Consistent data access control, which responds as your business changes.
Your business never stands still. Neither should your data access controls.
If someone needs access to something today, that doesn’t mean they still need access tomorrow. Torsion lets ‘who has access to what’ respond as things change, to keep your data secure.
access based on why,
Instead of lists of people’s names, Torsion lets you control access based on why people need access.
Instead of manually compiled groups, just specify a simple rule, and Torsion takes care of the rest.
‘Anyone in Finance or Legal, and in New York, and as Director’. Done.
Torsion makes Attribute-Based Access Control work in businesses.
Intelligent Vulnerability Detection
Finding access to information that someone shouldn’t have, can be like looking for a needle in a haystack.
Torsion uses advanced Machine Learning to cleverly pinpoint inappropriate access.
It automatically determines who owns the information, and brings the vulnerability to their attention.
And if they agree there is a problem, Torsion fixes it.
- 9 out of 10 people with access to a folder work in HR, but one works in marketing.
- A person changed roles, but still has access to a few files from their old role.
- Someone uses a site repeatedly for two days, then doesn’t touch it for six months.
Torsion constantly examines every single access configuration, to find and reduce security risks.
Classification-Driven Security Policies
Torsion lets you define Security Classifications, for data owners to apply to their sites, libraries and folders.
Security Classifications can drive who gets access. Making access consistent throughout your estate.
They can also enforce policies for what kinds of data, sensitivity, sharing and access are OK or not.
Security Classifications can guide your users to use important types of information, securely.
And if you use Data Loss Protection (DLP), Torsion Security Classifications can work with it, to turn sensitive data discovery into security-aware user behaviour.
Attribute-Based Access Control, on Steroids
We’re not the first to talk about ABAC. But we may be first to make it really work in businesses.
Self-Maintaining User Attributes
Traditional ABAC relies on a central list of user attributes, being well maintained.
But take a look at an average Active Directory. Good maintenance of attributes is very rare!
Torsion uses intelligent crowd-sourcing to help keep important user attributes up to date automatically.
Power to the Data Owners
At the level of individual folders and files, IT teams rarely know much about the information itself.
At that level, data owners in the business are best placed to make decisions about the sensitivity, audience and security of their own information.
Torsion makes it simple for data owners to define Security Rules for their own information.
There are Always Grey Areas
When someone changes roles, its never quite as simple as that. There are handover periods, secondments, covers, and crossover between roles.
So, Torsion doesn’t just switch off access from their old role, when someone moves to a new one.
Instead, their access is carefully decayed over time.
We're all Multi-Taskers
ABAC usually assumes people only have one role at once. But in reality, that’s not so simple either.
When someone goes on leave, someone else covers for them. Plus their main role, now they have two roles.
Torsion can quickly delegate someone’s access for a role, and multiple roles are easy to handle.
Or temporarily disable someone’s access, like an ‘out of office reply’ for their access to information.