Baffle Inc., an advanced data protection company, today released Baffle Data Masking and Exfiltration Control, the only masking and exfiltration solution that ties access control and usage to data-centric encryption, providing an end-to-end data protection solution. In addition to Baffle’s patented data protection that protects data in memory and in use while allowing operations on encrypted data, Baffle Data Masking and Exfiltration Control extends access control capabilities to protect data as it leaves an organization and creates a simple way for businesses to responsibly share data with third parties.
Baffle Data Masking and Exfiltration Control is available today. The solution is sold as an enhancement to Baffle’s Advanced Data Protection.
Click to Tweet: @Baffleio unveils Baffle #Data Masking and #Exfiltration Control: Baffle.io/press-releases/data-exfiltration-control #cybersecurity #infosec #encryption
According to a 2018 Opus/Ponemon Institute study of 1,000 CISOs and risk professionals in the U.S. and UK, companies share confidential information with, on average, 583 third parties. Approximately 59 percent of companies say they have experienced a data breach caused by one of their vendors or third parties over that year.
Baffle Data Masking and Exfiltration Control includes two features to protect businesses from common threat scenarios:
- Data Masking: Without modifying applications, businesses can mask and protect data in test and development environments, and when sharing data extracts with third parties across the supply chain. This minimizes risks during data breaches with massive data exfiltration.
- Dynamic Data Entitlements: Businesses can set policies that limit access to highly sensitive data, such as a human resources or customer database, based on user or organization identity to ensure data privacy and minimize the risk of data leakage.
In both cases, an attacker would not have access to any data in the clear, which helps reduce the available attack surface to steal data and minimizes data breach risks which all businesses face today. Furthermore, using Baffle’s solution, businesses can identify and responsibly share data with third parties, controlling which portions of the data are relevant for each third party, without overexposing their datasets and sharing it in the clear.
“Data breaches continue to occur unabated because companies aren’t protecting data at the source,” said Ameesh Divatia, CEO and cofounder, Baffle. “The vast majority of high-profile breaches, such as Yahoo, Equifax, Marriott, Capital One and others, result from the fact that companies are already compromised. The logical response to this type of threat is to protect information in a data-centric manner and work to protect against mass ‘smash and grab’ data exfiltration operations. Baffle Data Masking and Exfiltration Control gives businesses peace of mind to securely share data with third parties, all the while knowing their data is secure from both external and internal bad actors.”
Learn more about Baffle Data Masking and Exfiltration Control here: https://baffle.io/data-exfiltration-control
Baffle simplifies enterprise encryption. The company’s modern, data-centric encryption and advanced data protection solution is designed for distributed and cloud-native environments, DevOps and microservices. Only Baffle protects data at rest, in memory, in the search index and while in use with AES encryption that requires no application rewrites, no key management changes and no business process breakage. Baffle’s investors include True Ventures, Clearvision Ventures, ServiceNow Ventures [NYSE: NOW], Greenspring Associates, Thomvest Ventures, Engineering Capital, Industry Ventures and Triphammer Ventures. Follow us on Twitter and LinkedIn.