 |
 |
EndPoint DLP (Data Loss Prevention)
As we all know, defining the perimeter is not simple in today's mobile and distributed environment. With USB devices, email, IM, social networking sites (Facebook or LinkedIn), and other ‘edge' devices, there are many ways for data to escape.
Organisations are increasingly turning to endpoint data loss prevention (DLP) to close the gap on data protection. Although most organisations start with network DLP to gain the broadest coverage as quickly as possible, loss of sensitive data isn't exactly a problem limited to the network or storage repositories. From remote users to portable storage, the endpoint is...
Discover, monitor, protect and manage your confidential data wherever it’s stored and used – across endpoints, mobile devices, network and storage systems
> Content-aware data loss protection
> Addresses many of Governments headaches around data loss > Mac OS X, Microsoft, Linux and virtual platform endpoints > Protect data off-network and on roaming users > Protect data on laptops, desktops, tablets, smartphones and thumb drives from loss or theft > Discover unencrypted credit card data on endpoint > Enforce non-intrusive file and disk encryption > Finger print and encrypt files so that files that travel off-site can be tracked and have actions/policies applied to them (time lock, remote delete, access control, audit user actions)
> Monitors traffic in real-time
|
> Share files safely with agencies and other third parties > Prevent internal people who circumvent access controls or malware from getting data out > Disk, storage and device / media encryption, port control > Create control policies for authorised (laptops) and non-authorised devices (smartphones, USB devices, SD cards) > Identify email communications and attachment compliance violations Offers automatic encryption, blocking, quarantine or self-compliance capabilities. > Identify, Classify, Encrypt and Restrict File Access to Sensitive Data > Monitor SSL traffic across the web gateway |
Application and File Data
> Scan Microsoft SharePoint, Office 365, Box, File Shares, mail systems, databases, and SANs to see where compliance data is located.
> Cloud: Data loss prevention for information traveling in and out of public, private, or hybrid clouds
> Recognise and process over three hundred file types including most email and office productivity applications, programming languages, graphics, engineering files, and compressed or archived files.
Data Discovery & Scanning
Full data lifecycle protection
Data-in-motion
It monitors network activity to prevent confidential data from being sent to unauthorised personnel, inside or outside of the organisation. The service monitors email, Web traffic, FTP, instant messaging, and other network protocols to enforce compliance with data security and privacy policies.
Data-in-use
The service discovers and protects confidential data already stored on desktops and laptops, and manages data movement to removable devices (CDs, DVDs, or USB drives) including printing, copying, and pasting.
Data-at-rest
The service locates confidential data on file servers, SAN, NAS, databases, and document
management systems, and initiates policy compliance measures (such as encrypting or
moving data).
Restrict
Data-in-use
The service discovers and protects confidential data already stored on desktops and laptops, and manages data movement to removable devices (CDs, DVDs, or USB drives) including printing, copying, and pasting.
Data-at-rest
The service locates confidential data on file servers, SAN, NAS, databases, and document
management systems, and initiates policy compliance measures (such as encrypting or
moving data).
| > Locates and scans sensitive data on endpoint devices (laptops, PCs, and servers). > Inspects your network 24x7 with real-time traffic monitoring > Credit card data scanning Endpoints with prohibited and unencrypted credit card data pose a great risk. Eliminate this exposure of data loss, potential fines. > Delivers real-time data protection to prevent loss and damage. > Identify all removable devices / media connected to your network assets, by type. e.g., USB thumb drive, CD burner, SD cards, smart phone, manufacturer, model number, and MAC address (if applicable). |
> Detects and
reacts to improper data use based on keywords, regular expressions and file
attributes.
> Tracks and
documents sensitive data flowing through network endpoints.
> Gives you
visibility and control of data in motion:
email, webmail, instant messaging,
social media, P2P and most networking protocols such as FTP, HTTP/HTTPs and
SMTP.
> Track the
entire life cycle of Microsoft Office documents.
> Continuously
monitors data at rest, in use, and in motion.
|
Restrict
Blocks unauthorised data transfers
> Enforces encryption of sensitive files copied to removable storage.
