• No results found

DIGITAL GUARDIAN 6. The Foundation of Enterprise Information Protection

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "DIGITAL GUARDIAN 6. The Foundation of Enterprise Information Protection"

Copied!
8
0
0

Loading.... (view fulltext now)

Download now ( 8 Page )

Full text

(1)

SUSTAINABLE

PROGRAM

Risk Visibility & Discovery

Location, Sensitivity, Usage, Threat

IMPLEMENTATION

Forensics

Case Management, Chain

of Custody, eDiscovery,

Tamper Proof

Automated Controls

Alert, Prompt, Block, Encrypt

Data Classification

Tagging, Context, Content, User,

Persistence, Inheritance

DIGITAL GUARDIAN 6

C O M PA N I E S S E R I O U S A B O U T I N F O R M AT I O N P R O T E C T I O N C H O O S E V E R D A S Y S

The Foundation of

Enterprise Information Protection

(2)

The Enterprise Information

Protection Challenge

Global businesses today must adapt and grow in highly-competitive markets that rapidly evolve with changes in technological and economic conditions. These challenges have amplified the importance of facilitating the access to, and sharing of, knowledge. At the same time, IT Departments are being forced to reduce costs and enable greater productivity. This has led to a natural migration towards more mobile, virtual, and cloud-based user environments that require data to be accessed and shared outside traditional corporate infrastructure.

Information security sits at the intersection of business and IT operations as the bulwark against threats to productivity and competitiveness. Security managers must implement data protection measures to support business strategies that frequently leverage the bleeding edge of IT technology. This often means building an information security program that enables:

• Secure operations in high-risk geographies • Migration of IT infrastructure to virtual and

cloud environments

• Employee use of personal laptops, tablets, and smart phones on the corporate network (i.e. “consumerization”)

• Secure data storage and collaboration inside or outside the network

Traditional drivers for data security like compliance and privacy laws are being

reprioritized by a growing urgency to neutralize threats that can cause material harm to

businesses if left unmanaged. Each new data

loss incident at the hands of a privileged insider or targeted cyber attack further exposes the inadequacy of security technologies designed to check boxes for regulatory audits, but do little to protect data when it’s most at risk. Assuring the compliant and secure uses of critical information at all times without impacting business processes requires a data-centric security model:

• Global visibility into data risk by user, location, content sensitivity, and activity • Classification meta-tagging that

permanently reside with a sensitive file or email

• Centralized policy management for endpoint, mobile device, and network-level data monitoring and controls

• Risk-appropriate policy enforcement that drives end user accountability and productivity

• Actionable alerting and reporting that proactively prevents data loss incidents • Contextual and user-attributable event

forensics with integrated case management As business strategy becomes more dependent on the increased mobility and availability of sensitive information, traditional IT

infrastructure becomes a less relevant waypoint to monitor and control data. Addressing today’s risks requires more adaptable security solutions that offer predictable protection to data in the face of unpredictable threats.

“ The most cost-effective data protection solution is to instrument the operating environment so that data does not move without that movement being observed by the instrumentation. The transition from data-at-rest to data-in-motion always involves the operating environment, and does so in a way that is directly subject to instrumentation. Only when this type of mechanism is in place can enterprises realize and then focus on another enterprise artifact: human behavioral issues and their policies governing data handling.” Dan Geer

(3)

The Verdasys

Digital Guardian

Platform

Verdasys Digital Guardian is a proven data-centric solution for enterprise information protection (EIP) that continuously monitors and intelligently manages your critical data throughout its lifecycle. The Digital Guardian technology platform is used across millions of users in businesses and government agencies worldwide to provide unmatched data risk insight, control, and audit to support a wide range of business needs.

