Titaniam Fileshare Proxy

Securing User’s Unstructured Data From Ransomware, Data Breaches, And Insider Attacks

Are you worried you could be hit with a ransomware attack and confront the compromise of your users’ data? Do you find it challenging to enforce file security and data privacy controls without getting in the way of business workflows? Titaniam offers the industry’s most advanced data protection software that ensures bad actors or malicious insiders with privilege can still not exfiltrate valuable files in unencrypted form.

Enterprises users’ unstructured data is typically scattered across a variety of file storage and sharing platforms, and can be in on-prem, cloud, or hybrid environments. Unfortunately internal and external bad actors routinely exploit trusted access channels to bypass traditional controls such as access control and encryption-at-rest to exfiltrate valuable data. 

One of the most common ransomware scenarios is where attackers get inside the firewall, move laterally across the organization, and gain privileged access to an unstructured data repository from which they exfiltrate as much data as possible. Once in the repository, their credentials give them access to unencrypted files and with these in hand they are able to mount a vicious extortion campaign. Enterprises who fall victim to clear text data exfiltration end up giving in to ransom demands even if they have the ability to recover systems from backup on their own. 

Aside from security concerns stated above, enterprises are also subject to a host of data privacy regulations which require them to have a firm handle on personal data in both structured as well as unstructured data repositories. For all these reasons it is important for organizations to invest in a modern data protection software solution that secures unstructured data against ransomware attacks, data breaches and insider threats, while still making it available for business use cases and without a heavy performance overhead.

“Protecting sensitive data while it is being used is the next frontier of data protection. It is really important for enterprises to have a default state for their data that is private and secure at all times, including when it is actively being used”

– Vishal Gupta
Global CTO & CIO, SVP Connected Technology at Lexmark

Titaniam Fileshare Security Key Capabilities

Titaniam provides enterprises with a unique and market leading data security platform that provides strong data security for unstructured data on fileshares while remaining completely transparent to the user themselves. Unlike other solutions that rely on agents on user endpoints, Titaniam focuses on securing against the largest risk vectors i.e. privileged access to the fileshares themselves and large scale exfiltration. Titaniam does not require agents on end user machines or devices.

The following are Key Capabilities for this Titaniam Data Protection software module:

Seamless Encryption
Titaniam’s data protection software module resides close to the fileshare and ensures that all user files are encrypted prior to landing on the fileshare. Fileshares are mapped into end user local machines for zero impact to user behavior and workflow.
Eliminate Attacker Leverage
Any direct, admin, or privileged access to files yields encrypted data. Titaniam’s advanced data protection software foils typical ransomware attack patterns by ensuring attackers cannot exfiltrate large volumes of unencrypted data via privileged access to data repositories.
No Unauthorized Browsing
In addition to encrypting the contents of user files, Titaniam’s advanced encryption-in-use capabilities enable the encryption of file and folder names while still allowing end users to search across these as they normally would. This further strengthens data security.
Encryption Keys, BYOK/HYOK
Integrates with industry-leading key vaults for key materials and supports Bring Your Own Key (BYOK) and Hold Your Own Key (HYOK). Keys can be applied on a per entity, department, user or file basis for strong security and data segmentation.
Supports Multiple Fileshares
A single instance of Titaniam’s Data Protection Software for Fileshares integrates with multiple filesharing solutions such as SMB or S3 based File Servers and Cloud Filesharing platforms. Titaniam Data Protection deploys across clouds, on-premise, and hybrid environments.
Audit, Compliance, and Post-Attack Support
Titaniam utilizes NIST FIPS 140-2 validated encryption for both file content encryption as well as file and folder names. Access is logged and monitored and in the event of an incident Titaniam can provide audit logs to show that data retained encryption.

Titaniam Fileshare Security Architecture

  1. Titaniam is deployed on the fileshare itself via agent or in front of it via proxy depending on the underlying file sharing platform and operating system requirements. In the case of file servers that allow agents, Titaniam agents are deployed on each file server. In the case where this is not permitted, Titaniam can be deployed via proxy. 
  2. In either case files being written to the fileshare would be intercepted by Titaniam and encrypted on the way in. Titaniam utilizes strong NIST FIPS 140-2 certified encryption to provide this functionality.
  3. In addition, Titaniam brings with it rich BYOK (bring your own key), HYOK (hold your own key) and key control functionality. This enables different data owners I.e. users, groups, departments, entities, etc. to ensure that their data remains strongly segmented and private even if it resides on the same file server or directory. 
  4. Encryption key based segmentation is also extremely relevant for regulatory compliance, data privacy, data residency, least privilege, and other compliance requirements. Key location and key management can provide companies with a strong and efficient security control with a broad span of enforcement. 
  5. When Titaniam encrypts files the encryption includes the data itself as well as names of files and folders as well. This makes it challenging for bad actors to traverse these repositories to pick and choose the data they want to take.

Titaniam Offers More Than Just Data Protection For Fileshare

Secure your data against cyber attacks with the full Titaniam Suite. Compliant with major regulations, and immune to ransomware, extortion and misconfigurations, our interoperable modules can give you peace of mind that your data is safe.
Select the modules you need to suit your architecture, and let us take care of the rest.
Titaniam Vault
Titaniam Vault
Titaniam Plugin
Titaniam Plugin
Titaniam API
Titaniam Translation Service
Titaniam Proxy
Titaniam Object Store Proxy
Titaniam Proxy
Titaniam File Share Security
Titaniam Platform

Titaniam Studio

Configure and manage Titaniam modules and services. View logs, dashboards, and reports.

Why Should I Add Titaniam To My Data Security Toolbox?

Compliance Is Easier Than Ever

Titaniam encryption meets with the most stringent data protection standards in all major regulations and frameworks.

Privacy Enforcement Is A Breeze

Titaniam releases data in all nine privacy preserving formats so it can be individually configured for downstream systems and users.

Cost Goes Down While Coverage Goes Up

Compared to traditional, extortionate tokenization solutions, Titaniam secures as much data as needed while retaining usability.

Time To Value Is Unbelievably Fast

The Titaniam plugin can be fully operationalized within a half a day, whilst the Proxy takes a few days.

If Attacked, Titaniam Makes Life Easier

In any attack scenario, Titaniam provides visibility into any data that was observed, accessed, or exfiltrated.