Keeping your data and IT infrastructure safe and secure is more challenging than ever in today’s “zero-trust” world. But what does “zero-trust” mean?
The reality when it comes to security today is that nothing is 100-percent protected. “Zero-trust” is the assumption that bad actors ARE planning to get your data and use it to their advantage. That means protecting your information and systems AND being ready to act fast if – and when – anyone does break through your defenses.
As much as security’s “good guys” work to continually improve, so do security’s “bad guys”. Today’s threat actors are constantly innovating and finding new ways to break through barriers. Faced with these increasing threats, organizations need to adopt a two-pronged security approach to safeguard their data.
First, organizations need to work as proactively as possible to protect information from threats. Proactive security, such as continuous monitoring to watch for unusual activities and threats in real time, is vital. At OpenText™, we have customers using our solutions to manage millions of documents. Based on historical monitoring, these systems know that a particular employee might have downloaded approximately 10 documents in a week. But one Friday night, these systems detect something strange: that user has logged on at 11:00pm and is now downloading 10,000 documents.
OpenText’s Security suite can immediately recognize the anomaly and, based on specified preferences, sends an automated alert to the company’s security team. The team can then quickly investigate to see whether the employee’s actions are related to a legitimate work project or to something more suspicious. If it’s suspicious, security can lock down systems to prevent further data losses.
That’s where the second part of a strong security approach – rapid response – comes into play. Organizations need to have systems that are ready to spring into action when a breach does occur, quickly identifying the threat, quarantining it and preventing data losses and further damage. Automation and artificial intelligence are a big help here. Our machine learning and predictive analytics platform, OpenText™ Magellan™, can send instant notifications to security teams, and automatically block IP addresses or re-route services when a threat is detected. This helps keep services up and running while protecting a customer’s data and infrastructure.
Additionally, having content-related solutions with strong reporting capabilities – such as OpenText™ Content Suite, OpenText™ eDocs, OpenText™ Documentum ™ and more – lets users run real-time reports, spot anomalous behaviors, and identify potential signs of hacking – such as someone trying to log into a system multiple times with the wrong passwords. Such defenses ensure our customers have important security information quickly to hand so they can prevent attacks.
And once an attack is contained and the worst is over, such information helps customers analyze and understand what went wrong. This lets them take steps to prevent similar incidents in the future.
In other words, a strong security strategy is an endless loop: watch for threats, respond, lock down, analyze, understand, improve… then watch, respond, lock down, analyze, understand and improve some more. Through this approach, security becomes incrementally better and more responsive over time.
With more than 100,000 unique customers with over 2 billion data assets managed by OpenText software, our approach to security has to be as proactive, smart, fast and responsive as possible. And we’re continually innovating to make sure it stays that way.
I hope you can join me at our upcoming Enfuse security conference in Las Vegas on November 11–14. Enfuse is an event where top law enforcement professionals and security experts come together from around the world to learn and earn valuable certifications in e-discovery, digital forensics, data and information security and other critical skills.
We learn from attendees too, getting feedback that helps us fine-tune our technologies and services to meet their latest information management and security needs. It’s a great place to learn first-hand how we’re working to ensure the strongest security possible in a complex, zero-trust world.