The cyber world is a dangerous place. No matter how many layers of security solutions are implemented, organizations and their networks are still vulnerable. A targeted attack can breach purportedly secure networks and steal the data contained therein. The most sophisticated cyber security authentication tools are generally only used to challenge users at the login phase. Further, data vaults for storing critical information and files are generally provided with access doors, which expose files and/or data stored in the data vaults to unauthorized file manipulation activities by unscrupulous actors.
In various embodiments, the system of the present disclosure analyzes a user's network behavior after the login stage and automatically sends authentication challenges to an associated device when anomalous behavior is detected. Further, anomalous behavior can be presumed by the present system, such that requested access is anticipated to be denied subject to a proper authentication permitting highly temporary and personal file access. In various embodiments, authentication is required by the requester and by one or more designated file owners.
Aspects of the present disclosure relate to a data vault with no doors or exits, thereby better securing stored data from any kind of exfiltration attempt, either by insiders or outsiders. In various embodiments, the presently disclosed system provides a secured container for infrastructure, software, workstation, platform, and storage “as-a-service” capabilities. The container blocks all exits by default and specifically protects against the theft or unauthorized exfiltration of data stored therein. As such, the present system provides far superior and secure data vault operations.
In various embodiments, the system can detect exfiltration attempts, identify anomalous or unauthorized actions, and block them. Aspects of the present disclosure provide and/or employ a mobile communications device application incorporating adaptive multi-factor authentication to validate users for their actions by challenging them to provide multiple distinct pieces of evidence. Further, the system disclosed herein automatically detects bad network behavior and prevents all data transfers until the user passes authentication challenges and, in various embodiments, until the requested file manipulation is approved by one or more designated owners.