back to article Catch 'em while you can! Presenting Druva's virtual open door detector

Think checking doors and windows every night so as to stop burglars scrambling through to rob you. Well, now your personal data can be handled in the same way, with Druva's end-point protection services identifying risky exposure to sensitive information loss by scanning backed-up data and alerting compliance teams. Its inSync …

  1. Anonymous Coward
    Anonymous Coward

    Marketing release

    Is this a news article or advertising?

    Normally responsible news outlets post an indication when they publish something that looks like a news article but is really advertising.

    1. Anonymous Coward
      Anonymous Coward

      Re: Marketing release

      Native advertising. Harder for those pesky ad-blockers to filter out.

      1. Anonymous Coward
        Meh

        Re: Marketing release

        "Native advertising. Harder for those pesky ad-blockers to filter out."

        I don't know whether to upvote you, for being spot-on, or downvote the idea, for the same reason.

  2. Anonymous Coward
    Anonymous Coward

    Access to encrypted data

    Hmm, so the software (and therefore Druva if you're in their cloud... ahem, sorry, I mean Amazon) has access to the (un)encrypted data, yes? That's a nice attack vector to your highly confidential data you have there...

    What use is encryption if the keys aren't fully in your control?

  3. ThePackerMan

    No Access to Encrypted Data

    At Druva we utilize an encryption mechanism that ensures we do not have access to underlying customer data. This has been validated by hundreds of InfoSec teams from very large companies handling highly secure data. Am more than happy to discuss the details further to anyone that would like to reach out to me and discuss. (dave.packerATdruva.com)

    1. Robert Helpmann??
      Childcatcher

      Re: No Access to Encrypted Data

      I went to the product site and found little in the way of description as to how it works or even the specifics of what it does. When I click on the "View Product Demo" link, I am encouraged to register in order to view said demo. So right now, what I get from this is that this product is marketed to management based on buzzwords rather than to technical staff based on spec.

      Still, I'll give you a softball question: does the product prevent exfiltration of data or simply report transfer of data based on an applied rule set? If it does seek to prevent exfiltration, what vectors can it block (email, USB, etc.) and how does it do so?

      1. ThePackerMan

        Re: No Access to Encrypted Data

        Hi Robert, just checking back here.

        Appreciate your feedback and over the next few weeks we'll be doing some things to enrich the content on our site to fill in the technical gaps.

        The inSync system doesn't act as a traditional DLP or what some of newer the CASB solutions provide, it's not intercepting in-flight, checking the file and quarantining based on rules/regex, instead it's assessing at-rest data. It does this via utilizing an agent that is collecting data off devices, or connects directly for collecting from cloud services; you can think of this like backup, but the way it collects and stores is completely different, which is a conversation in itself. During this process it's also scanning the data utilizing a pre-defined set of rules and regex. As it finds new/changed files that meet these rules it alerts and records the event (for reporting, dashboard, email notifications), this collection process can happen every few minutes if required. Team members who have authorized access to reports/dashboard will then see; user, file, rule violation, device, date and other particulars that can be drilled-down for more details and therefore can take corrective action as required. We see this being complimentary to DLP type offerings to address the at-rest piece our customers need to deal with.

        Hope this helps, like I said feel free to drop me an email dave.packerATdruva.com and more than happy to respond.

  4. Michael Wojcik Silver badge

    Article's useful content asymptotically approaches zero

    Wow, what a waste of space this one was.

    No mention of other anti-exfiltration packages and services. This is a substantial industry sector, and a thriving research area. And no technical information about this particular offering.

    If it wasn't such a good occasion for bitching about lousy reporting, it would have been completely useless.

  5. TotallyInfo

    Just another DLP

    So this appears to be just another Data Loss Protection tool? And the processing is done on AWS?! Oh boy, well that would require some significant convincing.

    El Reg, please stop putting "articles" up that are poorly hidden advertising. If you want to allow suppliers to write something up about their products, that's fine, but have the decency to identify it as such.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like