Chinese industrial spies, credit-card cyber bandits, poaching competitors -- data theft gets worse every year. Yet the most overlooked security leak, experts say, is the inside job. And it’s not only from bad people. The biggest threats can be “caused by human error, which is the most common case,” says Paula Long, CEO of Nashua, N.H.-based DataGravity, which specializes in storage solutions to help thwart cybercrime.
Most cybersecurity products identify anomalous behavior on a computer network and respond to attacks in real time; DataGravity secures data at the point of storage. Files are tagged and tracked as soon as they’re created, so the who, what, when and where of the documents can be monitored and audited. The system scans every file for sensitive elements such as credit card and Social Security numbers. When it finds something, it alerts the system administrator, who can limit access or delete the vulnerable file entirely.
“Security violations sometimes take the form of someone accessing the storage under stolen or false credentials,” Long says. “Our product identifies whose credentials they are masquerading under, what data they accessed and from where they entered the array.”
Mid-market organizations with 50 to 2,000 employees stand to benefit most, according to DataGravity president John Joseph, especially those with vast amounts of unstructured, human-generated data. But the service also works for larger enterprises.
Jason Topp, a senior systems administrator at Providence College in Rhode Island, is pleased with the security and the analytics DataGravity provides. “We have been able to get a much more in-depth look at not only what our data contains, but also what happens to that data,” says Topp. “We see it all, and that makes me happy. A happy information security officer is worth a lot.”
How much? DataGravity’s secure storage runs $45,000 to $95,000. That buys firmware, upgrades and an army of support. Yes, it’s pricey, but Joseph contrasts it to the average $295,000 bill to set up a storage array, security tools, recovery and backup for a midsize enterprise. “Plus,” he points out, “according to research by IBM, the estimated cost to fix a data breach is $3.8 million.”
DataGravity grabbed a healthy chunk of the $1.77 billion poured into data-security startups last year -- to the tune of $92 million -- with backers including Andreessen Horowitz. “Data security is a huge issue,” says Andreessen Horowitz partner Peter Levine. “We expect this to become a must-have technology in all future storage environments.”