Stay Informed with Active Cypher

BY ACTIVE CYPHER | AUG 14, 2022 | TECHNOLOGY, UNDERSTANDING ACTIVE CYPHER

Active Cypher Media Management Use Case

Every year, businesses, law enforcement, and citizens struggle to manage exponentially growing media assets. Inexpensive digital CCTV systems, cell phone recordings, pictures, and home surveillance (to mention a few) are now commonplace. Protection, control and access of media is paramount for a multitude of reasons: legal, ethical, and moral.

To add to this, law enforcement agencies have adopted in-car and body-worn camera (BWC) systems ensuring high-resolution video that must be stored and managed for even minor calls.

Media assets cannot be ignored. A media management solution needs to be in place to protect, collect, store and manage media assets utilizing best practices while adhering to laws and in country privacy control regulations.

The stakes are high. Lost or mishandled media assets calls into questions credibility while jeopardizing potential legal or financial actions.

Media Management is a protection and control solution based upon Active Cypher’s Cypher Protect.1 Cypher Protect is a hybrid/on premise software solution that is built to secure files stored on a customer’s file server or cloud service. Cypher Protect encrypts the contents based on business policy enacted using security groups and user ids. Files are controlled through a local agent. Continuous encryption secures media assets from ransomware, personal misuse, accidental or incidental exposure. File controls include sharing, with time-based expiration, rendering, printing, and downloading. Files can be rendered unavailable through a management console. This solution makes it easy for personal to manage files, such as videos, audios, photos, and documents through an intuitive interface. Users with appropriate rights and privileges can generate audit trail reports, view, tag and verify integrity of the asset, as well as automatically purge or archive files based on the business retention policies, cost constraints, and much more.

Sharing media assets has never been easier. The customer’s own cloud service allows businesses to easily share digital files with others. Permissions and privileges are completely customizable by an admin, making sure these users only have access to specific features and files in the cloud storage.

• Based on Active Cypher’s Cypher Protect

• Continuous AES 256 Encryption

• Assign Users Rights & Privileges

• Storage Policies for retention and hierarchal lifecycle management of files

• Cost conscience use of short, medium, and long-term storage

• No installation on users’ devices for viewing videos

• 100% Browser-based HTML5 Playback

• Set Sharing Expiration Policies

• Audit Trails

• One-Click Upload

• File Authentication

• Advanced Sharing Features

• Share Video Files

• Multi-User

• Chain of Custody

• Customized Classifications

• Bookmarks

• Notations

• Geo-location Mapping

• Ransomware protection

Active Cypher Media Management:

Law enforcement example: https://www.activecypher.com/dems/

BY ACTIVE CYPHER | AUG 12, 2022 | TECHNOLOGY, UNDERSTANDING ACTIVE CYPHER

How a National Managed Security Service Provider Removed Human Error From Customer Communications and Protected Their Business From Data Loss

Restoring the Rights of Privacy and Security to the Digital World While Decreasing Complexity

Managed Security Service Providers (MSSP) are extensions of their customers’ I.T. departments. They are trusted to manage the safety and integrity of an organization’s most sensitive information, such as strategic plans, financial reports, sales plans, customer information, and more.

The trusted nature of MSSP’s work makes them targets of cybercrime because they hold the keys to many customers’ digital assets. As a result, they must continue to stay at the forefront of protection to maintain the integrity of their business.

MSSPs struggle with the same business problems as any other:

• Competition trying to gain intelligence

• Random and targeted cybercrime

• Human errors

• Disgruntled employees

The difference for MSSPs is that if they are compromised, so are their customers, which could be hundreds of businesses.

• Cyberattacks against Managed Service Providers, including MSSPs, jump 67% in 2022

• 90% of MSSPs have been hit by a successful cyberattack since the COVID pandemic began

• MSSP monitoring and security management tools are the primary target of cybercriminals

• By 2025, 60% of all organizations will use cybersecurity risk as primary factor in conducting third-party transactions

Highlights

Challenges

• Securely sharing confidential information with external customers

• Employees taking intellectual property and leaving the company

• MSSPs are targeted because of their customers’ information and access

• Crisis of trust with third-party providers

Solutions

• Protect data at the asset level

• Secure information dynamically

• Safely share information

• Able to revoke access remotely

• Ensure security entirely within customer environment

Results

• Reduced human error

• No trusted third party relationship

• Reduced administrative burden.

