Rubrik, Zscaler double down on data protection

Rubrik is automating sensitive data file detection and classification and working with Zscaler to stop such files being exported outside an organization’s IT boundaries. Rubrik has also doubled its ransomware recovery warranty to $10 million.

Data loss prevention (DLP) is intended to stop an organization’s private data being leaked by detecting copying onto unauthorized devices, such as a USB stick, or network transmission to end-points outside the organization’s network. Once outside an organization’s control, such files can be used to extort cash from the file owner.

Frank Dickson, Group Vice President, Security & Trust, at IDC, contextualized this: “The reputation of Data Loss Prevention has not been favorable as past implementations were often highly manual, management was painful, and the burden of data classification was often pushed onto the end user. The Rubrik and Zscaler integration addresses a critical need through automation by allowing organizations to easily implement protections on critical data while minimizing the management burden on data security professionals.”

DLP checks have to know what to look for and then have to be implemented. Zscaler is a cloud security company with tools to detect known file exfiltration such as Exact Data Match (EDM) for specific data items and and Indexed Document Matching (IDM) file fingerprinting. But its software has to know what files to look for. Step forward Rubrik.

The big issue is that an organization can have billions of files in its global, distributed and multi-cloud data estate. How does it know which ones contain sensitive information and must not be exported beyond its firewalls? The task of scanning, detecting, and identifying (classifying) sensitive files needs automating. That much is simple but how? You could simply and periodically scan every file but this takes much time and effort, an indexing system, and it can interfere with production data processing. 

Rubrik is basically a backup software supplier and knows about scanning files. It provides a Sensitive Data Monitoring & Management facility which works separately from production systems to discover and classify sensitive data. Once known, stronger data protection policies can be applied to these files, such as telling Zscaler not to let them be exported and ensuring protection in immutable backup repositories.

The two companies present their partnership under a zero trust umbrella and say it helps to protect against ransomware, which it certainly does as far as file theft and subsequent extortion is concerned.

Jay Chaudhry, Zscaler CEO, said: “Combining Zscaler’s and Rubrik’s leadership and expertise in zero trust data security allows our joint customers to reap the benefits of protecting their most sensitive and important data with ease.”

Rubrik is demonstrating its Zscaler integration at booth 235 in the RSA Conference 2023, which is taking place this week at San Francisco’s Moscone South Expo Hall. Zscaler also has a presence in booth 2051.

Separately Rubrik, recently itself attacked by malware, has doubled its ransomware recovery warranty from $5 million to $10 million. It is presenting this, in part, as a response to the National Cybersecurity Strategy unveiled by the White House on March 2. The strategy calls for the industry to “rebalance” to a shared responsibility for effective cyber defense. So Rubrik says it’s stepping forward to do that.

Co-founder and CEO Bipul Sinha said: “It is important for us to expand our Ransomware Recovery Warranty to deepen trust, and to further show our customers that we stand together with them in the fight against cybercrime. We were first with our warranty, and we welcome the increase of shared accountability and responsibility in this new era of cybersecurity.” Sweetening a warranty payout as a way of selling more product is a neat marketing move.