VERDASYS ENTERPRISE INFORMATION PROTECTION (EIP) Improves: • Data containment • Risk management • Data governance • Regulatory compliance • Policy awareness & training Reduces: • Collaboration risks • Management complexity and costs • Insider threats • Cyber attack exposure Desktop/Laptop

Agents AgentsServer NetworkAgents

VDI Agents Mobile Users Virtualization Infrastructure (Citrix, VMware) BES or EAS Server Agent eDiscovery Agent Remote Scanning • File Shares • SharePoint Data Usage

and Alerts Content andControl Policies

Reporting Policy Definition Configuration Alert Management DIGITAL GUARDIAN’S CORE STRENGTHS:

• Continuously monitors, manages, and enforces sensitive data storage, access, and usage policies by user role and privilege • Assesses each data transaction in its

complete risk context, and applies the most appropriate control to support the business need

• Offers a continuum of policy enforcement options that reinforce end user awareness and self-compliance

• Recognizes any sensitive data type without infrastructure dependencies whether the user is on or offline, and enforces policies equally in physical or virtual environments

• Operates independently of other network and system rights, allowing real time detection and mitigation of high risk behavior by privileged users

• Scalable architecture supports hundreds of thousands of users as a standalone deployment or hosted managed service solution

(4)

PLATFORM SUPPORT

Enterprise-wide visibility to data risk

• Hosts: Laptops, Desktops, Servers • Networks & Gateways

• Legacy & Enterprise Applications • Mobile Devices

• Citrix, VMware, & Hyper-V Virtual • Cloud Computing

• Win/Linux/MAC

• Blackberry Enterprise Server & Exchange ActiveSync

VISIBILITY & CONTROL

Automated and risk-based data controls

• Data Discovery & Classification

• Automated and User-based Data Tagging • Data Loss Prevention

• Data Rights Management

• Identity-based Policy Enforcement • Removable Media Encryption

• File & Email Encryption • Data Obfuscation

• Event Forensics & File Capture BUSINESS COVERAGE

Across a broad set of Business Use Cases

IP & Trade Secrets Protection

• Insider Threat Monitoring & Prevention • Secure Application Management • Unstructured Data Management • Secure Data Sharing

• ITAR/Export Control Compliance • APT & Cyber Espionage Protection Data Privacy & Compliance

• Service Center Data Management • Secure Outsourcing

• APT & Cyber Espionage Protection • Application Data Management • HIPAA, PCI, GLB, Dodd-Frank…

The Foundation of

Enterprise Information Protection

Digital Guardian’s data-centric approach combines data, identity, event, source and destination awareness with user-based and automated data tagging. When aggregated, this information yields complete usage context from which to enforce risk-appropriate policy controls in real-time. Controls can alert managers to risks; notify and train end users; automatically encrypt files and emails; or block the transaction. Digital Guardian enforces policies at the point of use, so end users are instantly aware of policy violations and steps to remediate whether on or off the network.

Event

Awareness DestinationAwareness Risk Awareness& Mitigation

Data

Awareness AwarenessUser

Data Visibility & Risk Context

Automated Controls

FILE SENSITIVITY Context Aware Application Location File Type Content Aware Regular Expression Similarity Keyword FILE TAGGING User-Defined Manual Files & Email Auditable

Automated

Context & Content Persistent Inheritable User Type Administrator Executive Legal Subject Expert Contractor Partner Unknown Privileges User ID System ID Group Role Environment Network IP Address Machine Time Files Move Copy/Paste Burn/Print Upload/IM Email Attach Copy/Paste Compose/Send Application Data View Delete Modify Export Servers File Share Database Devices Mobile/BYOD Portable Media Networks Private/Public Applications Internal/Cloud Virtual Printers Local/Network Recipients Authorized Unknown POLICY DRIVEN Alert/Notify Incidents Trends Prompt Warn/Educate Justify Block Encrypt Files/Email Automatic Password Mask Need to know

Continuous Logging, Auditing – Summary, Inventory, Trending & Forensic Reporting

DIGITAL

GUARDIAN

DATA-CENTRIC

PROCESS

(5)

Privileged User Trade Secret Event Logs DG Encrypts File Removable Media Cloud File Share

Digital Guardian provides continuous risk

awareness and policy enforcement to protect

your sensitive data from any threat…

Digital Guardian’s “datacentric” security model provides continuous insight into where and how information is at risk with extraordinary precision.

Digital Guardian forensics capture the full context of data events so policy violations can be properly identified, analyzed, and attributed during investigations. Digital Guardian securely

records data activity by user, application, classification, and system operation; these parameters can then define risk-specific policy enforcement.

