Symmetry Systems, the data + AI security company, has officially announced a successful deployment of its industry-leading Data Security Posture Management (DSPM) solution in a completely air-gapped environment, making the first time any company has managed to do so. Before we get any further into this feat, we must acknowledge how air-gapped environments, due to them being completely isolated from external networks, have long presented a unique challenge in the context of deploying and operating security solutions. This means traditional DSPM offerings are ill-suited for these highly secure settings, considering they are usually delivered as SaaS and are reliant on external connectivity. So, what really propelled Symmetry Systems to break this deadlock? Well, the answer resides in its ability to embed the solution entirely within the customer’s own cloud environment or on-premises infrastructure, where an air-gapped deployment does not allow for “Outpost” deployments that send critically secret “metadata” back to vendors’ servers. You see, by packing together all compliance controls, such as endpoint inventory and detection tools, the company’s proprietary solution effectively eliminated the need for data ingress/egress from the environment. This, in turn, helped it in making sure that data never leaves the trusted confines of the organization’s originam infrastructure. On top of it, the given setup also took care of the fact that no external party is able access the system, thus fulfilling the strong compliance requirements posed by an air-gapped environment.
“Zero Trust is rooted in data and identity. This milestone deployment showcases Symmetry’s ability to deliver innovative data security solutions that address the unique challenges faced by government agencies operating in the most secure, air-gapped environments,” said Tyler Bodell, Director of Federal Products and Services at Symmetry Systems. “As government agencies continue to adopt transformative technologies to support their broader mission, Symmetry is proud to be at the forefront of ensuring zero trust through comprehensive data security and compliance.”
Talk about some specific things this deployment went on to achieve in the process, we begin from the ease of integration and value it generated within hours of deployment. This came on the back of code templates that would inherit all security and compliance controls, and also through integrations with existing telemetry and security operations tools. Next up, we must steer the discussion towards air-gapped data discovery and classification. Here, you have comprehensive agent-less data discovery that maps and classifies sensitive assets without relying on external communication or services. Another comprehensive feature of this deployment is rooted in its identity and entitlements analysis, which entails using cloud permissions and data store entitlements to connect identity insight from identity providers with fine-grained data objects and data types, such as CUI, FCI, PCI, PII, and other custom classified data.
Moving on, even though it worked alongside a largely unexplored environment, Symmetry also realized the prospect of continuous data activity monitoring. You see, such a prospect reveals itself once you consider that cutting-edge anomaly detection capabilities were introduced to identify insider threats, third-party risks, as well as dormant/offboarded users’ with ongoing permissions to operations and sensitive data. Rounding up highlights was the deployment’s automated posture assessment and the related findings. Owing to the stated automation, the development unlocked immediate visibility into current state of data encryption, access controls, and audit logging to safeguard data against unauthorized access or misuse. This it, markedly enough, combined with intelligent and policy-driven alerting on security risks and vulnerabilities that, on its part, could be facilitated without any external and manual assessment.