Tips to Grow Your Hospitality Business with LED Displays
  • Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

My TechDecisions

  • Best of Tech Decisions
  • Topics
    • Video
    • Audio
    • Mobility
    • Unified Communications
    • IT Infrastructure
    • Network Security
    • Physical Security
    • Facility
    • Compliance
  • RFP Resources
  • Downloads
  • Podcasts
  • Subscribe
  • Project of the Week
  • About Us
    SEARCH
IT Infrastructure, Network Security, News

Q&A: An Opinion on Data Loss Detection and Response Platforms

Antonio Garcia of cybersecurity service provider GRA Quantum explains how they utilize data loss and response platforms before recommending to customers.

May 29, 2019 TechDecisions Staff 1 Comment

data loss and response platforms

In a world of ever-evolving threats, organizations must be able to protect data regardless of where it travels while enabling collaboration and information sharing, so people can get work done. To react to today’s problems and proactively anticipate tomorrow’s, it takes a whole new set of rules, especially as more businesses push data into public clouds.

My TechDecisions sat down with GRA Quantum’s Chief Information Security Officer Antonio Garcia to learn more about the portfolio of cybersecurity services the company offers, how they achieved greater control and visibility over their own public cloud deployment with data loss and response platforms, and why it’s important for them to try their partners’ software solutions before they sell them to customers.

TD: What are some of the biggest concerns your customers are facing in today’s business environment?

Antonio: The causes for today’s security threats involve people as much as the digital and physical limits of software solutions. Right now, businesses are in the midst of a significant shift as more organizations move critical data into public clouds to reap the many benefits of data loss detection and response platforms.

The downside to this rapid shift is that documents containing sensitive information are moving to the cloud faster than businesses can protect them.

This puts organizations at greater risk. Users are not following security policies or paying attention to the potential security dangers of sharing data from a public cloud. This is causing some anxiety for the security and risk professionals charged with protecting data and keeping companies in compliance with data privacy regulations.

They’re well aware that once files are downloaded from a public cloud and forwarded to outside users, they have lost the ability to protect that information from unsanctioned users.

TD: Could you tell us more about GRA Quantum? Who are your customers and how do you help them?

Antonio: GRA Quantum helps small firms facing big threats build and implement tailored cybersecurity programs that protect their business and reputation.

We offer managed security services and an array of professional services, including penetration testing, security risk assessments, incident response, insider threat planning, security awareness training.

TD: How do you select which technology vendors will be part of your portfolio of solutions?

Antonio: As a provider of cybersecurity services, GRA Quantum takes the trust of its customers and their security infrastructure very seriously. These things go hand-in-hand when it comes to selecting technology to use and sell.

A majority of the technology solutions we sell to our clients are the same ones we use and rely on to protect our business. We wouldn’t promote or endorse anything we hadn’t used or weren’t completely confident in.

Antonio Garcia, GRA Quantum

TD: Can you give us an example of a solution you used that you now recommend to your clients?

Antonio: Our team was in need of additional visibility and control over documents stored in our Microsoft OneDrive deployment across our global GRA offices.

We started using the Allure Security, a data loss detection and response platform, internally.

In a short amount of time, it gave us a greater understanding of OneDrive use in various locations. We were able to monitor document access, in real time, and know where and when documents were being downloaded and shared.

We gained a lot more visibility into user and file activities, and can better inform our data loss responses based on Allure’s unique document and geolocation indicators.

TD: Why is this important to know?

Antonio: For global organizations like ours, it is becoming increasingly vital to have more control over where data travels due to data privacy regulations such as GDPR and others.

It’s also just good business to add more controls around data stored in public clouds. Having more context around where and how documents are being shared allows us to establish a baseline of normal behavior within our OneDrive deployment.

We can then monitor and measure against that baseline, so when unusual behavior is detected, we can drill down into that and determine if there’s a risk of data loss.

For example, with the ability to know when large volumes of files are being downloaded, by whom, and where these documents are being sent, we can determine whether a data breach has occurred or it’s just a matter of a user needing these files to do their work.

TD: Is “alert fatigue” or information overload ever a concern when using solutions like this?

Antonio: With the Allure data loss and response platforms, we were able to configure data loss risk monitoring based on specific criteria. Our deployment is set up to only issue alerts whenever a document was accessed in a location or region where GRA Quantum has no office.

For other regions, we only receive alerts when an attempt to access a document falls outside of our company security policy.

