Massive Information Growth and Data Breach Risk Creates a New Paradigm

Intellectual Property theft is one of the highest direct business risks to most organizations; 93% of breaches are financial and espionage related. Security ops need to investigate how individuals or executables, malicious or not, have interacted with IP information. ThinAir gives you the ability to easily query at short notice and investigate user's actions and behavior and keep your data secure.

Organizations need complete visibility and alerts when users or applications, malicious or not, exfiltrate data that you want to be treated as confidential. ThinAir admin can create alerts to notify when new sensitive data is found on an endpoint or when a user takes an action that puts data at risk across any endpoint. You know exactly when a security control is bypassed and your confidential data is accessed by a user or an application.

IR teams typically have limited information and time to quickly identify, scope and contain the information breach losses. They need to understand how data was leaked; if it was caused by a user, maliciously or mistakenly, or by a virus or hacker that breached an endpoint. With ThinAir, security investigators can search the historical events related to a data loss event and view all interactions and movements of the data across all endpoints and users.

Data governance, IR and compliance teams need to have real time and chronological history of all information access with user, device and application context details for precise insights and analytics. ThinAir monitors and records all user-data and application-data interaction events and allows admin to create reports or query in real time to find out which users have accessed specific information of interest.

Malicious hackers, in collusion with insiders or by exploiting misconfigurations/vulnerabilities, install malware on endpoints to exfiltrate sensitive information for financial or espionage purposes. Time is of the critical essence in identifying and containing such breaches, the exact malware files and the data they may have accessed or extracted. ThinAir records every application-data interaction on all the endpoints and can quickly help search and identify any new (zero-day) malware process that may have accessed your sensitive information. You can also filter for dates after the malware was identified to review and analyze what information was accessed or exfiltrated by the malware to completely scope the breach across your entire enterprise.

DSOs need to be able to regularly monitor whether employees are following data governance policies across all their users and endpoint to assure consistent compliance. ThinAir monitors and records all user-data interaction giving complete information usage across the entire enterprise. Admin can create regular or exception reports to monitor the information usage and compliance.

ThinAir can easily quantify the dollar impact for data lost due to a malicious insider action. Analysts can easily assign a dollar value to sensitive data they track and ThinAir will calculate the total dollar impact for data lost due to a malicious insider.

Analysts can easily assign a dollar value to sensitive data they track, then choose a subset of their endpoint of their choice and ThinAir will calculate the total dollar impact for potential data lost on those endpoints. This can be done for a specific set of systems to assess the potential loss impact.

ThinAir can easily and quickly pinpoint all endpoints where a specific file was ever seen. ThinAir admin can search for a file name and then filter by dates, file type, etc.

ThinAir gives you complete visibility both in real time and historically for users’ interactions with sensitive data on the endpoints. This closes a risky gap in your ability to monitor and protect data where it is at most risk of loss.

DLP systems won’t stop 100% of the leaks. ThinAir can bolster their efficacy by pinpointing how data bypassed the existing policy and controls. ThinAir admin can also search the historical events related to a data loss to identify the gap int he DLP policy.