If your company is struggling to centralize visibility and apply consistent security policies to unstructured data, Micro Focus says it has the answer.
Voltage SmartCipher is an endpoint privacy and security solution that aims to simplify and centralize unstructured data protection and management. It does this by combining features that typically exist in separate tools.
It's an ambitious undertaking, and one that other vendors have been trying to solve, said Forrester Research Analyst Sean Ryan.
"Effectively mapping where all sensitive data is stored and who in the organization should have access to it, along with the ability to revoke access rights and remove data from risky locations, is a common problem, and it's complicated," he said.
While other vendors address similar issues by combining identity and data governance to control who can have access to specific data, the Micro Focus solution appears to be more focused on discovery and consistent encryption of unstructured data with file access controls in place, he added.
Voltage SmartCipher wraps files with AES256 encryption to protect them from unauthorized access to both content and policy, while still allowing for policy updates. This feature, which Micro Focus calls Transparent File Encryption, is consistent across all operating systems and works on a large number of email and cloud-hosted collaboration platforms. This is different from platform-specific security, which doesn't allow security policies to travel with files, according to the company.
With Transparent File Encryption, an administrator can identify the many sources of internal and external unstructured data that employees are accessing and sharing. It can also monitor how the data is being used; determine what, if anything, is out of policy; and revoke inappropriate access or sharing. "As always, the devil is in the details with identifying exactly how sensitive the data is and what does/does not meet specific compliance requirements," Ryan said.
Another valuable feature is Stealth Mode, which allows administrators to simulate policy enforcement with alerts and monitoring before implementing the new policy and beginning active enforcement. If a policy violation triggers an alert, file access is not blocked. This simulates how new policies would affect file usage without interfering with normal workflow. Once administrators require actively enforced controls, SmartCipher can switch policies into full Active Mode, where files are encrypted and access policy is enforced. A violation of the policy is reported, and the user is blocked from performing activities on the file as defined by the appropriate rules, according to Micro Focus.
Voltage SmartCipher's real-time monitoring, discovery and classification features allow organizations to determine exactly how, where and when each file is accessed and changed. This type of automated discovery, which can happen with data during creation, in use or at rest, can help organizations more easily pass compliance audits.
This is especially helpful for large organizations with multiple teams accessing and collaborating with sensitive corporate data across cloud applications and data stores. "With those types of complications, it can be a very manual, difficult and time-consuming effort for a risk management team to collect and show a consistent security posture to auditors. These types of tools can automate much of that," Ryan said.