Digital Guardian
Digital Guardian is an American data loss prevention software company designed to see and stop malicious actions by users and malware on endpoints. Digital Guardian provides software both at the end-user level and in corporate networks, servers, databases, and the cloud.[2] The company is designed to see and stop malicious actions by users and malware on endpoints. It puts data events into context and applies a granular set of rules to protect it against threats.[3]
Formerly | Verdasys |
---|---|
Industry | Data security |
Founded | 2003 | (as Verdasys)
Headquarters | , |
Number of locations | |
Area served | Global |
Key people | |
Products | |
Brands | Digital Guardian |
Services | Managed security services |
Number of employees | 375[2] (2016) |
Website | digitalguardian |
The company holds 20 patents for its technology.[4] Its customers include about 300 Global 2000 companies, as well as seven of the 10 largest brands in the world.[5] It is considered to be a leader in the global data loss prevention market.[6][7]
History
The company was founded in 2003 under the name Verdasys.[8] From the start, its flagship product was Digital Guardian, a data-centric security platform monitoring and encrypting all proprietary or sensitive information passing through a desktop, laptop, or enterprise server.[9]
In 2008, Verdasys launched SiteTrust, an encryption software service for banks, brokerages, and other big companies that served customers over the Internet and were legally liable for losses from online fraud. Its client-side software package turned on whenever the user visited a website protected by the SiteTrust service and spawned a new instance of the user's Web browser, shutting out malware and creating a secure space around all communications with the protected site.[9]
An agreement between Verdasys and Fidelis Security Systems (now Fidelis Cybersecurity) in 2010 enabled customers to acquire and implement an integrated solution consisting of Fidelis XPS network appliances and Digital Guardian enterprise information protection in a single offering from Verdasys.[10]
In early 2012, Verdasys expanded its data leak prevention portfolio to the cloud to help enterprises protect their data stored on its networks and reduce costs. When one of its customers, a large insurance company, requested Verdasys to take over the job of monitoring and protecting the data, Verdasys introduced two new offerings: Managed Service for Information Protection (MSIP) and Information Protection as a Service (IPaaS), offering data protection as a managed service.[11] The Digital Guardian platform completed EAL2+ evaluation under the Communications Security Establishment's Common Criteria Evaluation and Certification Scheme in December 2012.[12]
Verdasys introduced a data connector in 2013 that contained malware threats detected by FireEye's platform. Before Verdasys' connector, the malware had to be handled manually.[13] In December, Gartner's Magic Quadrant placed Digital Guardian among the five leaders of the global data loss prevention market.[6]
Ken Levine, previously a McAfee executive, joined the company as CEO in 2014 and focused on simplifying its product.[14] In March, Verdasys raised $12 million in a venture funding, bringing the company's total raised capital to $69 million.[15][16] The funding round was led by existing investors GE Pension Trust and Fairhaven Capital, with a new, individual investment from Brookline Venture Partners.[8]
2014 was also a year of several major partnerships and acquisitions. In March, Identity Finder LLC partnered with Verdasys, bringing its Sensitive Data Manager, capable of automatically finding, classifying and securing sensitive information.[3] In August, Verdasys changed its name to Digital Guardian and increased its staff to 150.[4] At the time, its security software had been installed on about two million servers, laptops or other devices.[5]
In October, the company acquired Armor5, a provider of cloud control solutions focusing specifically on preventing employees who bring their own mobile device to work from copying and removing company files or data.[17][18]
In May 2015, the company acquired Savant Protection, enabling IT organizations to deploy a unique agent for whitelisting the applications that can be used on any particular endpoint.[19] When Blue Coat Systems launched the Alliance Ecosystem of Endpoint Detection and Response in July 2015, Digital Guardian was among the alliance-founding members. The ecosystem allows sharing of actionable intelligence gathered from endpoint security solutions.[20] Also in July, IT consulting firm Atos and Digital Guardian partnered up to deliver Atos’ cloud-based data loss prevention service.[21]