(6)

DIGITAL GUARDIAN

The Digital Guardian architecture is comprised of hardened endpoint and network agents managed by a common infrastructure to provide continuous risk analysis, forensics, and reporting out of the box. It provides advanced policy management driven by risk-based and data-centric controls that ensure sensitive information is protected from compromise by privileged end users or anonymous threats across any business process.

MULTI-FUNCTIONAL ENDPOINT AGENTS

Digital Guardian is the only EIP solution that can deliver autonomous monitoring and controls on laptops/workstations, servers, and in virtual environments without network

dependencies:

• Continuously monitors and manages all system, network, application, and file operations by user and policy • Discovers and applies classification meta-tags to data by

automated rules or end user input

• Applies a wide range of interactive controls according to risk type, including warnings, justification, and block prompts • Records continuous user and machine-attributable event

forensics including memory scanning, chain-of-custody, and file capturing

• Applies identity-based data access controls including automated file, email, and removable media encryption • Withstands direct attempts to disable and can be made

invisible on host machines

HIGH PERFORMANCE NETWORK AGENTS

Digital Guardian Network Agents detect and prevent data breaches across all network ports and protocols with no transaction latency. Using a unique Deep Session Inspection™ technology, Network Agents deconstruct, analyze, and control the entire network session by policy in near real time. The Network Agent architecture consists of specialized sensors that log and manage data use for internal, SMTP, ICAP-enabled proxy, or inbound/outbound traffic, and are managed through the Digital Guardian Server.

DIGITAL GUARDIAN MANAGEMENT SERVER

The Digital Guardian Management Server is an integrated, Web-based command center for the entire Digital Guardian Platform: • Manages and monitors all Digital Guardian endpoint and

network agents

• Captures, aggregates, and stores user and data-related activities with full forensic context

• Offers a wizard-based interface for flexible and granular data classification and policy rules creation

• Manages and distributes data security policies to Digital Guardian Agents for online or offline monitoring and enforcement

• Triggers policy-based alerts and email notifications for real time incident response

• Includes an advanced analytics engine and dashboard for executive-level, forensic, and custom report creation

• Provides integrated case management with evidentiary-sound event logging and file capture

• Integrates activity logs with SIEM’s and other event aggregators • Supports in-house and managed service models

Command Center

Digital Guardian Management Server

Policy Management Configuration & Deployment Alerting, Incident and Case Management Reporting, Analytics, SIEM Integration

Multi-Function Agents

Context-Based Data Monitoring, Classification and Control (Windows, Linux, Mac OSX)

Desktop, Laptop

& VDI Agents Server Agents Citrix & Terminal Server Agents Server AgentEAS / BES Network Agents Data Discovery Agent (eDA)

Add-On Modules

Encryption Classification DetectionThreat Investigation ECM Integration Legacy App

Protection File Encryption Removable Media Encryption Email

Encryption InspectionContent

User-driven (Office, Email, Documents) Advanced Persisent Threat Key Logging, Content & Screen Capture

SharePoint Documentation Webtop Application Logging & Masking

(7)

Digital Guardian’s integrated management server, multi-functional agents, and specialized modules deliver a complete data protection and risk management platform unmatched by point IT security or network-centric DLP tools alone.

With millions of agents protecting high-value data worldwide, Digital Guardian is the industry’s premiere Enterprise Information Protection solution for virtually any business need: • Agent support for the most enterprise

operating systems including Windows, Mac OS, and Linux; iOS and Android devices; and Citrix, Hyper-V, and VMware VDI environments

• Integrated network DLP that can analyze and manage entire network sessions across all ports and protocols at multi-gigabit speeds. • Continuous user-attributable activity

logging, risk/compliance analysis, and usage trending online, offline, or in a virtual environment.

• Persistent and inheritable data tagging that requires no fingerprinting or network analysis to classify files by content, transaction context, or user input. • Integrated and automated policy-based

encryption for files, removable media, email, and network shares

• Automated and flexible policy controls to educate, justify, encrypt, or block data transactions based on their acceptable business risk.

• Integrated case management with policy-based investigative tools including event, keylogging, screen & file capture. Digital Guardian forensic information is preserved with evidentiary-soundness, and have been successfully used to prove intent and chain-of-custody in multiple data theft cases in U.S. and E.U. jurisdictions.