Using these criteria, the team rarely receives false positive alerts, but even in these cases, they are not a waste of time to investigate. For example, we received an alert that a GRA administrative assistant who was working in the United States opened a file in the Philippines.

Read Next: Data Breach Incident Response Plan: 6 Essential Steps

We don’t have an office there, so once we saw the alert about this potentially unusual activity, we made a few calls and learned that this individual user had utilized a VPN with an IP address in the Philippines to access the file. It was reassuring to know that Allure was able to detect the activity, and it gave us peace of mind to be able to quickly determine that this wasn’t an attack.

TD: How does this solution differ from other security tools that you rely on?

Antonio: Anyone who manages or secures a OneDrive cloud instance is familiar with something called a cloud activity log. Security operations teams comb through these logs and look for any suspicious user behavior, but the difference is that Allure is able to flag and escalate any unusual activity ahead of time.

In the example I talked about earlier involving the VPN in the Philippines, our Managed Security Services Director actually checked for this activity in our raw Microsoft logs, and found that the event was incredibly difficult to locate. Allure was able to alert us to activity that would have otherwise been buried.

TD: Aside from the effectiveness and usability of a software solution, what are some other factors that help GRA Quantum when evaluating partner vendors?

Antonio: Once we have personally experienced the benefits of using a data loss and response platforms solution, we look at other deciding factors, such as the responsiveness of the vendor. What kind of support can they provide after the sale?

In this case, Allure’s detection and response technology inspired us to become a partner and now, we resell it to our clients. In addition to having great technology, Allure is also a true partner. They are receptive to our product feedback.

They listen to our needs and ideas, and are incorporating some of our suggestions directly into the product. In my view, our sales and support team can better position solutions than some of our competitors because everything we sell has gone through our own internal review.

It gives us the confidence to stand behind our data loss and response platforms recommendations to clients, because we are customers, too.

Tagged With: Cyber Attacks, Data Center, Data Security, Disaster Recovery, Storage

Related Content:

  • Projector, projectors for offices, projectors for the office Save Money, Time And Space With Projectors for…
  • technical SEO, ecommerce seo Internet Experts Are Worried About the Sale of…
  • Amazon Amazon To Open NYC Office
  • Linux Teams Microsoft Teams Comes to Linux

Free downloadable guide you may like:

  • Technology Strategies for Bridging the Workplace Generation Gap

    Free webinar will help you understand the generation gap and what different generations expect out of their workplace technology experience.

Reader Interactions

Trackbacks

  1. Q&A: An Opinion on Data Loss Detection and Response Platforms – TechDecisions – Rss – GeeClouds says:
    May 31, 2019 at 1:21 am

    […] Q&A: An Opinion on Data Loss Detection and Response Platforms  TechDecisions […]

    Reply

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Get the FREE Tech Decisions eNewsletter

Sign up Today!

Latest Downloads

Audio Networking in Higher Education: Transforming Facilities, Workflows and the Student Experience

Today, modern campuses contain many technical marvels, but far too often, the AV System is not one of them. Today’s students are accustomed to digi...

Building Thriving Workplace Cultures: A Manager’s Guide to Attract and Retain Millennial and Generation Z Talent

Today, managers struggle with retaining millennial and Generation Z workers, who make up the majority of the workforce. With the rise of millennial...

Digital Signage Benefits for Viewers and Network Managers

Digital signage creates a dynamic experience that captures viewers’ attention and enhances brand awareness. Functioning in segments ranging from re...

View All Downloads

Would you like your latest project featured on TechDecisions as Project of the Week?

Apply Today!

More from Our Sister Publications

Get the latest news about AV integrators and Security installers from our sister publications:

Commercial IntegratorSecurity Sales

Footer

TechDecisions

  • Home
  • Welcome to TechDecisions
  • Subscribe to the Newsletter
  • Contact Us
  • Media Solutions / Advertise
  • Comment Guidelines
  • RSS Feeds
  • Terms of Use
  • Privacy Policy
  • Twitter
  • Facebook
  • Linkedin

Free Technology Guides

FREE Downloadable resources from TechDecisions provide timely insight into the issues that IT, A/V, and Security end-users, managers, and decision makers are facing in commercial, corporate, education, institutional, and other vertical markets

View all Guides
TD Project of the Week

Get your latest project featured on TechDecisions Project of the Week. Submit your work once and it will be eligible for all upcoming weeks.

Enter Today!

© 2019 Emerald Expositions, LLC. All rights reserved.