Enterprise IT security teams face unprecedented challenges today with the distributed workforce and exploding software-as-a-service (SaaS) usage. The need for easier collaboration between a distributed set of users has never been greater. While in the past, allowing employees to work from home was considered more of a convenience or perk of the job, during the COVID-19 pandemic it has become essential to keep businesses running smoothly.
But even before COVID hit, on-prem applications were being rapidly replaced by Cloud-based, SaaS applications. It was becoming impractical to enforce traditional security constraints such as VPN tunneling into corporate networks to access public cloud-based applications like Google Workspace or Salesforce. However, it was still a feasible solution when only a fraction of the workforce was remote. COVID changed everything.
With the COVID pandemic still disrupting workforces worldwide, and many organizations having the bulk of their employees continuing to work off-campus, enterprises have had to rethink security. Forcing workers to access corporate applications and data only via VPNs is no longer an option. In fact, in most situations, VPNs are not able to scale when the entire workforce is remote. The traditional approaches don’t work anymore and making matters worse, this transition happened in a very short time.
As the pandemic continued, keeping essential operations running, required depending on video meetings, files sharing, provisioning application access, etc. —a big challenge for IT teams across organizations of all sizes. Popular collaboration applications like Slack, Google Workspace, Microsoft Teams, and new ones like Zoom saw an enormous adoption spike.
Even schools, universities, banks, and government agencies worldwide started using these popular SaaS applications in droves. The problem? Enterprise IT teams had no time to prepare and plan appropriate security measures, and frankly took a “do what you can and hope for the best” approach.
Based in Silicon Valley, GarbleCloud offers a different way to solve the challenges of a remote workforce. As a modern security company offering solutions for easy data encryption and powerful ransomware protection, it is playing a key role in remote workforce security. GarbleCloud allows enterprises and individuals to protect their documents and files stored in Google Drive, Dropbox, and Google Workspace applications such as Google Docs, and soon Gmail and Slack.
It does this today by enabling user-controlled encryption of files, without compromising functionality of the underlying platforms and applications. All cloud files can be seen, managed, and protected and there are no software downloads or installations required with GarbleCloud. Critically, end users do not need to acquire any special knowledge or skill to obtain the benefits.
According to GarbleCloud CEO Bijit Hore, “During COVID, threats rocketed for ransomware attacks that lock up computers, bringing critical operations to a halt and holding businesses hostage by threatening to expose/sell exfiltrated sensitive data containing IP, customer, and other business-critical information.” By threatening to expose personally identifiable information (PII), protected health information (PHI), and other forms of private data, Hore explained that enterprises risk reputation loss and hefty fines for violation of regulations like HIPAA and GDPR.
The company says its solution helps prevent malicious agents that are increasingly taking advantage of the security gaps introduced as organizations moved to an “entirely remote working” model. Many of these nefarious agents go after the most vulnerable organizations such as healthcare, financial institutions, and critical infrastructure companies.
While workers and IT are both figuring out how to remain operational, hackers are figuring out how to infiltrate corporate networks and compromise data centers in this rapidly changing work environment. Those who are unable or slow to migrate applications and data into secure cloud environments are continuing to pay a heavy price.
Enterprises have had to heavily rely on public clouds and SaaS applications that get business-critical tasks done easily and efficiently. Today, many enterprises are already using on average approximately 150+ SaaS applications. According to Hore, “Even supporting the top 10 most heavily used SaaS apps for an entirely remote workforce is a challenge of huge proportions.
Traditional perimeter and identity-based security that enterprises have relied on for decades is not sufficient or scalable to meet the needs of this paradigm shift in workplace dynamics. IT and enterprise security teams suddenly find themselves severely short staffed and skill-deficient when it comes to monitoring and securing the access to these SaaS applications and protecting the data stored, shared, and processed on these remote, cloud-based platforms.”
Making matters worse, enterprises often have little to no control in how these disparate SaaS applications implement internal security-access controls or where they store corporate information in the cloud. SaaS applications typically provide no visibility into which intermediaries have access to corporate or personal data of the customer, such as whether data sovereignty requirements and other privacy requirements (such as for GDPR) are always met.
The lack of any universal access control standards, end-to-end data security assurances, or privacy guarantees has meant that IT effectively took the attitude of “throw security to the wind as long as the application delivers the required functionality conveniently and efficiently.” Such rampant adoption of SaaS by enterprises having to support the remote workforce has created a nightmare for CISOs and IT security teams.
GarbleCloud believes that “data-centric” security is the answer. When you can’t control the environment, only a data-centric security approach can work. The company believes in securing the data in motion, at rest, and in use. Regulate access on a per-data-object basis, irrespective of where (i.e., which SaaS application) the data is stored/processed in or transferred/shared by.
For instance, if your Zoom video call is end-to-end encrypted, it does not matter that the calls are being routed via servers hosted in China or Russia. Similarly, if an enterprise’s data files are encrypted at source or at a trusted proxy and encryption keys are secured appropriately—shared with only authorized entities—then the enterprise won’t lose sleep over which collaboration platform its employees are using to share the latest engineering design documents with team members.
GarbleCloud offers data encryption services without the complexity, adding a new level of functionality and ease of use by enabling useful operations on encrypted files while making those files completely opaque to cloud service providers or SaaS applications.
According to Barak Engel, founder of EAmmune, and author of “Why CISOs Fail” and “The Security Hippie, “With GarbleCloud, businesses can access and use GarbleCloud’s patented technology to extend their control over their important files and documents (unstructured data), even when the files are managed by their employees and stored on remote public clouds. In doing so, GarbleCloud matches security expectations to security reality.”
As the world continues to become more “cloudified” with the SaaS-dominated work environment, GarbleCloud provides an invaluable tool for enterprises. The company’s solution provides key advantages of simplified, secure industry-standard encryption at scale; easy, user-controlled sharing and collaborating on encrypted SaaS data; full-text search on encrypted files without decrypting (one of the only companies to offer this capability); long-term protection of an enterprise’s sensitive data with bulk encryption, without compromising accessibility; and improved privacy with cloud providers.
GarbleCloud keeps encrypted data searchable, shareable, and workable in today’s distributed, multi-cloud, and SaaS environments. The company likes to encourage everyone to “garble” their data—it just makes good cloud sense.
This is a Contributor Post. Opinions expressed here are opinions of the Contributor. Influencive does not endorse or review brands mentioned; does not and cannot investigate relationships with brands, products, and people mentioned and is up to the Contributor to disclose. Contributors, amongst other accounts and articles may be professional fee-based.