rvlsoft - Fotolia
Digital work depends on trusted content. Business teams both inside and outside of brick-and-mortar buildings rely on cloud content management platforms from vendors such as Box, Dropbox, Google and Microsoft to access, store and share files within an enterprise repository. But there are concerns about this information falling into the wrong hands, so cloud CMS platform vendors invest substantial resources in securing content at rest to protect files from unauthorized access and distribution.
Yet, there is a potential hole in this repository-based security shield -- the trustworthiness of the individual files themselves. Like phishing attacks and viruses distributed via email, shared files may be compromised and contain elements that undermine the security of the data warehouse. For instance, an infected file might launch malware that quietly captures and sends metadata updates to an external party, exposing patterns of the information exchanges and activities within an enterprise repository.
Difficult-to-detect events caused by malicious content -- files and URLs -- are likely to accelerate as digital work relies more and more on ad hoc file sharing. Administrators need automated capabilities to scan, inspect, quarantine and manage content in motion before files can be stored in the repository, while also preserving the workgroup collaboration and flexible sharing capabilities of cloud CMS platforms. It is important for tools to be secure and easy to use at the same time.
Detecting known and new threats
Israeli data security company Perception Point Ltd. is among a new generation of vendors addressing these threats in the cloud CMS era. Its expertise in developing agile cybersecurity technologies for digital-first enterprises addresses both known and new threats to content security.
The firm focuses on verifying the integrity of content in motion and inspecting files for malicious content before storing them in a shared repository. Perception Point now integrates with Box to deliver an add-on service that provides scanning and threat detection capabilities for Box enterprise customers. In addition to Box, it connects with file sharing services from Microsoft -- OneDrive and SharePoint -- Dropbox and Google Drive.
Perception Point offers both hardware- and software-based capabilities to detect threats posed by phishing, malicious URLs, impersonation and malware that seeks to add infected files to a cloud CMS. It can also detect advanced persistent threat attacks that originate from multiple vectors seeking to sidestep cybersecurity efforts. The tool combines various threat intelligence sources with its own internally developed engine to warn users about potential or current attacks.
The Perception Point program also runs in the cloud within AWS and supports several levels of threat detection. For example:
- It looks for signatures of previous malicious patterns inside any type of file, including images and MP4 formats.
- It provides an added layer of content security for digital work by dynamically scanning files from enterprise productivity applications -- such as the Microsoft Office suite and PDFs -- for zero-day intrusions and analyzes the execution flow of the CPU to detect never-before-seen attacks.
Expanding circles of trust
Box already has a partner ecosystem of third-party vendors assisting in delivering trusted content. Box provides a centralized platform and a core set of content security capabilities, then it relies on partners with specialized expertise to extend these centralized controls. Some partners already provide capabilities to identify signatures of malicious files before adding them to Box. Application developers have multiple options for adding intrusion and virus detection to file uploads within Box depending on the nature of the content security threats.
Perception Point's goal is to become a partner with specialized expertise in securing content in motion. Threats to content security continue to rise, and the company does have specialized expertise with a particular approach to cybersecurity.
However, the jury is still out on the speed and agility of Perception Point's capabilities. Day-Zero intrusion detection may become particularly relevant for ad hoc file sharing, particularly among anonymous parties with no reason to establish trusting relationships.
Cybersecurity for cloud content management is a moving target. Seemingly improbable risks sometimes metastasize into bigger problems. Companies need continuous innovation along with ever-expanding circles of trust to verify the integrity of content in motion. Perception Point and its emerging peers have the potential to fill this significant gap in the content security ecosystem for Box enterprise customers.