How Imperva closes massive security gaps caused by IT complexity

Imperva Inc. has announced the availability of SecureSphere 10.5. With the announcement, Imperva is addressing the massive security gaps left by increasingly complex IT infrastructures, and is delivering leading protection against insider threats.

“We have all seen very high profile instances in which built-in controls have been too lax or security alerts have gone ignored or unnoticed and, as a result, critical data assets have bled from an organization,” said Stree Naidu, Vice President of Imperva Asia Pacific and Japan. “Today, we are introducing technology to enable our customers to proactively define security strategies instead of reacting to security alerts. By doing this, Imperva customers will be able to protect against data access in real-time when suspicious behavior is detected.”   

Aberdeen Group recently reported that SharePoint adoption has reached 65% with their enterprise customers. With nearly two-thirds of these enterprises using SharePoint as a collaboration tool, it is reasonable to assume that SharePoint holds business-critical data, including regulated or sensitive information.  Recent high-profile SharePoint breaches have exposed the massive weaknesses in SharePoint access control, which leaves this sensitive information at risk. As SharePoint continues to gain traction in the enterprise, security and risk teams need solutions that can lockdown files that contain sensitive and regulated data.

New in SecureSphere 10.5, and unique to SecureSphere, is the ability to protect against access to SharePoint files in real-time based on business policy. Unlike ACLs and other traditional solutions, SecureSphere can control access based on a combination of  behavioral and contextual factors such as the rate at which data is downloaded, time of day, source IP, etc. This gives SecureSphere for SharePoint customers the visibility and proactive control to help protect critical data assets from theft or misuse.  

A Forrester report states that 22% of publicly reported data breaches and security incidents in 2013 were caused by data governance failure.2 This implies that the human element is playing a significant role in protecting critical files. IT departments have to rely on an arbitrary set of security rules across all key stakeholders. However, business needs vary widely across an organization, and when the rules are generic, they are either too permissive in some cases, too strict in others.

The Data Owner Portal, a feature of all of Imperva’s File Security products, is designed to limit access to sensitive and regulated files only to authorized people by extending file access control decisions to business line owners who understand what data is critical and confidential. Instead of limiting access control decisions to arbitrary IT rules, the Data Owner Portal integrates these key stakeholders into the process of aligning access rights based on business needs.

With SecureSphere 10.5, Imperva is introducing two new feeds to ThreatRadar Reputation Services. ThreatRadar provides an automated defense against attacks and potential data breached by quickly detecting and protecting against known malicious sources. The two new feeds are Comment Spam and Malicious Scanners.

Previously announced, SecureSphere WAF for AWS is now shipping with SecureSphere 10.5. Imperva SecureSphere WAF for AWS is the first enterprise-class Web Application Firewall tailored specifically to protect applications residing on Amazon Web Services (AWS). Running natively in AWS, and leveraging all its capabilities, SecureSphere for AWS scales on-demand with AWS applications enabling organizations to move their datacenter infrastructure to the cloud without sacrificing the security controls that they have in their on premise applications.

With the release of Secure Sphere 10.5, Imperva dramatically lowers total cost of ownership for database security in large scale environments. Many organizations struggle to contain the costs of auditing and protecting large and growing database environments.