The Rise of the Data Access Security Broker – Interview with SecureCircle CEO, Jeff Capone


securecircle-blog

During this time of COVID and work from home, one of the consistent messages I hear from CISOs and IT directors was the lack of an easy to use desktop encryption solution that would work in the enterprise and not be cumbersome for users and partners.
I was introduced to SecureCircle after they made an appearance on SecurityWeekly. They are a ‘Data Access Security Broker’ (DASB) which combines many facets of working with the cloud, digital rights management (DRM) and data leakage protection (DLP) into one easy to use enterprise application.

After doing some diligence and speaking with customers, both Gula Tech Adventures and
Stone Mill Ventures joined and topped off SecureCircle’s current round and began to support and engage their go to market and roadmap. Like many of our investments at Gula Tech Adventures, I use the product on a daily basis to add a layer of protection I didn’t have before on very sensitive data. I also like to feature questions and answers from our portfolio CEOs and what follows is our first interview with SecureCircle CEO and founder, Jeff Capone.

Why did you found SecureCircle?

As the evolution from traditional on-premises computing to cloud started it became very clear that legacy data security approaches would need to change to meet new security demands in a world run on SaaS and cloud services. Security models historically manage by exception and with modern policies the exception is to allow, and the default is to block.  For example, today we don't create rules to block web sites, we add rules to allow certain sites. 

This approach has not been possible for endpoint data protection because the tools available to protect data such as encryption, DLP and DRM cannot scale to protect by default.  The traditional, clunky and not scalable DLP approach is to have automated systems or end users identify important or sensitive information and add tags, encryption or DRM.

In order to keep data safe on endpoints, it became very apparent that data would need to be both secured and consumable wherever it lands. Traditional security technologies such as DLP, DRM and encryption were going to be obstacles to businesses wanting to securely take advantage of the cloud.

For these reasons I set out to build a company that would help businesses protect data no matter where it goes while removing all the obstacles imposed by traditional security offerings. I call this technology a “Data Access Security Broker” in much the same vein as we now have “Cloud Access Security Brokers”. SecureCircle enables enterprises to control access and prevent data breaches by proactively protecting data regardless of where it is created, consumed, stored, or modified.

What are some use cases for protecting source code and other types of intellectual property?

Many businesses worry about protecting data that is pulled out of SaaS based services onto end user devices. The concern is that once it lands on the device it is gone forever. One approach we see is that businesses attempt to leverage virtual desktops (VDI) to limit the ability for data to leave the dev environment. The challenge with that approach is that the end-users experience becomes cumbersome and the impact on productivity is felt by all.

With SecureCircle developers can use SaaS based code repositories such as GitHub and sync data back and forth between the SaaS service and their device without the data ever being in an exposed state. Data that lands on the device is protected and encrypted but not in a manner that affects the developer or development tools. In this use case, most developers don’t even know the code is protected. If they move it to a USB drive or outside the circle, the data is already encrypted, preventing theft. If they try to copy it into a Word doc or text file, SecureCircle recognizes this and encrypts that data too, instantly expanding the circle to protect that sensitive data.

When you combine SecureCircle’s close to invisible user experience, tight security posture and limitless data type support the SaaS protection use cases become virtually endless. Our customers use us for protecting every type of data imaginable from sales records to productivity documents and everything in between.

If the files are encrypted, how can my blue team audit systems for the presence of sensitive content?

The challenge with simple encryption is it can inhibit the ability for audit systems to access protected content. However, with SecureCircle it is easy to allow internally approved processes to access protected content through a simple policy mechanism. We have the ability to add DLP tools into the circles so they can perform their searches for sensitive data.

Screen Shot 2020-08-04 at 11.15.32 AM

Example List of Authorized and Unauthorized Processes

Is there a centralized log or audit trail that can be used to identify flows and sharing of sensitive data?

Yes, every action on the files containing data is monitored and system logs are generated that can be aggregated in your SIEM or logging solutions. You can even see data similarity relationships in these logs in the case when someone creates a derivative work that contains a piece of the original work.


Screen Shot 2020-08-04 at 10.58.56 AM

Example Log Search Interface

Can the audit trail also be used to hunt malware attempting to access data? What about malicious insiders?

Firstly, unapproved processes such as malware never get the opportunity to read unencrypted bytes from files and objects that are under protection by SecureCircle. Any process that attempts to read content without explicitly approved access will fail to succeed and the failure is logged for investigation at a time that is suitable to the business.

Where can readers go to learn more or ask for a trial?

Please free to go to SecureCircle’s website to learn more. Readers can sign up for a trial at: https://www.securecircle.com/contact We look forward to talking with you about your security challenges.

Note - I’d like to thank SecurityWeekly CEO Matt Alderman for doing an introduction with me and Jeff.