August 30, 2022

5 ½ Questions to Ask When Selecting a CDR Vendor

Joanna Crossley

The recent rise in hybrid workforces and digital transformation has generated a massive wave of content and electronic information, shared through apps, emails, and websites. This expansion of a company’s attack surface, easily outstrips their security team’s ability to plug the gaps with already strained resources.

Content Disarm & Reconstruction (CDR) is a security technology that removes potentially malicious code from files. This advanced threat technology is increasingly being used by organizations as part of their zero-trust security strategy.

 

Not all CDR technologies are created equal

Some CDR technologies still rely heavily on detection-based defenses, leaving them vulnerable to zero-day attacks and unknown exploits. Additionally, some technologies compress or flatten documents into images to ensure they are free from malware, however this severely impacts the usability of the file.

With this in mind, finding the right CDR solution that best suits the needs of your organization is crucial. 

 

Here are 5 and a half questions that you should ask, when selecting your CDR vendor:

 

1. Does the CDR vendor support your required file types?

From Microsoft Office files, PDF’s and images to machine to machine protocols such as JSON and XML. Your organization will utilise a plethora of different file types on a daily basis. It is vital that when it comes to file types that your vendor meets your business needs.

 

2.  How will it impact user experience?

As organizations search for new and more effective solutions to the problem of concealed malware, they risk negatively affecting user experience. In many cases, the intentions of various technologies are good, but the end result is that business processes become slower, resulting in increasingly frustrated users. This is why many organizations are now choosing to predominately use CDR technologies for the everyday documents in conjunction with their sandboxing solution, used for more complex file types.

 

3.  How will the process impact the usability of the files?

Attempting to render files safe by “flattening” them - converting from the original revisable format into a fixed non-revisable image - leaves your users with documents that can’t be easily shared, edited or updated. When selecting your vendor you need to take into account your business needs, and whether it is important to you that you are able to edit the documents you receive from outside sources.

 

4.  How long will the CDR process take?

Sandboxing incoming files can understandably add latency. A good solution experience should be seamless and unnoticeable that anything has taken place at all. Cleaning a file with CDR should take less than a second for typical files.
 

5.  Does the solution require scanning, or any detection-based technology as a part of the content transformation process?

One of the biggest benefits of using a CDR solution is safeguarding users against known, and unknown threats, and zero-day attacks. This benefit is provided by using prevention based approach over detection. Meaning there is no reliance on needing to have seen a threat before to stop it. Solutions that focus on detection leave your organization vulnerable to attacks, constantly playing catch up with attackers.

 

5 ½  How does the transformation process work for your organization?

Ensuring that the CDR solution of your choosing suits your business needs is the most crucial part of the selection process. Making the most important question to ask your CDR vendor…When can we schedule a personalised demo?

 

Unlike other CDR solutions on the market, Forcepoint’s unique Zero Trust Content Disarm & Reconstruction (CDR) technology is different.

Taking a true zero trust approach, we assume that all data is potentially malicious. Zero Trust CDR works by extracting the valid business information from files (either discarding or storing the originals). Verifying the extracted information is well-structured, then building new, fully functional files to carry the information to its destination in near real time. Ensuring that none of the original data will ever reach the endpoint.  

Forcepoint CDR - Extract, verify and build

Zero Trust CDR operates at scale, delivers malware-free data, documents and images and requires no endpoint agent software, all whilst not impacting user experience. Trusted by many of the world’s most targeted military, government, industries and commercial organisations to provide protection against even the most sophisticated cyber threats. Evolve your security today, with Forcepoint Zero Trust CDR.

Malware evolves constantly. Your security should too. Schedule your personalised CDR demo today.

Joanna Crossley

Joanna Crossley joined Forcepoint as a part of the Deep Secure acquisition in 2021, Joanna works with the Global Governments team specialising in demand generation and social strategy.

Joanna is based in the United Kingdom.

Read more articles by Joanna Crossley

About Forcepoint

Forcepoint is the leading user and data protection cybersecurity company, entrusted to safeguard organizations while driving digital transformation and growth. Our solutions adapt in real-time to how people interact with data, providing secure access while enabling employees to create value.