Data loss prevention
How the Solution Works
The SearchInform DLP modules run on two platforms:
|SearchInform NetworkSecurity||SearchInform EndpointSecurity|
|Controls network user activity||Controls endpoint user activity.|
|Mirrors traffic at the level of the corporate network||Logs employee actions by means of software agents installed on the computers|
|The mirrored traffic is directed to the server for analysis||The agents send captured data to the server for analysis:
How It Analyzes
AlertCenter is the thinktank of SearchInform DLP, regularly queries all the software components using over 10 search algorithms. If specific words, phrases, text, or files have been detected, the system immediately notifies a designated information security officer.
The queries run with a specified frequency and according to information security policies, set up to find specific type of data. SearchInform DLP provides two types of policies:
|Universal Security Policies||Unique Security Policies|
|Relevant for every organization||Tailored to the specifics of each industry|
SearchInform DLP includes over 250 predefined security policies which you can use immediately upon SearchInform DLP system installation. New policies are constantly being developed.
SearchInform DLP Provides the Following Search Types:
Find queried words, their forms and synonyms scattered throughout documents and other data
Search data for a phrase, for example first and last name, or other set expressions
Find documents that contain particular lexicon and slang pertaining to a specific topic, such as drug and alcohol abuse, gambling, and others
Track modified documents. Entire text or a text extract can be used as a query. The search hits include documents that are similar to the original document not only formally but also meaningwise
Search by attributes
Search for documents by type, recipient, sender, and other attributes. You can track activity of domain users, IP addresses, specific email addresses, documents, and more
Regular expression search
Find data that conform to specific alphanumeric patterns. For example, first name and last name, passport series and number, etc.
Search by fingerprints
Quickly detect files containing confidential information
Combine simple queries into a complex query by using the logical operators AND, OR, and NOT
How to Use the System Efficiently
Automate routine tasks
Let the SearchInform DLP-system regularly scan captured data and alert you about suspicious activity and policy violations.
Perform ad hoc queries and investigate incidents
As soon as the system detects a problem and alerts about it, designated information security officers can start an investigation. The SearchInform DLP analytical capabilities allow them to reconstruct details and prevent data leaks.
Analyze reports to optimize work processes
The software collects statistics and generates over 30 reports, which allow:
- Supervisors to increase the productivity of employees
- HR departments to improve work discipline
- IT departments to automate hardware and software inventory tracking
If the system operation has been set up correctly, one information security officer is able to control activity of 1000-1500 employees.
Leverage Your SearchInform DLP Capabilities with Our Deployment Support
Our deployment engineers are skilled experts who quickly solve any problem as well as:
- Provide training on how to work with the product client applications
- Help you configure your own security policies
- Suggest an optimal solution for your problem
- Consult you on how to analyze captured data
- Explain the capabilities of new product versions