Sentry Risk Intelligence (RI) is a next generation security solution that is revolutionizing the way businesses handle risk. To help organizations better understand the relationship between abstract security concepts and liability, as well as the various internal and external risks that can lead to a breach, Sentry RI provides relevant, actionable and timely intelligence.
The platform calculates a quantifiable liability in dollars based on the scope and quantity of identified risks. Businesses may not understand data security, but by translating liability into dollars, administration is better able to prioritize remediation efforts and security spend towards reducing the chance of a breach.
Bridging the Knowledge Gap
Understanding the likelihood of a data breach should be a top priority for today’s businesses. However, the huge gap in knowledge between C-level, Board as well as IT and Security operations, clouds the issue and inhibits progress. Sentry Risk Intelligence helps bridge this gap by translating risk into a language everyone knows. Cash money.
And it all works by providing answers to a few basic questions. Let’s take a closer look.
Where is Your Sensitive Data and Who Has Access to it?
Information is the lifeblood of any business. It makes your company competitive and helps it operate efficiently. Depending on what your business does, the type of information will vary. Payment data, personally identifiable healthcare records, proprietary intellectual property and financial data are a few of the most critical information types.
But regardless of type, companies need to have a confident understanding of where this data exists and which employees have access at all times.
Sentry Risk Intelligence helps answer these questions by providing contextually aware data discovery of all types of sensitive data stored on servers, laptops, desktops and even mobile devices. Determining the users and groups who have access to each piece of data and whether that data is shared are both essential to liability assessment.
How Can Cyber Criminals Get to Your Data?
Now that we know where the data lives, it is mandatory to determine how vulnerable the information is to a breach. That’s why Sentry RI provides comprehensive vulnerability diagnostics on each device where sensitive data is stored, including operating system and applications assessment.
Sentry Risk Intelligence utilizes a cross-platform vulnerability database that delivers support across Microsoft Windows, Mac OS X and Linux, as well as Android and Apple iOS.
What Will it Cost if I am Breached Today?
Sentry RI calculates liability based on the findings of its patented data discovery and vulnerability scanning. Multiple variables contribute to final cost assessment:
- amount of data discovered
- severity of vulnerabilities
- access permissions of the data
- industry average cost per record lost
By converting liability into dollars, breach risk is communicated effectively to all levels of an organization. Remediation and security spend may then be prioritized to reduce threat exposure.
Next-Generation Scanning Technologies
Sentry Risk Intelligence doesn’t require persistent software deployment or credentials for many of its methodologies. Built upon a highly innovative cloud platform, Sentry’s patented scanning technologies are based on three primary techniques.
Command Line Scanner
The core scanning technology is a lightweight, non-persistent, host-based executable for Windows, Mac and Linux systems. Core functions perform data discovery, vulnerability assessment, file hash discovery, permission discovery and configuration detection.
Deployment options include various methods such as Active Directory, Solarwinds n-Able, PowerShell scripts, McAfee ePO, LanDesk, Dell Kace or virtually any systems management solution capable of scheduling commands on workstations or servers.
Sentry Platform Integration
Now that Sentry Risk Intelligence is fully integrated with Sentry’s remote monitoring and management suite, Sentry Agent can run scheduled RI scans at varying intervals, trigger alerts when specific thresholds are reached and provide access to data breach, PCI and vulnerability reports.
Browser Based Scanning
The browser based scanner helps organizations assess 3rd party contractors, employee owned devices or other transient devices that access their networks and applications. This lightweight component provides the same vulnerability scan, data discovery, and features of the command line scanner, but can be integrated into web portals, single sign-on or other access points to catch non persistent devices.
Native Mobile Apps
For Android and Apple iOS devices, these native mobile apps provide vulnerability assessment and data discovery. It also includes lite MDM (mobile device management) capabilities such as locate, lock and wipe.
How Compliant is Your Business?
Almost every business today is faced with some sort of compliance requirements for securing sensitive information. Retailers usually are faced with the complexities of PCI. Healthcare providers and even employers of a certain size have to comply with HIPAA regulations. Financial institutions must comply with FFIEC.
Even if the organization doesn’t fall into one of these industry specific regulations, all but 3 US states have enacted security breach laws that can have severe consequences. Loss of revenue, loss of customer confidence and severe penalties and costs are a few possible examples.
Let’s take a look at how Sentry Risk Intelligence can help businesses comply with the top two compliance initiatives: PCI and HIPAA.
Any merchant accepting credit cards needs to comply with the PCI-DSS, or Payment Card Industry Data Security Standards. This compliance framework was brought forth by the major payment card issuers to help reduce the number of breaches where large numbers of payment card data was being ex-filtrated and sold on the black market.
Billions of dollars in fraud loss is enough to get anyone motivated.
