Embed Size (px)
Citation preview
ControlSphere DLP Data Leakage Prevention
Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.
Typical data security risks
Employees can send confidential data out unintentionally or maliciously.
Typical data security risks
By leaving the company, practitioners or employees can take sensitive data with them.
Typical data security risks
Employees can lose their portable computers or storage devices. They can also be stolen.
Typical data security risks
Competitors can spy or bribe company staff to steal inner data.
Typical data security risks
Computer viruses or malicious software can delete or export the data.
Typical data security risks
A hacker can steal company data over the Internet using exploits or security holes.
ControlSphere DLP ConceptThe Administrators dream
Standarddocuments
Confidential
documents
Save to LANPrintE-mail Direct data exchange
Portable storage
Encrypted
or
ControlSphere DLPThe secure storage
ControlSphere DLP encrypts a portion of local, network or removable (flash) drive. This is a secure storage for confidential data.
This storage is visible for programs started with DLP system only and inaccessible for programs started as usual.
orEncrypted
Standardor
ControlSphere DLPTwo types of running programs
Started with DLPStarted as usual
Both program types run side-by-side on the same user desktop. But they behave and access data differently.
User Desktop
For easier recognition, all programs started with the DLP environment are marked with a
“<SECURE>”prefix in their captions.
ControlSphere DLPTwo types of running programs
EncryptedStandard
Started with DLPStarted as usual
User Desktop
R-O R-WR-W
ControlSphere DLPCross-program data exchange
Drag-n-drop
Clipboard
Low-leveldata
exchange
User Desktop
ControlSphere DLPExport and exchange of secure data
Employee Administrator
Employees can export, backup, restore and exchange their secure data through encrypted data containers, leaving the convenience of an unsecure approach in place.
Data inside the containers is inaccessible outside of the DLP environment. This way the data never leaves the secure DLP environment of a company.
Colleagues within a group
OtherColleagues
??
??
? = Access depends on policy
ControlSphere DLPAccessing WEB applications
EncryptedStandard
Internet Explorer can be used under the DLP environment. Allowed WEB site list is configured by administrator.
ControlSphere Password Managercan prevent users from accessing same locations (URLs) outsideof the DLP environment. R-O R-W
ControlSphere Security SuiteA few words about another product of us…
ControlSphere for Smartcards can be used in combination with ControlSphere DLP.It uses smartcards or USB tokens (reader-less smartcards) as a secure storage for...
Windows Account(s)
Encryption Keys
Password records
Policies and other
data
ControlSphere Security SuiteFree Your Mind
Smartcard/token + PIN replaces all other authentication requests.
Users do not have to remember or even know their Windows account and all other user name/password combinations for all Windows programs and WEB sites.
Administrative policy may prevent users from viewing and changing some or all data stored on their devices.
Logon to Windows securely
Encrypt your files, local, removable and remote storage
Authenticate to all Windows programs and WEB sites automatically, without typing any passwords (Single-Sign-On approach)
Remotely control smartcard usage and data via unified ControlSphere TMS/DLP server
And much more…
ControlSphere Security SuitePractical and modular solution
Password Manager (SSO) extends and, if necessary, automates all password requests across the system.
ControlSphere Password Manageris a part of the suite
WEB
Win
32
Win
64
Administrator can centrally lock one or more password records on user smartcards for sole use with the DLP environment. The actual passwords will be hidden from users.
In this case only DLP-enabled program instances will get access to the required credentials (i.e. access passwords).
ControlSphere Password Manager Interaction with the DLP environment
STANDARD DLP
ControlSphere DLP is a client-server solution capable of authorizing users inside and outside of company firewall.
ControlSphere DLPScalable Enterprise Solution
Employee
EmployeeEmployee
Employee
HTTP
HTTP
TMS/DLP Server runs on standard Microsoft IIS.
Users access to their secure data, maintenance and password reset functions are controlled remotely by using encrypted HTTP connectivity.
And Finally…What makes us special
Secure Systems creates modular and practical security and process automation products.
We do not only sell them as they are, but offer custom combined solutions perfectly matching customer needs.
DLP solutions can be additionally adapted to existing customer environment and combined with Single Sign On approach of ControlSphere.
We design, develop and deploy specific solutions together with our customers or their system integrators.
Everything is possible... this is our motto.
And yet …there is more
Thank You!www.securesystems.lv