In October, the company bought Code Green Networks, based in Silicon Valley, which contributed its True DLP gear. The acquisition of Code Green Networks provided Digital Guardian with network, discovery, and cloud data loss prevention.[22][23]
The company added 100 customers in 2015, bringing the total count to nearly 500, including General Electric and DuPont. At the end of the year, Digital Guardian announced $66 million in new funding, the firm's largest round since it was founded. Returning investors in the round were GE Pension Trust (advised by GE Asset Management), Fairhaven Capital Partners, Loring Wolcott & Coolidge, Special Situation Funds and Brookline Venture Partners. New investors were LLR Partners, Mass Mutual Ventures (the corporate venture capital arm of Massachusetts Mutual Life Insurance Company) and the venture unit of Siemens Financial Services. The company raised $135 million since its founding.[14][15]
In January 2016, Gartner's Magic Quadrant for Enterprise Data Loss Prevention placed Digital Guardian among the four leaders of the global data loss prevention market for the fourth consecutive time.[7] BostInno included Digital Guardian among 16 Boston tech firms to watch in 2016.[24] The company was placed 148th on the list of top 500 cybersecurity firms in the world, released by Cybersecurity Ventures in 2015.[25]
Products and services
A data loss prevention software platform, Digital Guardian integrates content, context and location awareness along with encryption and data level controls to reduce the risk of information loss or misuse, and purposeful data theft. Its host-based security technology empowers organizations to monitor, control, audit and prevent data from wrongful disclosure or malicious theft, while automatically enforcing data security policies and procedures.[26] This scalable platform provides multiple, independent layers of protection to enable secure data sharing across physical, virtual, mobile and cloud environments.[12]
The architecture of the platform has three parts:
- Digital Guardian for Data Visibility and Control enables users to understand where an organization's sensitive data is and how it's being used with kernel-level data visibility, while also delivering device control and encryption.
- Digital Guardian for Data Loss Prevention adds deeper data visibility and fine-grained control and protection to stop insider threats, and includes advanced classification by context, content and user with email and file control and encryption.
- Digital Guardian for Advanced Threat Protection provides real-time threat protection by following the attack sequence from initial contact through many attack stages, while offering flexible controls to defend in a manner commensurate to the customer's risk tolerance. It also extends the existing security ecosystem with integrations with network solutions, like FireEye, and SIEM technologies, such as Splunk.[27]
Digital Guardian allows businesses to host and manage on premise or choose managed security programs.[27] When deployed as a managed service, Digital Guardian does not collect the actual data itself. Rather, it aggregates the metadata about the files and documents and watches for patterns of activity.[28] Metadata is encrypted, hashed and digitally signed before being transferred to Digital Guardian's hosting facilities via FIPS 140-2 certified messaging protocol.[29] Digital Guardian then provides updated analytics, alerts and reports. Administrators can continuously monitor data, application and system access and usage, whether end users are online, offline or in virtual environments. Organizations can apply specific risk-based policy controls to adhere to data governance and compliance rules.[11]
For example, the health service organization Cigna uses Digital Guardian software to monitor all ports and encrypt data transfers. When employees try to transfer files to a USB flash drive, they are prompted to type in the reasons for the transfer. The data they actually transferred is compared to those reasons.[30]
Digital Guardian also provides support for the ShareFile file sharing and storage systems, extending data loss prevention capabilities to organizations that support virtual desktops.[31]
References
- "Locations". Digital Guardian. Retrieved 28 April 2016.
- Gregory T. Huang (6 October 2015). "Digital Guardian Buys Code Green as Security Industry Consolidates". Xconomy. Retrieved 10 March 2016.
- Dark Reading (5 March 2014). "Identity Finder, Verdasys Team". Information Week. Retrieved 10 March 2016.
- Kyle Alspach (26 August 2015). "This Decade-Old Cybersecurity Firm Is on a Tear After a Big Turnaround". BostInno. Retrieved 10 March 2016.