Slightly different from the full File and device encryption (full disk, removable disk) that is also widely used to protect data on lost/stolen devices.
> Restrict actions that can be taken with classified documents such as print, email or save as to prevent data leakage.
> Control and manage any removable devices through endpoint ports
including USB, FireWire, WiFi, Modem / Network NIC, and Bluetooth.
> Prevent the distribution of sensitive information or confidential documents.
For example, if a document is going to be emailed to a group and a listed recipient does not have proper access to that category of document, the email cannot be sent until that individual is removed from the distribution list. Users can also be prevented from printing and saving Microsoft Office documents outside of SharePoint.
> Device Control
Visibility and ability to create specific rules based on vendor and serial number of the device. Empowers IT to restrict the use of uSB drives, uSB attached mobile devices, CD/DvD writers, and other removable media, Com & LPT ports, removable disks, floppy, infrared and imaging devices, PCmCIA, and modems. It can also be configured to monitor copy and paste and print screens.
Compliance
> PCI Compliance
Automatically detect documents, emails, social media posts and comments that may contain cardholder data and other Personally identifiable information (PII) content.
> Helps you demonstrate compliance with privacy regulations such as Health Insurance Portability and Accountability Act (HIPAA) and the E.U. Data Protection Directive
> Educates well-meaning employees of policy violations and prevents accidental data leaks
> Stops malicious insiders from stealing valuable intellectual property such as product designs and financial reports
> Audit
Security officer can see if and when a document has been read, emailed, or printed and by whom. A document’s entire chain of custody is recorded and easily available in the event of a breach or a regulatory audit.
> Simplifies regulatory compliance with out-of-the-box compliance templates
> Speeds audits and enforcement with forensic data capture and real-time reporting
> Provide detailed forensics on device usage and data transfer by person, time, file type, and amount.
Solution Platforms
- Software
- Hardware appliance
- Cloud managed service
Also see
- Mobile device DLP
- BYOD DLP
> Enforces encryption of sensitive files copied to removable storage.
Slightly different from the full File and device encryption (full disk, removable disk) that is also widely used to protect data on lost/stolen devices.
> Restrict actions that can be taken with classified documents such as print, email or save as to prevent data leakage.
> Control and manage any removable devices through endpoint ports
including USB, FireWire, WiFi, Modem / Network NIC, and Bluetooth.
> Prevent the distribution of sensitive information or confidential documents.
For example, if a document is going to be emailed to a group and a listed recipient does not have proper access to that category of document, the email cannot be sent until that individual is removed from the distribution list. Users can also be prevented from printing and saving Microsoft Office documents outside of SharePoint.
> Device Control
Visibility and ability to create specific rules based on vendor and serial number of the device. Empowers IT to restrict the use of uSB drives, uSB attached mobile devices, CD/DvD writers, and other removable media, Com & LPT ports, removable disks, floppy, infrared and imaging devices, PCmCIA, and modems. It can also be configured to monitor copy and paste and print screens.
Compliance
> PCI Compliance
Automatically detect documents, emails, social media posts and comments that may contain cardholder data and other Personally identifiable information (PII) content.
> Helps you demonstrate compliance with privacy regulations such as Health Insurance Portability and Accountability Act (HIPAA) and the E.U. Data Protection Directive
> Educates well-meaning employees of policy violations and prevents accidental data leaks
> Stops malicious insiders from stealing valuable intellectual property such as product designs and financial reports
> Audit
Security officer can see if and when a document has been read, emailed, or printed and by whom. A document’s entire chain of custody is recorded and easily available in the event of a breach or a regulatory audit.
> Simplifies regulatory compliance with out-of-the-box compliance templates
> Speeds audits and enforcement with forensic data capture and real-time reporting
> Provide detailed forensics on device usage and data transfer by person, time, file type, and amount.
Solution Platforms
- Software
- Hardware appliance
- Cloud managed service
Also see
- Mobile device DLP
- BYOD DLP
Contact us today to discuss your requirements in more detail.
P: +44(0)7714 209927
S: +44(0)1273 329753
|
info@securenetconsulting.co.uk
|