Marketing release
Is this a news article or advertising?
Normally responsible news outlets post an indication when they publish something that looks like a news article but is really advertising.
Think checking doors and windows every night so as to stop burglars scrambling through to rob you. Well, now your personal data can be handled in the same way, with Druva's end-point protection services identifying risky exposure to sensitive information loss by scanning backed-up data and alerting compliance teams. Its inSync …
Hmm, so the software (and therefore Druva if you're in their cloud... ahem, sorry, I mean Amazon) has access to the (un)encrypted data, yes? That's a nice attack vector to your highly confidential data you have there...
What use is encryption if the keys aren't fully in your control?
At Druva we utilize an encryption mechanism that ensures we do not have access to underlying customer data. This has been validated by hundreds of InfoSec teams from very large companies handling highly secure data. Am more than happy to discuss the details further to anyone that would like to reach out to me and discuss. (dave.packerATdruva.com)
I went to the product site and found little in the way of description as to how it works or even the specifics of what it does. When I click on the "View Product Demo" link, I am encouraged to register in order to view said demo. So right now, what I get from this is that this product is marketed to management based on buzzwords rather than to technical staff based on spec.
Still, I'll give you a softball question: does the product prevent exfiltration of data or simply report transfer of data based on an applied rule set? If it does seek to prevent exfiltration, what vectors can it block (email, USB, etc.) and how does it do so?
Hi Robert, just checking back here.
Appreciate your feedback and over the next few weeks we'll be doing some things to enrich the content on our site to fill in the technical gaps.
The inSync system doesn't act as a traditional DLP or what some of newer the CASB solutions provide, it's not intercepting in-flight, checking the file and quarantining based on rules/regex, instead it's assessing at-rest data. It does this via utilizing an agent that is collecting data off devices, or connects directly for collecting from cloud services; you can think of this like backup, but the way it collects and stores is completely different, which is a conversation in itself. During this process it's also scanning the data utilizing a pre-defined set of rules and regex. As it finds new/changed files that meet these rules it alerts and records the event (for reporting, dashboard, email notifications), this collection process can happen every few minutes if required. Team members who have authorized access to reports/dashboard will then see; user, file, rule violation, device, date and other particulars that can be drilled-down for more details and therefore can take corrective action as required. We see this being complimentary to DLP type offerings to address the at-rest piece our customers need to deal with.
Hope this helps, like I said feel free to drop me an email dave.packerATdruva.com and more than happy to respond.
Wow, what a waste of space this one was.
No mention of other anti-exfiltration packages and services. This is a substantial industry sector, and a thriving research area. And no technical information about this particular offering.
If it wasn't such a good occasion for bitching about lousy reporting, it would have been completely useless.
So this appears to be just another Data Loss Protection tool? And the processing is done on AWS?! Oh boy, well that would require some significant convincing.
El Reg, please stop putting "articles" up that are poorly hidden advertising. If you want to allow suppliers to write something up about their products, that's fine, but have the decency to identify it as such.