.
It’s just instant on-demand application consumption since cloud and SaaS application are here to stay, and you can’t stop it.
If you monitor using current DLP/Network sniffing solutions — the amount of the data is enormous and you need to pinpoint only the leaks relevant to the corporate data that are publicly available.
This is where SecuriGo fits into the picture. Our SecuriGo toolkit does an analysis of your cloud information exposure.
Then it seamlessly manages information so it does not get into the wrong hands.”
Can you tell us a little more about the Active Directory integration — specifically, how that streamlines security management practices while improving security monitoring services?
“We have more than six ways to deploy the solution in corporate environments — each one fits different a environment. Major implementation uses Netlogon or group policy. In the pro version we provide a PDF with step-by-step instructions.”
We noticed that there are mobile app downloads available on the site, but they were not available for download.
Is this an enterprise feature, or a feature still in the works?
“We have an Android version in beta stage. It is stable, but we have yet to reach enough testers to release it to the public.”
How does SecuriGo classify and detect a leak?
“For us, detecting leaks is detecting all accidental shares.
We catch the link during the sharing activity.
In order for a link to be a leak it must pass the following criteria:
Anyone who got the link can access it (publicly accessible)
Contain company keywords (we collect them automatically)
Classified as corporate by our engine (we use NLP + structure)
User/Device/link is not mark as safe in ML system – We automatically learn admin behavior.”
A few of our Gmail and Google Apps email addresses were reported as breached.
We routinely run safety and security checks provided by Google, and it did not show anything out of the ordinary.
How is SecuriGo able to detect these breaches, and what is the possibility of false positives?
“We built an email aggregator that runs in dozens of hacker’s forums.
All of the emails we have that have been posted by hackers we consider hacked.
We take only the email and add it to our database; currently we have roughly 200 million email accounts to vet against.
In some cases, the hacker asks for bitcoins to reveal the passwords or the user since the user is using a different password between websites so the hacker can’t gain access to his Gmail or Google Apps, but only to breached/hacked service.
If your email is listed — I recommend changing the password.”
Where does SecuriGo see itself positioned for US and International regulation compliance – specifically HIPAA and SoX?
“We can be a part of corporate data discovery for most compliance needs such as: PCI, HIPPA & SOX.
Assume you are a hospital CISO and one of the doctors shared analysis with his colleagues about a patient, and one of the doctors accidentally shared or backed it up to his Dropbox/Google Drive/Box/etc.
We will give you the ability to track this document, and then we will alert you when this sensitive file has been exposed on the Internet.”
Podcast With Kyle Blank
We also had a chance to sit down and speak further with Kyle Blank, the SecuriGo, marketing representative.
Working with SecuriGo has been a very smooth process.
To get started:
Create A Profile.
1. Click on the Sign Up button.
2. Enter a Company Email Address.
3. Enter and Re-Type a Password.
4. Click the Captcha checkbox next to I am not a robot.
5. Click Sign Up.
Purchase Agent License
Before you download the agent and get started with SecuriGo, you will need to buy a plan.
1. Click on your User Profile in the top, right-hand corner.
2. Click Payment.
Before you download and install the agent, we recommend you configure SecuriGo, specifically the security features.
1. Click on your User Account.
2. Click Settings.
3. Click on Update Personal Info to update your profile settings, change your password, or delete your account.
4. Click on Google Authenticator.
5. Use the Google Authenticator app on your smart device to scan the QR code.
6. Enter the 6-digit code and click Verify Code.
Additionally, you can click Network Settings to lock down access to SecuriGo from particular networks.
SecuriGo takes security one step further by allowing you to lock the management screen.
1. Click on your User Account.
2. Click Lock Screen.
Download & Install Agent
The agent installation is fast and straightforward.
1. Click Download Agent.
2. Execute the downloaded file.
3. Enter your Company ID, found on the homepage of your Dashboard in the upper right-hand corner.
4. Click Proceed.
No reboot was necessary to complete the install, and the new agent showed up in the Dashboard in less than 5 minutes.
Once installed, the SecuriGo agent will scan the computer for all supported cloud applications and report on any data leakages, potentially compromised email accounts, the level of risk per cloud solution, etc.
Some of the things that impressed us while running through the SecuriGo demo was:
- How easy it was to install, configure, and use.
- SecuriGo’s support was fast to respond to our requests and their solution worked the first time. No lengthy back and forth.
- The software was extremely quick to detect all of the cloud services installed on the demo system, including a cloud backup solution I forgot was installed.
- The notification system for potentially leaked or compromised accounts or documents, as well as the actionable recommendations.
- The ability to customize the software to match individual business needs per cloud solution.
There were a few things that need improvement as well:
- The price is pretty stiff but on par with comparable, less granular solutions. As SecuriGo advances and grows, I would like to see a monthly pricing model with reseller pricing added.
- Per Mr. Yacov, SecuriGo is currently in development on mobile platforms, leaving a significant gap in its protection.
Review opportunity via BlogsRelease.