Risk Monitor, SearchInform’s next gen DLP system, has expanded its functions of email quarantine.
From now on, the system can block e-mails with attached files if they were labeled by SearchInform DCAP system – FileAuditor. Emails are checked at the level of mail server. The update will allow preventing leakage of sensitive files even if the mail client is used on a non-corporate device without installed DLP or DCAP agents.
Now the systems need much less time to detect a violation: Risk Monitor no longer needs to analyse attachments for content restricted to be transmitted – the information about it is already embedded in the DCAP label. Quarantine gets the hash sum of the attached file and sends it to FileAuditor. In its turn, the DCAP system quickly compares the received hash sum against the database records to find the required label. This task will be accomplished even if the attached file does not contain a label, but the same document was previously classified (labeled) in any corporate storage.
As a result, when an employee sends an email with a confidential file, it will be isolated in quarantine and the Information Security Officer will be notified of the incident.
“53% of all information leaks occur through the mail. That's why we need a special approach to its control. We need to quickly detect incidents in a large flow of emails and respond to them in a way that does not slow down business processes,” said Sergio Bertoni, the Leading Analyst at SearchInform.
“That's why we moved the quarantine service to the mail server: this way Information Security experts can control emails sent from any device. Using FileAuditor labels, quarantine can more quickly identify emails with sensitive attachments to prevent their transmission. The update helps reduce the load on DLP and DCAP, as both systems use hash sums of file attachments,” added Bertoni.
ABOUT SEARCHINFORM
SearchInform is an information security and risk management product vendor as well as an MSS provider. The company's clients are more than 4000 companies in 20+ countries. Today, the team has products and services for comprehensive protection against insider threats at all levels of corporate information systems: FileAuditor (the DCAP class solution); DLP system with extended functionality; Risk Monitor (advanced platform for internal threat mitigation); SIEM system, IS outsourcing service.
SearchInform uses four types of cookies as described below. You can decide which categories of cookies you wish to accept to improve your experience on our website. To learn more about the cookies we use on our site, please read our Cookie Policy.
Always active. These cookies are essential to our website working effectively.
Cookies does not collect personal information. You can disable the cookie files
record
on the Internet Settings tab in your browser.
These cookies allow SearchInform to provide enhanced functionality and personalization, such as remembering the language you choose to interact with the website.
These cookies enable SearchInform to understand what information is the most valuable to you, so we can improve our services and website.
These cookies are created by other resources to allow our website to embed content from other websites, for example, images, ads, and text.
Please enable Functional Cookies
You have disabled the Functional Cookies.
To complete the form and get in touch with us, you need to enable Functional Cookies.
Otherwise the form cannot be sent to us.
Subscribe to our newsletter and receive a bright and useful tutorial Explaining Information Security in 4 steps!
Subscribe to our newsletter and receive case studies in comics!