Protecting business from data leakages
HOW THE SOLUTION WORKS
The system operates at several levels – it analyzes data in corporate storages, data transmitted over network equipment and proxy servers, corporate mail servers and local hosts.
The system supports corporate communication means (Exchange, Lync, Skype, corporate telephony, file servers, SharePoint, Office365, Cisco Messenger, etc.) and personal means (Telegram, Viber, web mail, cloud storages, social networks, blogs, forums, etc.). Such an integrated approach allows implementing the secure use of network channels without blocking them and obstructing business processes.
The SearchInform DLP modules run on two platforms:
|SearchInform NetworkSecurity||SearchInform EndpointSecurity|
|Controls network user activity||Controls endpoint user activity.|
|Mirrors traffic at the level of the corporate network||Logs employee actions by means of software agents installed on the computers|
|The mirrored traffic is directed to the server for analysis||The agents send captured data to the server for analysis:
HOW IT ANALYZES
AlertCenter is the thinktank of SearchInform DLP, regularly queries all the software components using over 10 search algorithms. If specific words, phrases, text, or files have been detected, the system immediately notifies a designated information security officer.
The queries run with a specified frequency and according to information security policies, set up to find specific type of data. SearchInform DLP provides two types of policies:
|Universal Security Policies||Unique Security Policies|
|Relevant for every organization||Tailored to the specifics of each industry|
SearchInform DLP includes over 250 predefined security policies which you can use immediately upon SearchInform DLP system installation. New policies are constantly being developed.TRY FOR FREE
CUTTING EDGE ANALYTICS
The following checking features are available in SearchInform DLP:
- Analysis of metadata: use of attributes (transmission channel, file type, receiver, sender, time, bcc, and many other attributes)
- Content analysis: digital fingerprints, regular expressions, dictionaries, morphology, misprints, transliteration, OCR and other standard technologies.
- Smart analysis: unique smart technologies that improve the DLP system performance. For example, search for images with falsifications, search for texts similar in meaning or content to the original, search for documents with corporate seals, search for visually similar images (for example, images similar to passports, credit cards, health insurances, etc.), search for scanned documents without OCR, text search within an audio recording, etc.
More details about each search type here.
Automate routine tasks
Let the SearchInform DLP-system regularly scan captured data and alert you about suspicious activity and policy violations.
Perform ad hoc queries and investigate incidents
As soon as the system detects a problem and alerts about it, designated information security officers can start an investigation. The SearchInform DLP analytical capabilities allow them to reconstruct details and prevent data leaks.
If the system operation has been set up correctly, one information security officer is able to control activity of 1000-1500 employees.
THE IMPORTANCE OF SUPPORT
Our deployment engineers are skilled experts who quickly solve any problem as well as:
- Provide training on how to work with the product client applications
- Help you configure your own security policies
- Suggest an optimal solution for your problem
- Consult you on how to analyze captured data
- Explain the capabilities of new product versions