Compliance Snippets
- Traditional Data Security Model
- Real Enterprise Networks
- SECDEF Memo Overview
- Massive Multi-Channel Demodulation
- DoD Zero Trust Strategy
- Detecting and Preventing Data Exfiltration
- Data Exfiltration Use Case
- Cellular Device Detection and Localization
- Bastille and the SECDEF Memo
Excerpt From SECDEF Memo – Impacts on SCIF/SAPF Security Webinar
Speaker Jeremy Fremin explains how BrickStor’s strategy fits with the idea of zero trust. BrickStor solutions concentrate on fortifying the data center and assessing trust for every file access, independent of the source. This can stop attacks in real time and identify insider threats before data theft happens thanks to this strategy.
Video Transcript
So we we’ve started to link this this problem to this concept of zero trust, which is, you know, a big buzzword in the community. You know, frankly, you know, we have been doing zero trust fundamentals from the very beginning before it was a buzzword. And the way we think about zero trust is rather than, you know, focusing on and providing access to data based on, you know, somebody’s credentials and where they are, you know, in in the network. We’re really gonna challenge that trust at each transaction.
We really like the DOD zero trust strategy framework description here with with the puzzle pieces where, you know, all of the pillars of the framework are really in working in concert to protect the data. The challenge with this is that you can start to look at this and and think about the old castle and moat approach, where if you protect the outside edge, right, you can have a soft, creamy center. Right? And so what we’re gonna do with BrickStore is we’re gonna start hardening hardening that data center, and evaluating trust at each file access regardless of of where it’s coming from and who it is.
We’re gonna be able to by doing that, we’re gonna be able to stop attacks when they first start to occur, and we’re gonna be able to detect things like low and slow behavior of of insider threats, you know, before the data theft really happens and before the spillage gets to be critical. We’re a hundred percent agentless, and so this allows us to be able to fit into, an enterprise without having to expand the problem of reaching out to endpoints and all of those sorts of things. So we’ll talk about how those things are implemented as we go forward.