- David L. Harris (5 August 2014). "Security software firm Verdasys reboots as Digital Guardian, in process of closing $20M round". Boston Business Journal. Retrieved 10 March 2016.
- Doug Woodburn (5 January 2015). "Buying British: Clearswift claims new DLP tech is taking off". CRN. Retrieved 10 March 2016.
- Brian Reed, Neil Wynne (28 January 2016). "Magic Quadrant for Enterprise Data Loss Prevention". Gartner. Retrieved 10 March 2016.
- Robert Westervelt (19 March 2014). "Verdasys Names New CEO, Plans Broad Channel Push". CRN. Retrieved 10 March 2016.
- Wade Roush (15 September 2008). "Verdasys Says it Has A Better Way to Protect Web Transactions Against Malware". Xconomy. Retrieved 10 March 2016.
- "Verdasys Partners with Fidelis Security Systems to OEM Fidelis XPS Network Security Solution". Reuters. 16 November 2010. Retrieved 10 March 2016.
- Fahmida Y. Rashid (26 January 2012). "Verdasys Offers Enterprise Data Leak Protection as Managed Service". eWeek. Retrieved 10 March 2016.
- Anna Ribeiro (13 December 2012). "Verdasys Digital Guardian meets government standards for common criteria security certification". Computer Technology Review. Retrieved 10 March 2016.
- Robert Westervelt (18 September 2013). "Verdasys Aims To Make FireEye Data Actionable With Automated Response". CRN. Retrieved 10 March 2016.
- Kyle Alspach (16 December 2015). "Digital Guardian Raises $66M Amid Big Revenue Growth, Plots IPO". BostInno. Retrieved 10 March 2016.
- "Digital Guardian". CrunchBase. Retrieved 28 April 2016.
- "US data security firm Verdasys lands $12M in venture round as new CEO is named". Venture Capital Post. 20 March 2014. Retrieved 10 March 2016.
- Dan Primack (16 October 2014). "Term Sheet -- Thursday, October 16". Fortune. Retrieved 10 March 2016.
- David L. Harris (16 October 2014). "Digital Guardian enters world of mobile and cloud data security with Armor5 acquisition". Boston Business Journal. Retrieved 10 March 2016.
- Mike Vizard (13 May 2015). "Digital Guardian Acquires Savant Protection for Application Whitelisting". IT Business Edge. Retrieved 10 March 2016.
- Joao Lima (29 July 2015). "Endpoint Alliance Ecosystem promises fight against malware". Digital Guardian.
- "Atos partners with Digital Guardian for data loss service". Consultancy.uk. 17 July 2015. Retrieved 10 March 2016.
- Tim Greene (6 October 2015). "Digital Guardian buys Code Green to gain data-loss prevention tech". Network World. Retrieved 10 March 2016.
- Hiawatha Bray (6 October 2015). "Digital Guardian scoops up Code Green". Beta Boston. Retrieved 10 March 2016.
- Kyle Alspach (8 December 2015). "16 Boston Tech Firms to Watch in 2016 (Bigger Co. Edition)". BostInno. Retrieved 10 March 2016.
- Sara Castellanos (4 May 2015). "These are the 35 companies putting Massachusetts on the cybersecurity map". Boston Business Journal. Retrieved 10 March 2016.
- "USB Protection Tips to Keep Data Secure".
- Nathan Eddy (20 February 2015). "Digital Guardian Updates Data Protection Platform". eWeek. Retrieved 10 March 2016.
- Barb Darrow (21 January 2013). "Bringing data loss prevention to the little guy". Gigaom. Retrieved 10 March 2016.
- Ken Presti (24 January 2013). "Verdasys Rolls Out Managed Service For Cloud-Based DLP". CRN. Retrieved 10 March 2016.
- Ted Samson (14 June 2013). "NSA's lax ban on USB drives may have contributed to PRISM leaks". InfoWorld. Retrieved 10 March 2016.
- Robert Westervelt (15 January 2013). "Verdasys Adds Data Loss Prevention Support To Citrix ShareFile". CRN. Retrieved 10 March 2016.