technology and eye

A DLP solution for Malaysia

Evault Technologies Sdn Bhd, a 100% local Malaysian company has many years of experience and expertise in enterprise data protection. It specialises in data protection for more than 17 years since the introduction and enforcement of the Malaysian Digital Signature Act in 1997.

Evault have many years of experience in data protection and were the core technical development team from our Malaysian first Certification Authority, Digicert Sdn Bhd. Their competencies include public key infrastructure, strong multi-factor authentication, strong encryption and data leakage prevention.

Evault, a strategic CyberSecurity Malaysia partner via the latter’s Cybersecurity Malaysia Collaboration Program (CCP), began offering homegrown PKI (public key infrastructure) solutions in 2007.

“PKI is a good security technology and we implemented several projects to secure e-procurement systems,” he explained.

Encryption technology is good to protect data in terms of confidentiality, integrity and privacy.  Basically it is a protection against unauthorised outsiders.  However, we begin to see many data breaches happening around the world as a result of insider threats.

After watching this space for two years, we begin to see that insider threats have grown significantly and become the biggest issue facing governments and corporate all over the world.  Evault has turned its full attention towards Data Leakage Prevention (DLP) and has remained focused until today in Research and Development and commercialisation of this very critical part of the overall security of organisations.

Indeed, the focus of all their research and development efforts, is in this category of cyber protection called data leakage prevention or DLP.

At the moment, SecureMi is the only Malaysian developed DLP solution which is Common Criteria certified in Malaysia and Asia.

Why homegrown solutions are best

In Jimmy’s opinion, locally made solutions are significant because when it comes to cybersecurity technologies, using homegrown technologies is  a better option because it can reduce the dependency on foreign products.This way, Malaysian businesses and the government sector won’t be at the mercy of foreign solution providers who may have built in ‘backdoors’ within their own products.

“Sometimes, it could be due to pressures from their own government intelligence agencies,” Jimmy observed. Backdoors operate by leaking out sensitive data of the organisations they are located within.

So, using a Malaysian-made cybersecurity solution removes this uncertainty from the equation altogether.  He says “Security should not be imported”.

According to Jimmy, “Our solution SecureMi is developed locally and is certified under the global Common Criteria programme. It is locally developed and certified globally. It is a trusted and certified platform.”

SecureMi has also won an award from CyberSecurity Malaysia in 2017, in the category of “Cybersecurity Project of the Year 2017.”

Innovation at work

Despite having a complete solution, Jimmy believes in continuous research and development. “R&D is not something that you do one time. It is a continuous process to keep up with changing user requirements and changing technologies.

“We have to be very focused in what we do. We have to innovate all the time, and ensure that our product is on par with international products.”

And, data leakage is one area that Evault has identified as needing protection solutions.

“Today data leakage is very serious. Insider threats (intentional or otherwise), are the cause of majority of data leakages and data breaches. Some say 50-percent to 80-percent of breaches are due to insider threats.”

He explained that these perpetrators whether accidental or malicious could be anyone in the organisation from regular work staff to the top management.

Without realising, they could leak data when they do something as simple as misuse their passwords, or even copy documents to their thumb drives and leave it lying around.

Other common channels where data is leaked are emails, Bluetooth-enabled devices, web drives and so on.

Using data identifier technologies like keywords, regular expressions, file attributes, the organisation could set enterprise DLP policies to determine what actions to take, be it to notify administrators/top management, block the user from taking the next action, create incident reports, and keep logs as evidence.

Depending on how confidential the data is (data classification comes into play here), administrators can also configure the different actions to be taken.

Close collaborations for R&D and commercialisation

Having begun with PKI solutions, Evault now offers total data protection via the SecureMi solution.

This solution took some years in the making, not to mention substantial amounts of funding for research and development (R&D).

With technology research grants from the Ministry of Science, Technology and Innovation (MOSTI which is now MESTECC), Evault had developed a data leakage prevention solution, which today has many built-in innovative features for enhanced performance, security, flexibility and user-friendliness.  Because we are the developer, we are able to customise and fine-tune the system for optimal performance.  This is important for the successful implementation of DLP systems.

Evault is in a strategic collaborative partnership with CyberSecurity Malaysia for research and development and product security assessment, evaluation and certification , while MTDC or the Malaysia Technology Development Corporation, and provides the commercialisation support and funding for their go-to-market programs.

“The certifications we have earned over the years, are recognition that our product has been properly tested and evaluated by a credible third-party.

It helps us go to market easier, and there is better product recognition, as well.  It also helps to make the product a better and more secured product.  Besides this, it helps us penetrate into the government sector, big enterprises, and also overseas markets,” Jimmy concluded.

Having experienced setting up several technology companies before, Evault Technologies Sdn Bhd (Evault) founder and managing director, Jimmy Liew has developed a personal technopreneur motto to always remain focused in what we do.

Besides this, he would also advise current and future technopreneurs the following, “We must always look forward in technology, don’t look back. Technology always changes and we must be aware of the changes and spot them early on.”