Forcepoint announced the introduction of Dynamic User Protection that redefines modern user activity monitoring (UAM) and insider threat protection with the industry’s first cloud-native solution to deliver out-of-the-box functionality with no policy configuration. Through this capability, security teams are now empowered with real-time visibility into true risk behaviours of compromised and malicious users within hybrid cloud environments.
All security begins with visibility and the massive shift to remote work created blind spots into user activities with critical data and intellectual property in unmanaged home environments. Attackers have actively exploited this vulnerability with a 400% increase in cyberattacks in 2020, according to the FBI. 95% of cybersecurity breaches are the result of compromised user credentials and human error, it is a competitive imperative today that businesses gain needed visibility to mitigate a data breach in real-time.
Nico Popp, Chief Product Officer at Forcepoint said “Dynamic User Protection is the heart of our new converged cloud security platform with integration into Forcepoint Data Loss Prevention available today with future integration planned across the entirety of the Forcepoint portfolio, including our recently announced Cloud Security Gateway SASE solution which will be delivered in first-quarter 2021. This is the true power of human-centric cybersecurity realized today and it is powerful for every organization that desires the ability to prevent a data breach before it can occur.”
Delivered in an easy-to-consume SaaS model, Dynamic User Protection is fast and easy to deploy with a small 30MB footprint on the endpoint that installs in under 30 seconds with no reboot required. Utilizing Forcepoint’s unified agent, Dynamic User Protection is also self-maintaining through auto-updates ensuring enterprises have an always easy-to-manage cloud-delivered UAM.
Dynamic User Protection key features at-a-glance include;
- Autopilot: pre-configured user risk assessment that continuously collects, enriches and correlates events on the endpoint in order to detect anomalous behavior.
- Anomaly Detection: sets of observed data establish an entity’s baseline activity for specific applications and actions; and, observed data are analyzed with the anomaly detection engine to identify outlier behaviors and alert to real-time security risk.
- De-centralized Analytics: performed on the endpoint versus the centralized approach with traditional UAM/Insider Threat solutions
- Risk Calculation: continuous assessment of entity activity and risk impact generates a dynamic risk score that goes up and down based on the level of risk
- Risk-Adaptive Policy Enforcement: based on the risk score, risk-adaptive DLP policies automate security response based on level of risk. Enforcement options include: Audit, Block, Notify, Confirm Prompt, Encrypt and Drop Email Attachment.
- (Image Courtesy: www.csoonline.com)