Mitigating Shadow-IT Security Risks Using Vaultize

Posted by Sayali Kekre on August 27 2015

The world of corporate IT has seen a definite shift toward better focus on network security, vulnerability management and data governance. Even as enterprise IT succeeds in deploying better security controls for the assets they know about, it is facing a growing threat from within — the challenge of shadow IT. The escalation of shadow IT in enterprises has remarkably increased over last few years because of freely available consumer cloud services (like Dropbox) and mobile applications.


We discussed these 4 Business Risks Associated with Shadow IT in the previous blog post:

  1. Data Leakage
  2. Regulatory Compliance
  3. Data Residency/Sovereignty
  4. Licensing Compliance

In this post, let’s see how Vaultize helps you mitigate these risks:

Data leakage becomes a critical issue for organizations as the number of events are growing significantly resulting in heavy financial losses, penalties and loss of reputation. Shadow IT is one of the main reasons for accidental data loss because of the use of things like consumer file sharing (like Dropbox) without the knowledge of enterprise IT. Employees who have access to critical, restricted or confidential information can put companies at huge risk when they use consumer clouds to store and share the information. Such data leakages can be prevented by giving employees an alternative to Dropbox (enterprise file sync & share (EFSS)) where they get consumer-like user experience they want, but with complete IT control and visibility – in compliance with internal corporate policies and regulations. Vaultize is the first enterprise file sync & share provider to integrate enterprise digital rights management (eDRM aka enterprise information rights management) with secure file sharing, mobile collaboration and mobile content management (MCM). Seamless integration of rights management with enterprise mobility further strengthens the position of Vaultize as the leader in enterprise file security. It also provides enterprise IT end-to-end security, control and visibility, while providing consumer-like user experience to end-users they expect.

Previously, company-owned devices represented the majority of endpoints but over last few years the enterprise mobility trend has picked up. In the coming years, analysts expect that there will be far more mobile devices (including bring-your-own-device (BYOD)) than laptops/desktops accessing and sharing the corporate data as a normal workflow. These will be used by employees within the corporate network as well as beyond corporate firewalls.

Vaultize focuses on end-to-end file security for enterprise mobility through enterprise rights management and mobile content management. It is a major differentiator for security conscious and regulated verticals like Banking, Insurance & Financial (BFSI), Pharma, Media and Government.

In today’s mobile world, traditional perimeter-based security controls and enterprise mobility management (EMM) controls are insufficient to meet the enterprise security challenges. Top enterprise mobility management players have been adding features over the last few years trying to form a complete mobility solution. But they are still far away from ensuring complete security of corporate data in situations where the files move beyond the managed devices and get shared with the people outside the organization.

Content in mobile world is difficult to lockdown without security controls travelling with the content itself. Vaultize addresses this through its US patent-pending Micro-containerization technology, which is independent of file-formats to provide end-to-end file security. In this approach to enterprise rights management, Vaultize embeds access rights in the file itself such that it is only usable by the authorized recipients in compliance with DRM protection settings as per the corporate policies.

Vaultize’s DRM allows enterprise IT access right controls. Through this, access to shared documents can be controlled and permissions to open, view, download, print, copy-paste, forward and edit those documents can be managed. DRM policies are automatically applied when the files are shared by document-owners through Outlook as well as through Vaultize’s secure link sharing (including from mobile devices). These policies can be applied to all end-users whether they are working on company device or BYOD device.

Vaultize provides an easy and elegant mobile-first user experience for VPN-free access to enterprise content repositories (file servers) and mobile file sharing on iOS and Android devices. Vaultize mobile apps have built-in mobile content management that allows corporate IT to prevent data loss, security and compliance breaches by controlling what end-users can do with corporate files through a built-in document editor that facilitates MS Office document editing and PDF annotation. Vaultize’s DRM also integrates with mobile content management such that files shared through Vaultize mobile apps stay DRM-protected even after they are downloaded by the recipient on a device beyond control of the company IT. In addition to the protection, the embedded DRM enables detailed tracking and auditing of shared files wherever they go – independent of location, device and user.

Also, Vaultize DRM integrates with content-aware Data Loss Prevention (DLP) from popular security vendors like Symantec, McAfee and WebSense through standard ICAP protocol. This means you can define DLP policies at a single place and those policies are automatically applied to files that are shared through Vaultize.

To comply with data residency (or data sovereignty) regulations prevalent in Europe, the data needs to be encrypted and keys need to be restricted to jurisdiction. So there should be end-to-end security with full control of encryption keys and a powerful suite of administrative controls. Vaultize allows corporate IT to manage keys through its Data Privacy Option (DPO).

Vaultize provides flexible deployment options. It is available as a SaaS (Software-as-a-Service - hosted on Amazon Web Services and Vaultize’s MSP partners’ data centers), on-premise as a single server, as a scalable private cloud and as a series of purpose-built appliances.

New Call-to-action

Gartner Security & Risk Management Summit 2015


















Topics: Digital Rights Management (DRM), BYOD, data leakage prevenation, enterprise file security, Dropbox Alternative, Shadow-IT, Data Loss Prevention

Subscribe To The Blog