Spirent 원형 로고
사이버 보안

How Corporations Can Take Control and Secure Sensitive Data


Blog - How Corporations can Take Control and Secure Sensitive Data

Organizations are striving to obtain more revenue, accelerate digital transformations, and comply with regulatory mandates – all while keeping customer loyalties in check. Read how Spirent can help!

Organizations are striving to achieve revenue increases, accelerate digital transformations, and comply with regulatory mandates – all while keeping customer loyalties in check. Achieving all of this is easier said than done. Each of these goals translates into a set of challenges for today’s enterprises.

To name a few, organizations need to deal with

  • Massive magnitude of data growth

  • New regulations for data privacy

  • Increased operational complexities

  • Lack of skilled cybersecurity professionals

One of the major ways corporations and businesses seek increased revenue is through growth in their network, connectivity, and computational power to maximize the advantages of latest available applications and solutions. All of this means more and more exponential growth of information, as well as sources and consumers of data on the network. Both end-users and enterprises are demanding and placing high premiums on their data being properly protected. The EU’s General Data Protection Regulation (GDPR) became enforceable in May of 2018, and privacy laws and regulations around the globe continue to evolve and expand. According to latest surveys, one of the most significant challenges for GDPR compliance is meeting data security requirement, followed by attaining trained staff to enforce an organization’s cybersecurity mandates. It is clear that the regulations and general actions taken by the security communities are intended to improve the overall data privacy of organizations globally. All of this adds more operational complexity, requirement for skilled cybersecurity professionals, and more complex data communication security. One way to combat this endless cycle is cybersecurity assessment solutions that can provide actionable insight in a scalable manner.

I have covered a number of significant pillars of such solutions in my past blogs, including proactive hardening of networks and endpoints from a cybersecurity point of view. Getting a handle on state of enterprise sensitive data and security policies that are in place in relation to them is the other important element of a successful security strategy. After all, malicious attackers are mainly after interfering with normal network behavior of the enterprise and/or exfiltrating and extracting data, thereby taking advantage of organization’s sensitive information.

This sensitive information can range from organization’s intellectual properties to consumers’ personal information such as social security numbers, credit card numbers, and so forth. There are security solutions that can be deployed to enforce policies preventing sensitive data to leave or enter the network. Next, we will discuss how one solution from Spirent CyberFlood Data Breach Assessment can help in proactive assessment of data leak prevention policies.

CF Data Breach Assessment Sensitive Data

CyberFlood Data Breach Assessment is an emulation-based solution that proactively provides in-depth, continuous and automated assessments of an enterprise’s security posture by safely assessing inline security devices with actual attacks, malware, applications and other network data.

One of the categories of threat assessment scenarios provided with this solution is emulation of “Sensitive Data” that may include corporate intellectual properties or end-user private data. This allows organizations to ensure sensitive data does not escape loss prevention policies defined in security solution sensors and filters.

As an example, let’s assume an organization has a policy in place to stop exfiltration of PDF documents that contain social security numbers transported over HTTP. In this organization, similar documents can be exchanged over other transports such as SMTP. We can observe details of an assessment done through CF Data Breach Assessment below.

  1. CF Data Breach Assessment reports the emulated transport of document.pdf containing social security number over HTTP was detected and “Blocked” whereas same document transported over SMTP was “Not Blocked”.

  2. Cyberflood blog
  3. We can confirm above reporting from CF Data Breach Assessment with packet capture in Wireshark (see document.pdf in File Export Objects HTTP … document.pdf).

  4. Also, we can compare that with the policy that was configured and blocked on the security platform, Fortinet Data Loss Prevention (DLP sensor, filter and firewall policy that includes the DLP sensor).

  5. The event that was triggered above and was reported as “Matched” can be verified too (Splunk logged the event corresponding to the file transfer over HTTP).

Cyberflood Blog B

Using CF Data Breach Assessment allows emulation of file transports that are representative of organization’s sensitive data and intellectual properties to ensure proper security policies are in place. Additionally, users can upload their own proprietary file sets to assess the accuracy of DLP policies in their networks.

Learn more about how Spirent CyberFlood Data Breach Assessment can help in validating enterprise network infrastructure security postures.

Like our content?

Subscribe to our blogs here.

Blog Newsletter Subscription

Reza Saadat
Reza Saadat

Senior Technical Marketing Engineer, Application and Security Group

Reza Saadat is a Senior Technical Marketing Engineer at Spirent in the Applications and Security group, with over 25 years of experience in computers and data communication technologies. At Spirent, Reza works with the Product Management, Engineering and Sales teams to bring to market new, cutting-edge applications and security testing solutions for network equipment manufacturers, enterprises, and service providers. His in-depth industry, market and software development knowledge as well as collaborative design and development skills have resulted in the creation of numerous  hardware and software solutions, which have been successfully released at companies such as IBM Corp, Cisco Systems and many more.