A Unified Data Protection Solution: Digital Guardian’s Purpose-Built Platform Defends Businesses From Internal and External Adversaries

TL; DR: Digital Guardian delivers unified data protection designed to mitigate internal and external threats across corporate networks, traditional endpoints, and cloud applications. Available on-premises or as a SaaS solution, the platform merges data loss prevention, endpoint detection and response, and user entity behavior and analytics. Now, Digital Guardian aims to spur more innovation with a new management team that is bringing forth new perspectives based on years of industry experience.

Whether to meet regulatory requirements, protect intellectual property, or safeguard trade secrets, today’s businesses must keep sensitive data safe from malicious actors or run the risk of financial and reputational ruin.

But while most are hyper-focused on threats from skilled and sophisticated external attackers, it’s easy to overlook the disgruntled employee who is keen on doing damage from within.

Digital Guardian, a purpose-built data protection platform, was designed to solve that problem by protecting valuable assets from both insider threats and external adversaries.

“Digital Guardian provides the security industry’s only unified data protection solution,” said Greg Funaro, Senior Director, Corporate Marketing at Digital Guardian. “Our platform meets data loss prevention, endpoint detection and response, and behavior analytics for the corporate network, traditional endpoints, and cloud applications.”

For more than 15 years, the company has enabled data-rich organizations to secure sensitive data through flexible deployment models, including SaaS, on-premises, and a fully outsourced managed security program. While the company often works to help clients in financial services, manufacturing, technology, and healthcare to support data governance policies and privacy regulations, its functions extend across all industries.

“Every business, at its heart, needs to focus on preventing threats,” Greg said. “We take a data-centric security approach where we start with the data, secure that, and move outward in terms of prevention.”

Digital Guardian, initially known as Verdasys Systems, was founded in 2003 by a group of pharmaceutical engineers who wanted to develop a solution for stopping leaks coming from within an organization.

Today the company has expanded to help users across the U.S., the U.K., Japan, and India monitor and prevent the misuse, accidental disclosure, and theft of data from internal and external threats.

“We offer Data Loss Prevention (DLP) to protect sensitive data from the inside, and then we have Endpoint Detection Response (EDR) to detect and stop external attackers on the fly,” Greg said.

In 2018, Digital Guardian introduced its User and Entity Behavior Analytics (UEBA) capabilities, significantly enhancing its existing DLP and EDR applications. The new technology delivers advanced analytics and anomaly-based detection to provide detailed insight into suspicious activities.

In protecting sensitive data from threats, the platform also supports compliance with data governance and privacy regulations.

“If you purchase Digital Guardian, you’re checking off the box for your typical, regulatory-driven compliance: GDPR, PCI, DDS, HIPAA, GLBA — you name it,” Greg said. “For difficult use cases with unstructured data, our discovery engine is able to go in and parse through the data. Then we work in a partnership with the corporation to identify sensitive data and start tiering it that way.”

Once a company completes the discovery and classification process, Greg said it becomes much easier and more cost effective to comply with diverse and changing regulatory requirements.

“We work hand-in-hand with companies in more of a strategic partnership as opposed to just ‘set it and forget it,’” he said. “DLP is not for the faint of heart — you really need to commit to it — but once you do, it pays dividends, especially if there’s ever an incident or you’re audited.”

Digital Guardian not only unifies DLP and EDR into one solution but allows users to manage and control Windows, Linux, and Mac OS agents within a single unit: the Digital Guardian Management Console (DGMC). The web-based solution provides for centralized controls, easy configuration and deployment, and simplified compliance in support of privacy regulations.

“What we offer — one center for both DLP and EDR in one management console — is a little different than other companies,” Greg said. “We make it so you don’t have to pivot back and forth.”

In addition, the company’s advanced analytics, workflow, and reporting tool, Digital Guardian Analytics and Reporting Cloud (DG ARC), leverages streaming data from network sensors and endpoint agents to provide streamlined visibility within one console. Designed with CISOs in mind, DG ARC puts a company’s most sensitive data at the core of all protection, monitoring, detection, and response activities.

The scalable, cloud-based architecture and user-friendly interface make it easier and more efficient for security analysts to detect and respond to threats both inside and outside of the organization.

DG ARC’s centralized reporting in the cloud allows users to leverage the power of big data security while removing storage limitations. Ultimately, the service aggregates and analyzes volumes of system, user, and data events and before converting that information into easily digestible intelligence.

The company also offers flexible deployment models to fit diverse user needs. “We can do on-prem for large enterprises all the way down to midmarket, and we have a SaaS-based delivery model through the cloud,” Greg said.

The on-premises solution allows companies to leverage significant investments in their technology, processes, and legacy systems. The SaaS option, on the other hand, enables teams to focus on identifying and mitigating risks rather than building and maintaining infrastructure.

The fastest growing piece of Digital Guardian’s business is its Managed Security Program (MSP), a fully managed service designed for both DLP and EDR analysts. Greg said the solution allows Digital Guardian to act as a remote extension of each client’s team.

With MSP, security professionals will host, administer, and run the data security platform 24/7. “I can’t tell you how valuable that is to our clients because there’s such a talent shortage for security experts with the right incident response and threat-hunting skills,” Greg said. “Our managed service is great for companies that don’t have the resources to staff security operation centers.”

But regardless of the deployment method a company chooses, Greg said it’s important to tread the fine line between respecting employee privacy and verifying behavior.

“It’s important for them to recognize that we’re not doing this as productivity monitoring software — that’s not the goal,” he said. “The agent is running in stealth mode to ensure that no data are lost either accidentally, which happens all the time, or maliciously.”

When purposeful data theft does occur within an organization, Greg said it’s often around layoffs. “Typically we see it happens right after a layoff when people who didn’t get laid off think they might be in the next wave and start attempting to exfiltrate all this data,” he said.

With Digital Guardian, the company can run a report to capture the suspicious activity and hold the employee accountable — which is especially useful if the case ends up in court.

Greg told us Digital Guardian revamped its leadership team this year to help accelerate company growth amid a rapidly increasing demand for data production. The company’s new CEO, Mordecai “Mo” Rosen, brings more than 25 years of senior-level tech experience to the company.

“The board really wanted to bring in someone who was established and knows the ecosystem, the technologies, and how to deliver more value to our customers,” Greg said. “Mo came in, and he also brought in a lot of experience and brain trust from large established companies.”

In June, Digital Guardian was recognized as Best Data Leakage Protection (DLP) Solution at SC Awards Europe 2019. Greg said the award is a testament to the company’s passion for its customers and partners.

“It’s one of the only truly objective awards left in the industry, so I was really happy about it,” he said.