There’s a new sheriff in the Dropbox world – and it’s Israeli cloud security firm Adallom. On Wednesday, Adallom announced that it was taking on a major role in ensuring security on the Dropbox for Business platform, the company’s high-end product aimed at enterprise customers – the kind of customers who would never consider using an on-line document storage service like Dropbox unless they were 110% positive that their data was safe.
“Dropbox for Business is all about simplifying the way people and companies work together,” said Patrick Heim, Head of Trust and Security for Dropbox. “Adallom’s integration with Dropbox for Business seamlessly delivers governance and security controls for data in the cloud without impacting the user experience people know and love.” Dropbox for Business is the enterprise component of the popular document storage site, where over 300 million users around the world upload and store documents, photos, videos, and much more.
Adallom will partner with several organizations, including Dell Data Protection, Sookasa, and nCrypted Cloud, among others, to provide security for the Dropbox service.
Software as a service (SaaS) is the natural outgrowth of the growth of cloud tech. Companies have embraced cloud technology to save money on servers and equipment and lower overheads, moving their operations onto a private, closed network or a public, large-scale service, like Amazon Web Services.
Cloud service companies seek top security technology to protect their clients’ data – and Israel, as a center of cyber-security technology, has emerged as an important source for multinationals seeking to protect their cloud. In fact, one of the biggest deals in Israeli tech history involved cloud security: In 2013, IBM spent nearly a billion dollars to buy Trusteer, a maker of security software to protect information from phishing and other malware attacks. Trusteer is one of the largest security firms working in the online banking space; among its customers are institutions like Bank of America, Société Générale, INGDirect, HSBC, NatWest, and The Royal Bank of Scotland.
Dropbox for Business is not a banking platform, but it’s likely that many of the documents there have sensitive financial data – the kind hackers are very anxious to get hold of. Adallom’s philosophy, according to co-founder and CTO Ami Luttwak, is that it is not enough to protect data; access has to be protected as well.
What if hackers get hold of the user names and passwords of employees? In that case, there’s little a company or organization can do – as the National Security Administration in the US learned the hard way, when a mid-level technician, Edward Snowden, walked away with thousands of secure documents, causing the Obama administration no end of headaches.
The key to SaaS data security, according to Ami Luttwak, co-founder and CTO at Adallom, is to implement a system that not only ensures that the data itself is safe, but that it is being used properly, even by company employees. “Sales people save their contacts, programmers save their code fragments and documents, finance has their spreadsheets with custom macros, and so on,” he said in a recent interview. “Copying data is only the ‘first hop’ of the insider problem, and we can think of credentials sharing as a ‘second hop’ of an ‘insider threat.’ I think we know how dangerous it is when employees share their passwords with other colleagues,” and for those with doubts, he said, it would be sufficient to look at the damage Snowden had done to the NSA.
Most security solutions, according to Adallom, are built for “perimeter security,” ensuring that data is secured on company servers. But with SaaS, much of a company’s information is stored elsewhere – and while Google and Salesforce.com will (hopefully) ensure that their servers are secure and that hackers can’t access client data, there is nothing they can do in the event of “phony authentications,” where a user appears to have the right credentials to get into an account, even if they are not supposed to be there.
Adallom helps prevent misuse of SaaS by keeping an eye on how employees are using it. If a user logs into their e-mail from New York, for example, the system makes note of it – and if it sees that the same user is trying to access client records from an IP address in London just an hour later, it can alert administrators that something is out of place; clearly, two different people are using the same account to access data.
If a user generally reads or downloads 3-5 technical documents a day, Adallom’s system will send out an alert if it sees the user downloading hundreds of documents; perhaps the employee is planning to quit that very day and is taking along some data “souvenirs” before leaving. If the system notices that there is a great deal of browser activity and lots of access requests, that could be evidence of malware installed on a user’s device, sucking up data as it is being downloaded by the employee. The alert will allow administrators to quickly put a clamp on that user’s access privileges.
As the system builds a user profile, Adallom is able to hone its understanding of how a user interacts with a company’s SaaS accounts. “By learning how each user interacts with each SaaS application, we realized we could develop a behavioral model that would alert us and our customers when that user acted in a manner unlike themselves, when user activities fall outside their standard behavioral deviation,” according to the company. “This model allows us to know with high certainty when user accounts have been compromised, and stop malicious behavior immediately. It also allows us to understand heuristic information that could then be aggregated to protect all of customers.” The system can examine more than 70 variables to set the baseline for normal usage within an enterprise.
Adallom debuted in 2012, to the praise of cyber-security experts – and since then has become a go-to enterprise solution for companies like HP, SAP, FireEye, LinkedIn, Pixar, Netflix, and many others. In addition to DropBox for Business, Adallom has specific solutions for SaaS-cloud services like Google Docs, Office365 and Salesforce.com.
“Adding Dropbox for Business to the growing list of Adallom-supported SaaS applications continues our momentum in a cloud market desperate for real security and management,” said Yinon Costica, Adallom VP of Products. “Dropbox’s large and rapidly growing user base will benefit from Adallom’s enterprise security features. The Adallom for Dropbox deployment will be completely seamless to users but CISOs benefit from the visibility, governance and protection of data in the cloud, in addition to proactive research from Adallom Labs, the leading SaaS security research team.”