Data Protection 6.0

Data Protection 6.0



An identity-aware endpoint solution

An identity-aware endpoint solution



Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Adobe PDF

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment

    Data Protection 6.0 Data Protection 6.0 Document Transcript

    • Data Protection 6.0An identity-aware endpoint solutionThe ChallengeAny company aiming to enhance productivity and Key Benefitscompetitiveness understands that efficient internal andexternal collaboration is critical to business performance. Secure Endpoint CollaborationThe ability to easily share information between users, groups,organizations and companies has changed the way we do Proactively secure data by monitoring andbusiness. However, with increased collaboration comes new applying identity-aware controls on allchallenges. This is because data is more readily available communication channels including network,across more channels. Controlling that data as it is being external media, and collaboration applications.shared, has become more complex.Existing enterprise data protection solutions have focused Increase Business Productivityon scanning and blocking sensitive data at the network Automate manual business processes forperimeter, ignoring the facts such as: compliance by accurately identifying data loss violations across all document types. Proactively• The majority of data loss occurs within the corporate network. apply automated controls before data leaves the endpoint based on Deep Event Inspection®,• Sharing of data outside of the network with partners and correlating policies with user activities using customers is critical to business. identity, data content and context attributes.• Enforcing policies based on content analysis alone can lead to a large number of false-positives. Improve End User Security and AwarenessFor companies to effectively address data protection Empower end users with the ability to selfchallenges, they need a solution that will allow them to remediate using automated workflow andproactively control data flow based on four Ws: what data is notifications, improving user adoption andbeing shared, who is sharing the data, whom is the data being awareness.shared with, and which channels are being used for sharing.Data Protection Overview Lower Total Cost of Ownership Pre-integrated desktop, email, andNextLabs Data Protection is a comprehensive, identity-aware communications, and Collaborative Rightsendpoint solution that secures collaboration by controlling Management solution, based on common XACML-information flow based on a common XACML-based based policy, reduces operational costs associatedinformation control policy. with for managing multiple point products.Using NextLabs Deep Event Inspection® advanced technology,Data Protection precisely determines appropriate informationcontrol policies for enforcement.Data Protection products are covered by three collaborationcategories: Desktop, Email, and Communications. NextLabsData Protection also works with NextLabs Collaborative RightsManagement to protect and control access and usage ofdocuments containing sensitive information.
    • For example, a targeted event may be when engineers try to email design documents to their personal email from outside the Device Content company network. Deep Event Inspection® can detect the send Control Control event from the Outlook application and an SMTP event from the network layer. It realizes that the user is trying to send an email, and Application Recipient filters out all non-email related policies. Deep Event Inspection® Control Control then inspects the recipient identity, content, or classification of the email message and attachment, and the location of the computer Network Email to determine that the user has violated an IP protect policy. Control Approval Information Information Control Policy Control Policy Marking Marking Information Control Policy provides a common platform for & & enforcing business requirements onto all three Data Protection Labeling Labeling products: Desktop, Email, and Communications. It ensures the same data protection requirements are applied consistently across all collaboration channels. Information Control Policy specifies the events and attributes used by Deep Event Inspection® for policy Web Instant evaluation. It also specifies what action and information controls Conferencing Messaging should be taken when policy is applied. Control Control Desktop NextLabs Desktop Data Protection discovers, classifies, monitors Figure 1: NextLabs Data Protection - Product and protects information exchange on PCs through external storage media, network channels, and unapproved software andDeep Event Inspection social media applications. It enforces information control policy on four core capabilities:NextLabs Deep Event Inspection® makes policy enforcementmore precise by gathering information about events and Device Controlattributes to drastically reduce false positive. It collects useridentity, data content and context to filter which policies should Device Control whitelists removable devices based on type,map to real-time user activities, which are detected at the user manufacturer, model, or serial number for different type of users.application gesture, file system, and network level. It can automate rights protection to encrypt sensitive information when data is transferring to removable devices to protect data in motion. Supply Chain Collaboration Application Control Compliance IP Protect Compliance Application Control whitelists applications for different type of DLP users and restrict unauthorized applications from uploading Export PCI 03 sensitive information to non-approved websites and social media. Network Control Network Control limits transfer of sensitive data over network channels based on IP address or network protocol. It can apply technical controls on network channels to automate data protection workflow, such as applying rights protection, redirecting traffic, and alerting end users for any possible violations. Marking and Labeling Marking allows you to insert customizable information to designated areas when a document is viewed or printed. Marking can be inserted in a document’s header, footer, and across the document. Figure 2: Deep Event Inspection®
