StratoKey is a Cloud Access Security Broker (CASB) that acts as a powerful front-line defender against data breaches. StratoKey encrypts your confidential data before it ever reaches the cloud.
In addition to encryption, StratoKey also provides a complete security interface to monitor, notify and act in the event
of serious threats. This crucial management interface is important in identifying threats and taking preventative action to thwart attacks.
StratoKey peers into usage, and monitors the security of your overall web application and ultimately prevents cloud data breaches.
What is a Data Breach?
A data breach involves the leaking of secure/confidential data, whether intentional or otherwise. A recent study by the Ponemon Institute revealed 76%
of data breaches were caused due to weak user access credentials (username/password). Attacks that result in data breaches generally fall into two categoriesl; User Credential theft and application
vulnerabilities. Both of these types of attacks can be thwarted with the appropriate technology.
StratoKey Strategies to Thwart Data Breaches
Encryption: StratoKey encrypts all sensitive data before it ever reaches remote cloud or SaaS applications. By encrypting data, if the end application
is ever compromised, the data revealed is encrypted and therefore worthless.Strong user authentication: User authentication is typically the weak point of web and cloud applications. The issue with
user authentication is the trade-off between strong security and ease of use (passwords one can remember). Most business application users have opted for ease of use and hence weaker
user credentials have been allowed to thrive in the name of productivity. StratoKey counters weak user credentials through the layering of StratoKey user credential management and "machine
keying". Machine keying is the term we use for understanding a user's individual digital foot print. This helps administrators take control of user access security and also provides an
automated back-stop in the event that the user's account is compromised.
Intelligent threat identification: StratoKey understands web and cloud application users better than any human. Using an array of techniques
to understand users and their patterns on an individual level provides an incredibly powerful data-driven engine to identify threats. All user logging happens in the background and requires
no user interaction or interference in user workflow. Understanding users is key to identifying threats and thwarting without delay.
Active Countermeasures: When things go wrong, which evidently they do from time to time, StratoKey is there on the front foot, taking action.
StratoKey is pre-configured (and customizable) to act in a determined manner to counter, monitor and notify of in-bound threats. The active countermeasures engine is key in actioning against
threats without delay. Active countermeasures are more than an application radar. Countermeasures are the defensive actions StratoKey implements without delay. This may mean locking a user account
through to expelling all users and closing application access. Severity of response is entirely configurable and customizable.
Real-time Threat Interface: Whilst StratoKey works in an automated manner, we also provide a Real-time Threat Interface. This interface
is a cutting edge user interface that provides administrators with a direct management and monitoring interface. Administrators can monitor threats in real-time and also activate
countermeasures and moderated responses to user events. The Real-time Threat Interface provides
key insights into the activities in one's web or cloud applications.
Cloud Data Breach Prevention
StratoKey helps organizations close critical windows of opportunity for would be attackers. Closing these vulnerabilities can be the difference between
a thwarted attack and a catastrophic cloud data breach. Not only does StratoKey close windows of opportunity, it also provides organizations with an immediate
planned response to threats. This immediate response can make all the difference in thwarting data breaches.
Aren't We Already Protected?
A common misconception is that existing web or cloud applications utilizing SSL and database encryption are protected. This is like protecting a house with barred
windows, but leaving the front door unlocked. 76% of data breaches are due to weak or stolen user credentials. SSL, your database or your web application for that matter
do not understand the difference between a legitimate user, and a user utilizing stolen credentials. This is where StratoKey offers protection and helps reduce the risk
of data breaches against cloud and SaaS applications.