Privileged Credential Abuse Icon

The Cloud & Privileged Credential Abuse

One thing that does not improve when moving to the Cloud (or outsourcing to any MSP) is privileged credential abuse. In fact, when you use the Cloud, the opportunity for privileged credential attacks expands substantially beyond what is available to attackers in the Enterprise – which is bad enough.

Audit Admin Icon

Minimize Audit & Administration

Are your IT people spending more time than you would like on security audits and administration? If your answer is yes, then you are certainly not alone.

Be Quantum-Ready Today

We’ve got your data covered … For encrypting data at rest, Cord3 only uses symmetric cryptography. Cord3 uses the Advanced Encryption Standard (AES) algorithm with 256-bit keys. We’ve got your data covered against future advances in quantum computing that are projected to “completely break” widely used algorithms like RSA and ECC.

Security Overlay Icon

What is a Data-Centric Security Overlay?

Cord3 implements its data-centric security in Intercepts. These Intercepts get overlaid onto a network between users and application servers. By “overlaid”, we mean that there are minimal changes required to get Intercepts to work because they simply get connected to a network and immediately begin capturing data asset packets flowing over a network between end points. When a data asset (e.g., a file or an email) is fully re-built on an Intercept, the Intercept applies the organization’s security policy to that data asset before delivering the now-secured data to its destination.

Deploy quickly Icon

Deploy Quickly – No Changes to Apps

Intercepts capture data asset packets flowing over a network and re-build the original data asset (e.g., a file or an email). When a data asset is fully re-built on an Intercept, the Intercept applies the organization’s security policy to that data asset, whether that is to protect an asset going to a server or make an access decision about data on a server.

Privileged Credential Abuse Icon

Privileged Credential Abuse

“It’s your worst nightmare, and a cyber attacker’s dream come true: the credentials of a privileged user getting stolen or otherwise compromised. After all, privileged users can go practically anywhere and do anything in your network as they go about the business of configuring servers and systems and setting security policies.” CSO Online, January 2018

Security Overlay Icon

Transparent Encryption

“Why is encryption software so horrid to use?” The long answer to that question is complex and diverse. The short answer is that encryption comes in two fundamental forms and one of the forms is actually easy to use – that form is “in transit” encryption, like SSL and VPN. The second form – encryption “at rest” – is a completely different story.

Privileged Credential Abuse Icon

Stop Privileged Credential Abuse

Privileged credential abuse has been traditionally difficult to detect and stop because data security is tightly integrated into applications and applications grant unrestricted access to privileged credential users, including access to sensitive data. Cord3 separates data security from applications. This separation of data security from applications enables two critical capabilities for protecting sensitive data against privileged credential abuse.

Data Governance Icon

Achieve Data Governance

Traditionally, every application has implemented data security its own way, with its own policies, settings, and algorithms. The result is too complex and costly for users and administrators. And auditors, too.
You want consistency. Consistency gives you data governance you can manage and control. And audit.

Cord3’s Encryption

Quantum computers are only projected to “completely break” public-key cryptography algorithms. Quantum computers are not projected to be able to compromise good symmetric cryptography algorithms, such as the Advanced Encryption Standard (AES) algorithm used by Cord3 and many other encryption technologies, provided strong encryption keys are used.