    • Labeling enables persistent classification by applying metadata Marking and Labelingto documents based on content or context. Marking allows you to educate end user about data handling requirements, by applying customizable markings to emailEmail messages.NextLabs Email Data Protection automates business and Labeling allows you to apply persistent classification to emailinformation focused controls by inspecting email messages and messages and attachments. Labels can be user-designated orattachments. This ensures information is sent to appro-priate automatically applied based on content or context.and approved users. It enforces information control policybased on four core capabilities: CommunicationsContent Control NextLabs Communications Data Protection safeguards collaboration using web conferencing and instant messaging applications. ItContent Control scans and analyzes data content in email enforces information control policy based on two core capabilities:messages and attachments to remove sensitive information orapply rights protection to encrypt messages and attachments Web Conferencing Controlbefore send. Web Conferencing Control creates information barriers betweenRecipient Control group of users that are consistent across all web conferenceRecipient Control prevents misdirected email based on email capabilities (voice call/video call, chat, screen snapshot, sessionclassification and recipient identities. Where necessary, policies recording, file sharing and more). It can apply visual labels such ascan prompt end user to verify recipients. disclaimer on chat session or warnings on web conferencing session to educate end user of the proper use of data.Email Approval Instant Messaging ControlEmail Approval automates business procedures such as routing Instant Messaging Control controls access to instant messageemail containing sensitive information or intended for specific session based on identity attributes such as project membership,group of users for review and approval. citizenship, job title, and department. It monitors and controls sharing of information through chat, voice call/video call, and screen sharing session. Administrator NextLabs Data Protection Reporter LDAP / AD Policy Studio Server Policy Report Server Server CONTROL CENTER SW ITCH FIREWALL VPN Linux Offline Workstations User Mobile Microsoft Desktops Employee - Desktop - Email - Communications Partner PDA / Phone Network Figure 3: NextLabs Data Protection System Topology
    • Product Features Features Desktop Email Communications Identity Aware    Content Aware    Context Aware     User Driven Labeling  User Driven Labeling  User Driven Labeling  Secure Location  Secure Location  Secure Location Classification  Content Analysis  Content Analysis  Content Analysis  Fingerprint  Fingerprint  Fingerprint  Monitor  Monitor  Monitor  Prevent  Prevent  Prevent Policy-based Enforcement  Remediate (see Information  Remediate (see Information  Remediate (see Information Controls) Controls) Controls)  Integrated Rights Protec-  Integrated Rights Protection*  Integrated Rights Protection* tion*  Password Based Encryption  Password Based Encryption  Password Based Encryption  Content Redaction  Append Disclaimer  HTTP Redirect  Hidden Data Removal  Participant Limit  Document Tagging  Document Tagging  Strip Attachment  Misdirected Email Information Controls  Recipient Verification  Multiple Client Confirmation  Domain Mismatch  Email Approval  Tag Notification  Email Disclaimer  Document Tagging End User Notifications     Textual Markings  Textual Markings  Textual Markings Visual Labels  Graphical Markings  Graphical Markings  Graphical Markings Device Whitelisting and Blacklisting  Application Whitelisting and Blacklisting  Network Filtering  Auditing    *Integration with NextLabs Collaborative Rights ManagementAbout NextLabsNextLabs®, Inc. is the leading provider of policy-driven information risk management (IRM) software for large enterprises. Our software offers acohesive solution for improving compliance and mitigating information risk by helping companies achieve safer and more secure internal andexternal collaboration, prevent data loss, and ensure proper authorization to applications and data.Our flagship data protection and entitlement management products, Enterprise Data Protection and Compliant Enterprise®, combine with theControl Center XACML-based policy management platform with integrated content aware and identity-driven enforcement technology to offerthe most comprehensive information risk management (IRM) solution. Our products preserve confidentiality, prevent data loss, and ensure com-pliance across more channels and more points, within a single unified solution with the unmatched user acceptance and Total Cost of Ownership(TCO).NextLabs’ partnerships with industry leaders such as IBM, SAP, Microsoft, HCL Axon, Adobe, HP, PTC, and Siemens bring to market industry-fo-cused information risk management (IRM) solutions that combine industry best practices with turnkey applications, to meet customers’ gover-nance, risk, and compliance requirements. Visit NextLabs on the web at© 2006-2012 NextLabs, Inc. All Rights reserved. NextLabs, the NextLabs Logo, ACPL, Compliant Enterprise, the Compliant Enterprise Logo, and Enterprise DLP are trade-marks or registered trademarks of NextLabs, Inc. in the United States. All other trademarks or registered trademarks are the property of their respective owners. 8-08 2 Waters Park Drive, Suite 250n San Mateo, CA n 94403 USA n t: 650-577-9101 n f: 650-577-9102 n