• A powerful and customizable reporting engine that analyzes data locations and movements, policy alerts, usage trending, compliance, and anomaly detection on endpoints and the network at user, group, and enterprise scales.

The Power of

Enterprise Information Protection

Verdasys Digital Guardian’s EIP platform provides precise visibility and management of data risks by user and policy. Digital Guardian Agents are deployed across physical hosts, virtual environments, and the network to continuously record data events in a complete forensic context for real-time alerting, reporting, and incident response at any resolution.

(8)

SUSTAINABLE

PROGRAM

Forensics

Case Management, Chain

of Custody, eDiscovery,

Tamper Proof

Automated Controls

Alert, Prompt, Block, Encrypt

Data Classification

Tagging, Context, Content, User,

Persistence, Inheritance

Risk Visibility & Discovery

Location, Sensitivity, Usage, Threat

IMPLEMENTATION

ABOUT VERDASYS

Verdasys provides Enterprise Information Protection (EIP) solutions that secure

proprietary and sensitive data and the integrity of business processes essential for Global 2000 companies to successfully compete in today’s highly collaborative and mobile environments. Digital Guardian, recognized as a Leader in Gartner’s 2011 Magic Quadrant for Content-Aware Data Loss Prevention, is a proven technology platform that provides complete policy-based data lifecycle

monitoring, classification, forensics, and control on endpoints and servers; virtual machines & enterprise applications; mobile devices; and cloud environments. Digital Guardian is offered as an in-house or managed service solution to protect IP and regulated data from compromise by privileged insiders, strategic partners, and targeted cyber attacks. Since 2003, millions of Digital Guardian agents have been deployed to protect critical data for global leaders in financial services, insurance, technology, manufacturing, and healthcare industries. Companies serious about information protection choose Verdasys.

Corporate Headquarters 404 Wyman Street Waltham, MA 02451 USA info@verdasys.com 781-788-8180 www.verdasys.com

© 2012 Verdasys, Inc. All Rights Reserved. Verdasys, the Verdasys logo, Digital Guardian, and the Digital Guardian logo are trademarks of Verdasys, Inc.

References

Download now ( PDF - 8 Page - 4.61 MB )

Related documents

BAHAMAS CORAL REEF GUIDE

The delicate structure of the reef itself relies upon the conditions favorable to the good health of many dif- ferent forms of life: hard and soft corals, algae, fish,

I: How you communicate, what do you talk about? How you keep in touch?

I: If your relatives live in London, and they talk to you, do you make them tell you all about what London is like now?... M1:

ADTTFFATATDFFTFTAATADTAFTAFDFTDDTAFDFFADFFDDAATFFDATDDFTAAAAAFAFT

As you may recall, last year Evanston voters approved a referendum question for electric aggregation and authorized the city to negotiate electricity supply rates for its residents

High tech automated bottling process for small to medium scale enterprises using PLC, scada and basic industry 4.0 concepts

The detection of bottles is done using a scanner comparing the overall shape of a normal (ideal) bottle from a preloaded picture into the scanner to every bottle passing through

TOTAL QUALITY MANAGEMENT AS COMPETITIVE ADVANTAGE: A REVIEW AND EMPIRICAL STUDY

The on-site interviews conducted in the third phase of this research produced anecdotal evi- dence that supplements this profile of TQM as a strategic resource. During this phase of

Sponsorship Opportunities. Join The Movement givemiamiday.org #GiveMiamiDay

Give Miami Day and nonprofit trainings leading up to Give Miami Day ■ Logo on Community Block Party event promotional materials and signage at event ■ ■ ■. Opportunity to

Functional monoecy due to delayed Anther dehiscence: A novel mechanism in Pseuduvaria mulgraveana (Annonaceae)

Pseuduvaria mulgraveana flowers have previously been regarded as unisexual, with structurally hermaphroditic flowers inferred as functionally pistil- late with non-viable

Global Climate Policies, Local Institutions and Food Security in a Pastoral Society in Ethiopia

Perhaps the most striking example of the government‟s strategy for non-pastoral development in the southern lowlands is the flagship NAPA proposal, „Realizing food security through