Intelligently Securing Collaboration

Back in the mid-Nineties, I delivered an invited technical presentation at the Dean Acheson Auditorium located inside the US State Department Headquarters at Foggy Bottom. My talk was called: “What is a Firewall?” and it seems so curious to reflect now that attendees didn’t consider this an overly trivial topic. I remember trying to explain stateless packet filtering to the group using toll road analogies, and I don’t think it went over that well.

Anyway, I bring this up is because one of the other speakers was presenting an encryption scheme to protect browsing sessions on the new World Wide Web. I remember questioning this speaker’s future business prospects, because he just seemed so tentative up there, shifting nervously back and forth at the podium. Of course, my instincts were bad, because the speaker was none other than (drum roll, please): Future billionaire Mark Andreessen describing SSL.

So, here we are a quarter century later, and thanks to the pioneering work at Netscape and security protocols like SSL, we can buy books on Amazon.com with reasonable security. But surprisingly, we cannot assume that comparable day-to-day tasks such as sending an email, sharing a file, or collaborating with a partner, have sufficient cyber security support. If you, for example, wanted to send me an encrypted email right now, could you? I suspect not.

I had this in mind this week as I participated in a discussion with principals of a UK-based cyber security firm called Egress. I’d known some team members from their Voltage Security roots, and the meeting had been arranged to help me understand how Egress was applying modern security solutions to common IT functions. I was struck with how smoothly advanced machine learning technology could integrate with the IT collaboration issues we deal with every day.

“The Egress solution combines data security, data encryption, predictive analysis, and behavior-based machine learning to support and improve user collaboration,” explained Tony Pepper, CEO and Co-Founder of Egress. “Our emphasis is on unstructured data, and we are able to support typical business requirements for security compliance and regulatory control including the GDPR.”

The basic idea behind the Egress solution is straightforward. That is, their platform is designed to combine advanced machine learning technology with security tools that proactively engage with end users to help prevent a data breach, as well as to protect sensitive data shared internally or externally. This includes cloud or premise-based protection of email, documents, and audio files as well as discovery and data classification.

I was pleased to see how the Egress team had smoothly embedded learning concepts into common enterprise IT functions. In fact, the integration seemed so obvious, I was surprised that I hadn’t seen such application of automated intelligence done more frequently. We all joked that perhaps adding machine learning to email, file, and other unstructured data handling adds a bit of fun to seemingly mundane IT tasks.

Since encryption is such a fundamental component of the solution, I asked the Egress team for a summary of their approach. They outlined a novel key management technique with granular security controls, which is detailed in several of their patents. Interested readers can view the specifics in the Egress patents on encryption and secure file transfer that are made available for download at their website (https://www.egress.com/en-US/patents.)

As one would expect, any discussion of enterprise IT security finds its way eventually to Microsoft integration. It turns out that the Egress team has spent considerable time on this important task: “Our platform is fully integrated with Microsoft Outlook and Office 365,” explained Pepper, “and we’ve done so with an interface that involves little more than one-click to add security to enterprise services such as email.”

We also spent some time covering their security solutions for enterprise collaboration, and again, their formula involved integration of machine learning with emphasis on simplicity of use. “We allow our users to maintain security as they collaborate on a project,” Pepper said. “This works as well on premise as it does for accessing secure cloud services from Microsoft Office, Outlook, or the desktop. It also enables smooth creation of clean rooms.”

One of the great advantages of using a platform like Egress is that compliance with common cyber security frameworks becomes much simpler. The team rattled off an alphabet soup of compliances supported, including HIPAA and GLBA. This is an important consideration since the intensity of security compliance is likely to increase in the coming years, especially once the GDPR becomes a mandatory requirement for most businesses.

The full range of solutions from Egress is too long to list in this article, but it is an impressive collection. For IT managers concerned with security and compliance requirements, but who also demand simple interfaces that impose little burden on enterprise users, the Egress platform looks like a good choice. And the inclusion of machine learning should help to future-proof the solution against the evolving (and increasing) enterprise threat.

Give the Egress team a call, and as always, please be sure to share what you’ve learned.