The end of data breach? Introducing People Centric Security

The end of data breach? Introducing People Centric Security



Trent: Welcome back, thank-you for joining us today I’m joined by a very special guest David Sia, CEO of Techware. Thanks for joining us Dave. 

David: Thanks Trent, glad to be here.

Trent: The reason I’ve called you in is because I want to talk a little bit about data breach in particular human error. Now it’s still around and still a hot topic and I’m just wondering why it’s still so prevalent.

David: I think part of the reason is because technology hasn’t really caught up with human error there isn’t a solution for when your data is leaked to protect the business around that, so traditionally when you look at a situation where data has left the company it could be an email that’s forwarded to someone or could be on someone’s cloud somewhere. The response from the IT department and the business has always been once the data is on the internet I cant do anything about it.

Trent: Yeah it’s like a shrug of the shoulders, it’s too late. So what’s happened now is that there’s a change that can be taken back? The control can be given back to the business? 

David: Yeah well that’s what we’re here to talk about we’re here to talk about how we actually nip that in the bud. To talk about how we solve the problem, let’s look at two scenarios. You’ve got a user that his unwittingly put files out on the internet and that could be your typical email forwarded to someone and forwarded to someone and it just spreads. Or it could be that person not realising that they’ve actually put data into the cloud, where they sync their iPhone to their computer and suddenly its on their cloud storage and Dropbox and all these share within Dropbox and things. So you’re starting to lose control of where the file is. So that’s been the challenge for the staff who unwittingly store their files across the internet.

Trent: So that’s the challenge, what’s the solution?

David: The solution for that is people centric security, so what we actually put in place is a situation where we now have visibility over the files no matter where they are. An example would be let’s look at one single file. It’s the most important file to the business and it can’t fall into the wrong hands, You can see the life of the file where it is. It’s gone to Dropbox its been forwarded to this person, to that person. It might even fall into the wrong hands, having that visbility gives the IT department the opportunity to teach that person what they should and should not do – so the training training opportunity. But then if you see the file has actually gone to the wrong hands you now have the ability to control that data you can put some attributes around that data where if it falls into the wrong hands, that person would not be able to read that file until that file rings back home and authenticates that person to that file. If that person can’t authenticate themselves they’ll never be able to read that file. What’s very exciting about this is now IT can not only control their data within their company asset, but IT can actually say to the business we can actually control your data anywhere. The organisation now has the confidence that data protection is protected across the world.

Wow, Okay, that answers my question. Thankyou for joining us Dave I appreciate it and thankyou out there for watching.