Quadris product review: Lepide data security platform
September 3, 2019

“Once in a while a product comes onto the market that simply sells itself.” 

Every week we are confronted by yet another news article about a huge and costly data breach; yet still many organisations are failing to deal with this ever-present and ever-growing threat. 

With a 75% increase in reported data breaches in the past 2 years and 7 million records compromised globally every single day, McKinsey recently summed up the situation by describing cybersecurity as the lynchpin of the digital enterprise.  

So, when we came across Lepide it seemed we had found a solution that might answer some of the security issues that our customers face, and perhaps be worthy of being added to our roster of approved products. 

We put it into the very capable hands of Matt Corcoran, one of our Senior Consultants, in order to take it for a test drive and report back with a Quadris-eye view of its capabilities. 

Product summary. 

In their own words, Lepide is a software-based security platform that helps organisations to increase security, meet compliance and maintain operations through proactive auditing, monitoring, and alerting. It achieves these goals by tracking any changes to critical systems and monitoring access, interaction and permissions across an organisation’s unstructured data. 

As a result, it empowers an organisation to continually audit, monitor, alert, and react to activity, trends and changes made to unstructured data and the environment that surrounds it, in order to cover the following key areas: 

  •  Address insider threats 
  •  Monitor user behaviour 
  •  Prevent ransomware spread 
  •  Meet compliance mandates 
  •  Improve data access governance 

(For the full picture visit the Lepide website here.

Impressive talk, but does Lepide walk the walk? Over to Matt Corcoran. 

Lepide unpacked. 

Every once in a while, you come across a product that surprises you. 

I was surprised that the functionality that Lepide offers hasn’t already been baked into Windows as standard, as it fulfils a critical role in securing an organisation’s data. 

In a previous role I was a network administrator and could only really see who had last written to that file, I had absolutely no idea if anyone was accessing files, regardless of the sensitivity of the data involved. 

Today, with a platform such as Lepide you can see exactly who has accessed files. Equally importantly it provides you with the ability to identify, classify and tag your most sensitive data, so that you know exactly where to focus your data security efforts. 

It’s a very simple product, but it fills a very big niche. Because every organisation is faced with a need to up its security protocols, especially when faced with the growing requirements of compliance, whether it be GDPR, PCI, ISO or similar. 

You simply install Lepide and let it do its job. At the very least it ticks 2 very important boxes – Do you have auditing? Yes. Are you compliant? Yes. 

It has features built into it that inform you where your data is, and what data contains credit card information or National Insurance numbers; an essential tool in sectors where compliance is a mandatory requirement. 

Yes, it offers many additional features with bells and whistles, but for 90% of users there’s only going to be one feature that they are going to use and that is file auditing. Which is not to be undervalued as the ability to be able to determine who has been looking at or even downloading sensitive data can be priceless. 

A case in question: one of our clients was concerned about an employee who they believed was about to leave and set up with a competitor, so they installed Lepide in order to monitor their most sensitive files. Shortly after, Lepide logged that the employee had downloaded the organisation’s entire customer database and the very next day handed in their notice. As a direct result our client was able to go to court armed with the unarguable facts supplied courtesy of Lepide

Another of our clients who take credit card payments and as a consequence have to be PCI compliant, took one look at Lepide and signed up on the spot. They are now able to identify all PCI information data to ensure it isn’t on their main network but locked down on its dedicated PCI network. 

The verdict. 

With Lepide an organisation takes back control over all its data and leaves little if nothing to chance.  

This is the security product that not only covers both internal and external threats, it also offers protection from the hefty fines that can result from a failure to meet compliance. 

It’s a relatively new product and as a result it does reflect that immaturity, but the trajectory of the development cycle is pretty impressive and it’s improving all the time. 

With the all-important cost in mind, Lepide is far less expensive than some of its competitors, while offering much the same level and scope of functionality. 

To summarise, it’s a low-cost data security solution that delivers auditing, compliance, peace of mind, and ultimately could save your organisation a fortune in the long run. If you have any doubts as to whether you need it, then you can put your mind to rest with a risk assessment that will gauge just how vulnerable your organisation is to security threats. 

Lepide is a highly effective platform, and to be honest, I wish it had been on the market over a decade ago. 

For a no-obligation chat about Lepide and how you can receive a detailed risk assessment, contact Peter Grayson by calling 0161 537 4980 or email peter.grayson@quadris.co.uk 

More Articles