Why does Zero Trust Data matter?
Zero Trust Data answers what to do when your network and application security inevitably fail.
XQ Message is the first commercially available Zero Trust Data Solution. XQ is the way to a unified data protection solution safeguarding your most valuable information assets and represents the easiest path to DoD data compliance.
Every day, XQ’s data rights management security protects millions of data objects at the record level across emails, files, data migrations, data lakes, and databases. XQ is available as a SaaS solution, and can be deployed as a self-contained solution to meet government level security requirements, including within disconnected environments.
XQ fulfills the DoD Zero Trust Data pillar, preventing data exfiltration, lateral movement, and unauthorized access, no matter where your data goes.
XQ meets the DoD Zero Trust Data Pillar with seven key features:
Data Catalog Risk Alignment
DoD Enterprise Data Governance
DoD Data Labeling and Tagging
Data Monitoring and Sensing
Data Encryption and Rights Management
Data Loss Prevention
Data Access Control
Technical deep dive:
XQ has developed a new data protection software layer that meets the DoD Zero Trust Data requirements. With XQ, data undergoes protection at the edge device before being routed to one or more destinations. The encrypted data is enveloped in a meta-tag, which is a pointer to the policies the data owner sets. These policies and keys for access and authorization are then transmitted to a key cache.
The XQ backend cache exclusively forwards keys and never interacts with the data or possesses any knowledge about the edge devices except for their identity and authorization.
With XQ, each data object is encrypted with a key that the client controls. XQ solutions employ role-based access controls (RBAC) and attribute-based access controls (ABAC) to ensure that only authorized users can access your data.
The data is labeled and classified, creating a secure, manageable data environment.
All events are automatically logged and geo-tagged to meet compliance requirements while promptly identifying any data exfiltration attempts. To comply with emerging privacy laws like ITAR, CMMC, and GDPR, XQ offers regulated entities the option to run their key cache on a cloud or physical server.
Product Break-throughs:
Allows organizations to use applications and networks without trusting them.
XQ’s commercially ready products, including Zero Trust Data Vault, Gateway, Database, API, and Email protection, ensure that every aspect of your data management is covered.
XQ's capabilities extend to a wide range of use cases:
Minimize Attack Surface
By micro segmenting at the record and packet level XQ achieves the most minimal attack surface available for an organization
Prevent Compromise
Using the external key anchor for all data, XQ separates data from secrets to eliminate compromise.
Eliminate Lateral Movement
By enforcing role-based access and preventing copying and saving to external locations, XQ prevents lateral movement.
Compliance with DoD Zero Trust Data Requirements
Validated by AWS and included in their Zero Trust for Government Partnership, XQ is the first commercially available Zero Trust Data Solution that meets the DoD’s seven requirements.
Data Interoperability
XQ provides the ability for systems and services that create, exchange and consume data to have clear, shared expectations for the contents, context, and meaning of that data.
Connect matrixed data sources securely over contested networks.
By securing at the data level, categorizing and labeling data and keeping control of the key vault xq provides a trust anchor for data everywhere it goes.
Data Enclaving
Create data enclaves at the virtual data access level rather than through physical access.
Transmission over and use in contested networks and applications
Single set up
Secure once and send over and series of IP modalities while maintain. Reduces maintenance of VPNs and secure networks.
Matrixed Transmission
Easily configure one to many data transfers
Data Storage Optimization - Datalakes and Databases
Scalability and Flexibility
Dynamic Access Control: As data lakes grow and evolve, Zero Trust Data solutions can dynamically adjust access policies based on changing contexts, user behavior, and threats.
Integration with Existing Systems: Zero Trust principles can be integrated with existing data lake architectures, providing enhanced security without disrupting operations.
Operational efficiency
Reduced overhead: Skip creating new data lakes and transporting data unnecessarily. Dynamically reprovision data access while in current infrastructure
With XQ, your data is protected everywhere it goes. Comprehensive. Unified. Secure.