We’ve all been there. We’ve tried to send a file over to an external contact only for it to be blocked and we’re told to contact security in order to get the necessary permissions to send it. And we’ve all been annoyed. After all, we know we are performing a legitimate action as part of our jobs, why can’t our IT security realize it too?
Welcome to the old days of IT security. Centralized controls. Rigid rules. Lengthy delays in sending over crucial files.
At Reco, we believe that we’re bringing in a new world of security, that of collaboration security. In this new world, context is king, and security is an enabler rather than a barrier.
Old security vs new collaboration security
Old: Content based security
New: Context-based security
Sensitive data is usually held in the content of a file or message. As a result, the most obvious place to start with securing data in the past was by classifying the content of a data set as sensitive. However, this approach doesn’t achieve business goals on many levels.
Classified content doesn’t provide the security system with the context of the data. And lack of context combined with the restrictive rules associated with traditional systems leads to false positive alerts.
Reco’s collaboration security is based on context. The business context justification understands the connection between platforms and individuals and therefore can assign a justification of an action before alerting to it. This in turn enables Reco to dramatically reduce false positives.
Old: Static security rules
New: Dynamic security
Traditional security systems are static. They require manual mapping of data, roles, and access rights to set them up. They are configured using defined rules based on that mapping. And as a result, the systems require constant adjustment from IT and security teams in order to keep them relevant. No one has the time or ability to do this.
Reco on the other hand, with its business context justification can understand the business and dynamically set new rules based on identified changes on collaboration tools. This in turn frees up IT and security teams for tasks that are more relevant to the business.
Old: False positives and delays dealing with alerts and compromised security
New: Immediate action
Traditional security systems rely on rules to identify anomalous behavior. Any activity within the defined boundaries is immediately approved, any activity which falls outside these boundaries is immediately assumed to be a security event, and the action is blocked.
For example, employee A is based in New York and works 09:00 to 17:00 EST, Monday to Friday. But when A travels to France for work, and spends their Sunday preparing for a major presentation on Monday morning, their activity is flagged because they are working at 04:00 EST (or 10:00 in France) on Sunday morning. The action is blocked, and panic ensues.
In a context-based collaboration security system, it is understood that A works with customer B in France, and that there was other activity on their legitimate device around that time. It is therefore able to look for the justification first to enable the action and allow A to continue working without a hitch.
Old: Centralized security in overworked security teams
New: Secure collaboration tools are everyone’s responsibility
In the past, IT teams were responsible for enabling new actions. For example, when working with a new vendor, an employee would need to contact IT to set up the new vendor and find a solution that enables data sharing. Without a choice for employees to use different media, slow, centralized controls did the job. And when a security incident is identified, the security team would take responsibility for remedying the situation.
Decentralized collaboration security enables business and data owners to play a more active role in protecting their data. Collaboration security based on the data’s context enables users to make better use of collaboration tools to work with others and make secure decisions about who to share that information with. Reco’s option to “share information with user” also empowers the data owner or person at the center of the incident to resolve the incident without security having to be involved.
Secure collaboration tools with Reco and enable the business
Reco allows the organization to have full security without slowing the business down. Reco’s proprietary AI engine reads the metadata of all interactions across collaboration tools to create a context map and business context justification. This then enables Reco to dynamically set rules based on the context.
At Reco our approach has three main drivers:
1. We want to enable the organization to work faster, together.
2. So much sensitive data is created all the time, let’s protect it.
3. Let’s protect this data effectively.
Reco’s agentless product connects to the network and creates a context map using the metadata only almost immediately.
Give your CISO a good night’s sleep — Reco allows you to be fully confident in your security.
Gal Nakash
Gal is one of Reco’s Co-Founders and current CTO.
A tech enthusiast, Gal’s background is as a Security Researcher/ Hacker. Gal is a former Lieutenant Colonel in the Israel Prime Minister’s Office.