Challenges

The Chief Information Security Officer was concerned that his MSSP Security Operations Center (SOC) was introducing too much risk to their customers when they emailed monthly reports about security operations, architecture vulnerabilities, and incidents.

Their standard practice was that SOC Security Analysts emailed monthly reports to customers with sensitive information about their environments. They were concerned that email was not secure enough for this information. Security Analysts had also accidentally sent reports to the wrong customer on occasion.

The MSSP had employees quit the company after they downloaded strategic plans for product infrastructure, business roadmaps, existing architectures, and customer information to their personal machines. Unfortunately, the MSSP had no way to stop this illegal and inappropriate breach.

Most Data Protection solutions require trusted third-party custodianship of data, encryption keys, or both. Unfortunately, the MSSP has lost confidence in trusted third-party environments and needs complete control over its security environment.

Results

Active Cypher’s Cypher Cloud solution was implemented at the MSSP to secure external data sharing with customers and for internal data protection. Cypher Cloud is completely contained within its environment, and all files are dynamically encrypted based on business policy. Access is controlled by their Azure Active Directory and administered with traditional Microsoft tools.

Monthly security reports are now shared with customers in secure SharePoint enclaves, and using Auth0 to validate access in their local IAM system. As a result, human error has been eliminated in sharing information with the customers.

BY ACTIVE CYPHER | AUG 11, 2022 | UNDERSTANDING ACTIVE CYPHER

Local Hospital Uses Active Cypher to Secure Data in Cloud Collaboration Tools

Healthcare Case Study

The medical industry handles a wealth of highly sensitive patient information. A data-centric security strategy improves their ability to share information in cloud collaboration platforms while protecting against data breaches and adhering to regulatory compliance.

Protect Data Anywhere

• Ransomware Protection Flexible data security for remote and mobile workforce

• Protect files being accessed and shared on mobile and personal devices

• Secure data sharing in the cloud using Active Cypher

• Regulatory Compliance

Introduction

A local hospital that recently experienced a ransomware incident turned to Active Cypher to protect information for their patient data. The information security team required a data protection solution that scaled across a complex ecosystem of internal departments and external stakeholders. The hospital’s data is highly sensitive, containing personally identifiable information (PII) and protected health information (PHI), which is actively targeted by hackers and subject to strict regulations. The Hospital uses cloud collaboration tools to share information and needed a solution that ensured the highest grade of security and encryption to prevent ransomware attacks, data breaches, and adhere to regulatory compliance. Active Cypher was chosen because it gave the Hospital the ability to secure any type of file across multiple environments while integrating easily with existing security technologies. The information security team could secure critical hospital and patient data through Active Cypher, without slowing down information sharing and collaboration workflows.

Supporting Diverse Technology Investments

Medical organizations are increasing their use of storage, collaboration, and communication tools to meet evolving hospital demands. The challenge lies in protecting all data, without making security systems too complex to be managed effectively. Active Cypher works across multiple platforms, integrating with existing security solutions to help businesses maximize their investments.

Active Cypher delivers superior data security

1. AES 256-bit encryption to protect PII and PHI.

2. Integrations with modern cloud collaboration applications such as Box, OneDrive, and SharePoint.

3. Safely shares data and enables the hospital to remotely revoke access anywhere, anytime.

Bottom Line: Secure Cloud Collaboration

The hospital was using OneDrive to share information with external stakeholders and deployed Active Cypher to secure the files and data contained within the collaboration solution. This enabled the hospital to automatically secure any file with strong encryption and set policies to control access to those files. This expanded to other applications such as SharePoint and Google Drive offering the business multiple options for secure collaboration and content management. Active Cypher works easily with the Hospital’s existing security stack without interference.

Using Active Cypher, the hospital achieved major improvements in its processes, protecting consumer PII and PHI, and ransomware attacks as it moved between internal and external teams.

This data is subject to a range of regulatory compliance from state, national and international mandates, and Active Cypher’s continuous encryption and auditing capability support the hospital’s compliance efforts. With Active Cypher, the hospital embraces the convenience and cost efficiencies of popular cloud collaboration platforms without exposing the institution to the risks associated with sharing data beyond the organization’s perimeter. This in turn helps with employee productivity and speeding (quickening) the sharing of data across the institution.