The PCI DSS is comprised of 6 key areas of focus with 12 requirements. The 6 key areas are:
- Build and Maintain a Secure Network & Systems
- Protect Cardholder Data
- Maintain a Vulnerability Management Program
- Implement Strong Access Control Measures
- Regularly Monitor and Test Networks
- Maintain an Information Security Policy
Here are some key areas of focus where Sentry Risk Intelligence can help customers comply with the PCI DSS.
Protect Card Holder Data
Sentry Risk Intelligence provides supporting evidence for the requirements in this focus area by:
- discovering unencrypted cardholder data at rest, and
- determining which users have access to it.
One of the key tenants of the PCI DSS is to never store PAN (Primary Account Numbers), Track 1 or Track 2 data from cards in an unencrypted format. If an organization is found to have this data unencrypted on their systems, it is an automatic failure of PCI compliance. Furthermore, the organization is required to provide evidence that they are not storing this data.
The Sentry Risk Intelligence Data Breach Risk Scan report output provides this evidence for the PCI Auditor.
Maintain a Vulnerability Management Program
Sentry RI includes one of the most powerful vulnerability scanners on the market. Using it helps organizations identify vulnerabilities on systems where card data is being processed. It also helps them perform and prioritize remediation efforts due to its unique style of reporting that aggregates vulnerabilities by problem scope and vendor.
This allows quick remediation of vulnerabilities and removal of a larger percentage of problems with less effort.
Implement Strong Access Control Measures
Sentry Risk Intelligence helps organizations in this key focus area understand the answer to our earlier question: Who Has Access to My Sensitive Data?
Requirement 7 in the PCI DSS instructs organizations to restrict access to cardholder data by business need-to-know. Sentry RI provides the needed intelligence for you to audit user access to these sensitive data stores and remove excessive permissions as needed.
The Health Insurance Portability and Accountability Act was enacted August 21st 1996. In short, this law was designed to help improve the portability and continuity of insurance coverage, to combat fraud and waste in health insurance and to define national standards for electronic healthcare transactions as well as national identifiers for providers, plans and employers.
Title 1 of this legislation provides the support for portability and continuity of insurance coverage. This is not an area where Sentry RI can help.
Title 2 of this legislation provides support for national standards, among them being security requirements. This is definitely an area where Sentry RI can assist with compliance.
Protected Health Information (PHI)
PHI under US law is any information about health status, provision of health care, or a payment for health care that is created or collected by a “Covered Entity” (or a Business Associate of a Covered Entity), and can be linked to a specific individual.
Under HIPAA, PHI that is linked to an individual on the following identifiers must be treated with special care:
- Certificate/license numbers
- social security numbers
- Fax numbers
- email addresses
- full face photo images
- device identifiers and serial numbers
- biometric identifiers (i.e. finger, retinal or voice prints)
- Account numbers
- Vehicle identifiers including serial and license plate numbers
- phone numbers
- medical record numbers
- health insurance beneficiary numbers
- geographical identifiers smaller than a state
- dates (other than year) directly related to an individual
- IP addresses
- any other unique identifying number, characteristic or code
Understanding the Security Rule
The Security Rule of HIPAA regulations deals specifically with EPHI, or PHI that is stored electronically. While the Privacy Rule pertains to all PHI- including paper and electronic, the Security Rule lays out three types of security safeguards required for compliance: administrative, physical and technical.
- Administrative Safeguards are a collection of policies and procedures designed to clearly show how the organization will comply with the act.
- Physical Safeguards control physical access to protect against inappropriate access to PHI.
- Technical Safeguards control access to computer systems and protect communications containing EPHI over open networks from being intercepted by anyone but the intended recipient.
Sentry Risk Intelligence and Technical Safeguards
Sentry RI can help businesses comply with the HIPAA Security Rule regarding the following technical safeguards:
Systems housing PHI must be protected from intrusion- You can’t protect from intrusion without understanding how the intrusion could occur. Utilizing the Data Breach Risk Intelligence report to illustrate where PHI exists, who has access to it and how hackers can gain access is critical to remediating and protecting systems.
Documented risk analysis and risk management programs are required and place responsibility on the organization to take all reasonable precautions necessary to prevent PHI from being used for non-health purposes. Monthly Data Breach scanning and reporting helps organizations document their risk analysis of PHI and allows them to be proactive in remediating risks to prevent PHI from being used for non-health purposes.
The End Game
At the end of the day, businesses need to determine an agreeable liability amount for their workplace. Then, Sentry RI can be used over time to manage that environment to stay below the threshold.
This can only be done by performing regular RI scans in order to verify prior remediations are being enforced and that no new, unprotected sensitive data has been identified.
Sentry Business: Your No-Risk 30-Day Trial
Sentry Business Solutions make sense out of security, delivering business networks, workstations and servers a comprehensive set of software tools focused on delivering maximum threat protection and minimal exposure.
Come see how the pros do it, with a no-risk, try-before-you-buy, 30-day test drive.
Pricing starts at under $1/day per workstation and less than $3/day per server.
Sentry Backup delivers a hybrid cloud solution that provides a final security layer for recovering lost data.