Modern security teams use Symmetry Systems DataGuard, a Data Security Posture Management Solution, to gain a full understanding of their cloud data stores, data objects, and access permissions. With full hybrid-cloud data visibility they can reduce the frequency and impact of data breaches, and meet stringent compliance and privacy regulations.
Visualizing and Securing Data and Data Flow Across Environments
DataGuard arms security and privacy teams with a complete understanding at the data object level of:
- The data (from sensitivity to location)
- The identities that have access (permissions)
- Operations performed on the data by those identities (flows)
DataGuard combines each of these elements to help prioritize data security risks and aids security teams in remediating their impact.
Reducing the Data Blast Radius from Insider Threats, Vendors, and Third-parties
With DataGuard, security teams can stay ahead of threats and reduce the data blast radius. It enumerates all users and technologies who are able to access each data object, how they may use it, and have used it. Using machine learning DataGuard:
- Identifies excessive, unused or anomalous data
- Determines data access and usage
- Enumerates paths to sensitive data
- Quantifies the potential data blast radius of accounts
Security teams use DataGuard to inform and control least privilege IAM permissions, reduce data sprawl and proactively get alerted to anomalous data behaviors.
Managing Compliance and Privacy at the Data Object Level
DataGuard provides a data security posture overview against industry standards and regulations. It provides:
- Compliance audit capabilities
- Evidence to allow businesses to prove compliance with regulations
- Recommendations to proactively address gaps at the data object level
With DataGuard in place, compliance and privacy teams can comply with industry specific regulations at scale.
Anomalous Data Behavior Monitoring and Alerting
DataGuard detects current and historic anomalous data access and usage, alerting security teams in a timely manner with precision. Security teams can use DataGuard to investigate potential data breaches, ransomware attacks, and other cyber threats as quickly as possible.
Leading with Effective Data Breach Investigation and Response
DataGuard helps security teams quickly understand the blast radius and potential root causes during data breach investigations. With DataGuard, security teams can prioritize steps to contain and to reduce the data blast radius of the incident. Security teams can quickly:
- Uncover potential malicious data access within cloud environments and steps to take to contain the attack
- Collect information on what data threat actors have accessed and obtained, and what can be done to lock down further access
- Review data flow maps on how far threat actors were able to move laterally throughout the environment to cut down forensic time and ability to spread
Data Security Posture Management
Most security and compliance problems are about data flows — from sensitive data objects to risky identities.
Did an external account write malicious data into a datastore?
Can contractors and vendor identities access customer data?
Least-privilege IAM policies.
What data is at risk from service roles used by vendors, contractors, CI/CD tools, internet-facing applications?
Who has access to what and why?
Attacks on applications and APIs.
Which specific data objects have been breached?
Which specific users should be notified of a breach?
Credential theft or account take-over.
What data objects were stolen using an identity?
How can I reduce the blast radius with data-centric IAM policies?
Symmetry Systems Brings Zero Trust Principles to Data
One hour is all you need to install DataGuard as a sealed, read-only service in your cloud.
DataGuard builds a graph of data objects, identities, all permissions and actions.
DataGuard unifies permissions and actions across AWS, GCP, Azure, and on-premise deployments.
DataGuard conducts a graph analysis and uses machine-learning to power detection, response, compliance, and IAM remediation.
“We believe Symmetry Systems has an innovative, modern approach to data security that our clients will benefit from. Data is the backbone of any organization, and it is more important than ever as businesses continue to move workloads to the cloud that they have data stored securely with visibility into where it is stored. Offering unified visibility across hybrid cloud environments is a top priority for Accenture in helping our clients minimize risk with a solution that has security built in from the start.”
Rex Thexton, Accenture
Global Practice Lead, Applied Cybersecurity Services
DataGuard Amplifies Your Teams
Bring data flow visibility to your SOC, cloud-security, and privacy teams.
- Sets up “data firewall” rules and anomaly detection
- Fires light-weight alerts to SIEM or SOAR tools
- Retains evidence for incident response
Cloud security & IAM
- Conducts IAM analysis for data security posture management
- Suggests data-centric IAM policies to reduce privilege and lock down dormant data
- Automates queries into code for continuous compliance and privacy auditing
- Provides evidence of compliance with regulations
“Seven Bridges is a leading biomedical data analytics company, focused on genomic precision medicine, and uses Symmetry DataGuard to secure genomic and clinical data on the cloud.Symmetry’s key innovation is to map out data risk from dormant data and IAM permissions, as well as analyze data flows across our dynamic AWS environment. We found DataGuard a highly effective tool to collaborate with our devOps team, and are placing data firewall policies into code that enable stronger data security and help with achievement of our compliance audits.”
Symmetry Systems Named a 2022 Gartner Cool Vendor
We're a Cool Vendor. Get your copy of the April 2022 Cool Vendors in Data Security report to find out why, with compliments from the Symmetry Systems #DataSecurity
Read the report →