SearchInform DLP:

Data loss prevention

How the Solution Works

The SearchInform DLP modules run on two platforms:

SearchInform NetworkSecurity SearchInform EndpointSecurity
Controls network user activity Controls endpoint user activity.
Mirrors traffic at the level of the corporate network Logs employee actions by means of software agents installed on the computers
The mirrored traffic is directed to the server for analysis The agents send captured data to the server for analysis:

  • Immediately, if the computer is on the corporate network
  • As soon as the computer connects to the Internet, if the employee is out of the office, on a business trip or working from home

How It Analyzes

analyzeAlertCenter is the thinktank of SearchInform DLP, regularly queries all the software components using over 10 search algorithms. If specific words, phrases, text, or files have been detected, the system immediately notifies a designated information security officer.

The queries run with a specified frequency and according to information security policies, set up to find specific type of data. SearchInform DLP provides two types of policies:

Universal Security Policies Unique Security Policies
Relevant for every organization Tailored to the specifics of each industry
  • Control kickbacks and bribery
  • Detect negativity and conspiracy among staff
  • Identify risk groups engaged in alcohol and drug abuse, large debt, and others
  • Detect bank card data leaks (financial activity/banks)
  • Detect pilferage of transported goods (transport and supply chain)
  • Monitor tender purchases (commerce), and more

SearchInform DLP includes over 250 predefined security policies which you can use immediately upon SearchInform DLP system installation. New policies are constantly being developed.

SearchInform DLP Provides the Following Search Types:

  •  Keyword search

    Find queried words, their forms and synonyms scattered throughout documents and other data

  • Phrase search

    Search data for a phrase, for example first and last name, or other set expressions

  • Dictionary search

    Find documents that contain particular lexicon and slang pertaining to a specific topic, such as drug and alcohol abuse, gambling, and others

  • Similar-content search

    Track modified documents. Entire text or a text extract can be used as a query. The search hits include documents that are similar to the original document not only formally but also meaningwise

  • Search by attributes

    Search for documents by type, recipient, sender, and other attributes. You can track activity of domain users, IP addresses, specific email addresses, documents, and more

  • Regular expression search

    Find data that conform to specific alphanumeric patterns. For example, first name and last name, passport series and number, etc.

  • Search by fingerprints

    Quickly detect files containing confidential information

  • Complex queries

    Combine simple queries into a complex query by using the logical operators AND, OR, and NOT

How to Use the System Efficiently

  1. Automate routine tasks

    Let the SearchInform DLP-system regularly scan captured data and alert you about suspicious activity and policy violations.

  2. Perform ad hoc queries and investigate incidents

    As soon as the system detects a problem and alerts about it, designated information security officers can start an investigation. The SearchInform DLP analytical capabilities allow them to reconstruct details and prevent data leaks.

  3. Analyze reports to optimize work processes

    The software collects statistics and generates over 30 reports, which allow:

    • Supervisors to increase the productivity of employees
    • HR departments to improve work discipline
    • IT departments to automate hardware and software inventory tracking

If the system operation has been set up correctly, one information security officer is able to control activity of 1000-1500 employees.

Leverage Your SearchInform DLP Capabilities with Our Deployment Support

Our deployment engineers are skilled experts who quickly solve any problem as well as:

  • Provide training on how to work with the product client applications
  • Help you configure your own security policies
  • Suggest an optimal solution for your problem
  • Consult you on how to analyze captured data
  • Explain the capabilities of new product versions