ZoneFox, a world-class security platform that effectively combats the growing issue of insider threats to businesses through user behaviour analytics and machine learning, today launches its latest product version, ‘ZoneFox 3.3’. It centres around a specialist feature known as ZoneFox Compliance Reporting, which has been specifically designed to assist businesses with some of the key requirements they must follow in order to become and remain compliant with the impending General Data Protection Regulation (GDPR) as well as HIPAA, SOX and PCI DSS.
With the addition of Compliance Reporting, ZoneFox enables businesses to be alerted and provided with in-depth, real-time analysis in the instance of a regulatory breach or when data has been transferred without the correct authorisation.
This means activities, which under GDPR would leave organisations liable to a hefty fine, will automatically be flagged by ZoneFox. These include instances such as exfiltration and data leaks, data being sent to unauthorised non-EEA and non-exempt countries, data being accessed by dark web browsers and unauthorized processing of known files containing data subject records such as downloads to removable media or processing.
ZoneFox’s software runs silently and unobtrusively in the background of an employee’s device – without compromising individual privacy. This allows it to provide a high-level overview of activity and enables security teams and Data Protection Officers to rapidly access forensic data so they can respond to, and manage, potentially non-compliant activity efficiently and effectively.
When such breaches occur, an alert will appear on the ZoneFox dashboard, providing full details and a forensic trail of what has happened; for instance, which employee is at the centre of the breach, how it happened, what device was used and how it falls foul of GDPR. Unlike other solutions, ZoneFox monitors for irregular behaviour, both on and off a company’s network – meaning that, for instance, even if a breach occurs when an employee takes their laptop home, the security team will be swiftly alerted and effectively informed.
Security teams will also have the ability to start a countdown timer once they spot a specific incident. This has been designed to comply with GDPR rules that state any data breach must be reported to a Supervisory Authority (SA) within 72 hours of being acknowledged.
Commenting on the launch of the latest product version, ZoneFox Product Manager, Stephen Budd said: “GDPR is a game changer that is going to affect any businesses that are operating digitally. The authorities have made it very clear that they will come down hard on any firm that suffers a data breach, whereby sensitive data is compromised. As an organisation that is passionate about protecting against the insider threat, we believe this latest product upgrade is going to be a real asset in dealing with what are, in effect, quite complex and daunting new regulations.
“With the addition of compliance reporting, ZoneFox enables organisations to rapidly understand where compliance regulations have been breached, how it has happened and what needs to be done to effectively bring it under control, all in a detailed but easy to digest way. We are able to do this because our technology expertly monitors the user behaviour that puts a business at risk and quickly brings this to the attention of security teams.”
While ZoneFox goes a long way to provide thorough and fast analysis in regards to assisting businesses adhere to the rules associated with GDPR, it does not guarantee they will be compliant with the regulation.