Seclore FileSecure Walkthrough.

1,088 views
976 views

Published on

Seclore FileSecure system is most commonly deployed within diversified business groups, financial services, engineering services, manufacturing and defence establishments
Seclore FileSecure allows enterprises to define, implement and audit information usage policies. The usage policies control WHO can access information, WHAT can each person do, WHEN and WHERE.

Published in: Technology, Business
0 Comments
1 Like
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,088
On SlideShare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
0
Comments
0
Likes
1
Embeds 0
No embeds

No notes for slide

Seclore FileSecure Walkthrough.

  1. 1. Seclore Filesecurewalkthrough
  2. 2. Contents• Company Introduction• Walkthrough • Introduction & policy definition • Information creation • Policy application • Collaboration within the enterprise • Collaboration outside the enterprise • With desktop client installation • Without desktop client installation • Information audit • Policy changes• Contact 2
  3. 3. Corporate Background …“Seclore is a high growth software product company. Seclore’s technology helps mitigate the risks arising out of information breaches whilst enhancing collaboration”6 years old, Headquartered in Mumbai, IndiaPromoted by IIT Bombay under the SINE program - www.sineiitb.orgGeographical and customer presence in Middle East, ASEAN, SAARC & EuropeOfferings focused on Information Rights Management and Secure OutsourcingStake holders including IIT Bombay – www.iitb.ac.in ICICI Bank – www.icicibank.com Ventureast – www.ventureast.netTechnology and service differentiators focusing on minimally intrusive technology, value based pricing and usage without training 3
  4. 4. Customer profile… ….Diversified business groups ….Engineering and manufacturing organizations …Government and service providers
  5. 5. What customers say about us … “We chose Seclore FileSecure due to the flexibility provided by Seclore in terms of solution capabilities and customization. Implementation of Seclore FileSecure has reduced the exposure of critical data for potential misuse or frauds. The business benefits are tremendous.” - Murli Nambiar, Head of Information Security "Financial services companies like banks, insurance carriers & broking are „opening up‟ their information systems and processes for participation by customers, partners and vendors. This of course brings in a lot of value chain integration and lowers costs but comes with information security needs which cannot be solved by present day systems. Seclore‟s technology for securing documents as they flow within and outside enterprises as well as securing data shared with outsourcing partners is extremely relevant. - C N Ram. Group CIO, Essar group 5
  6. 6. What industry experts say … Seclore‟s approach is different in that they not mandatory rely on such plug-ins but mainly act “below” the application. The client component (which is required to access protected, e.g. encrypted, documents) tries to analyze the activities off the application like access to the file system. One impact of that approach is that a document might be opened with different applications supporting the specific document format.- Martin Kuppinger, One of the fore-most information security analysts “Information breaches normally result in intellectual property violation which is a serious problem affecting industry today. Seclore‟s combination of preventive and corrective methods of handling information breaches is invaluable to any industry” - Haigreve Khaitan (Managing partner – Khaitan and Co) “Collaboration, security and privacy appear as mutually conflicting goals with most present day technologies. Seclore has resolved this conflict in a very elegant manner with its technology.” - Animesh Parihar (Global Delivery Head – SAP) 6
  7. 7. Awards and recognition … Deloitte Technology Fast 50 is a ranking compiled every year based on percentage of growth of fiscal year revenue over three years. The companies must also fulfil other criterion of technology orientation. „Hidden Gems‟ 2010 by Kuppinger Cole, Europe‟sleading information security analyst firm is a report which lists vendors, which have a significantly differentiated offering and are market leaders in a particular segment. 7
  8. 8. … Awards and recognition The TR35 award is for innovators whose inventions and research, Massachusetts Institute of Technology (MIT) finds exciting. Technology Review, owned and published by MIT, is the world‟s oldest technology magazine. “Innovations – ideas in practice” is an annual event honoring researchers and innovators for creative and innovative work in thesphere of science and technology. The innovation needs to have a high degree of practical relevance to change everyday life. 8
  9. 9. Contents• Company Introduction• Walkthrough • Introduction & policy definition • Information creation • Policy application • Collaboration within the enterprise • Collaboration outside the enterprise • With desktop client installation • Without desktop client installation • Information audit • Policy changes• Contact 9
  10. 10. Seclore FileSecureSeclore FileSecure allow enterprises to define, implement & auditinformation usage “policies”. A “policy” defines : • WHO can use the information People & groups within and outside of the organization can be defined as rightful users of the information • WHAT can each person do Individual actions like reading, editing, printing, distributing, copy-pasting, screen grabbing etc. can be controlled • WHEN can he use it Information usage can be time based e.g. can only be used by Mr. A till 28th Sept OR only for the 2 days • WHERE can he use it from Information can be linked to locations e.g. only 3rd floor office by private/public IP addresses 10
  11. 11. Seclore FileSecure• Policies are – Persistent: Implemented on information and all its copies wherever it is transmitted or stored – Dynamic: Policies can be changed after distributing information without having access to or redistributing the information• Policies can be attached to information on – Creation – Placement in a certain location e.g. shared folder – Attachment to email – Uploading to a document management / ECM system – …
  12. 12. Product planning – process flow A Process Flow of Product Plan Policy admin External reviewer Research Dept Head - Legal Head Research Head - Finance Maya NealResearch ResearchAssociate Associate Head - Marketing
  13. 13. Policy definition–WHO, WHAT Policy People / groups, within / outside the enterprise can be dis- Admin’sComputer allowed to edit, print, copy, forward etc. via a policy 13
  14. 14. Policy definition–WHEN, WHERE Policy A policy can expire information beyond a date / timespan Admin’s and also restrict its usage to certain computers / networks14Computer
  15. 15. Contents• Company Introduction• Walkthrough • Introduction & policy definition • Information creation • Policy application • Collaboration within the enterprise • Collaboration outside the enterprise • With desktop client installation • Without desktop client installation • Information audit • Policy changes• Contact 15
  16. 16. Information creation Maya’s Maya creates the draft product plan document using anyComputer desktop productivity software like MS Office 16
  17. 17. Contents• Company Introduction• Walkthrough • Introduction & policy definition • Information creation • Policy application • Collaboration within the enterprise • Collaboration outside the enterprise • With desktop client installation • Without desktop client installation • Information audit • Policy changes• Contact 17
  18. 18. Enforced policy assignment Maya’s Option 1 : As soon as Maya closes the document anComputer automated prompt can remind or enforce protection 18
  19. 19. Manual protectionOwneq of Document pqotects the file Maya’s Option 2 : Maya can go to the document and right-click toComputer protect the document also 19
  20. 20. Manual policy assignment Maya’s Option 2 : Maya can go to the document and right-click toComputer protect the document also 20
  21. 21. Hot Folder protection Maya’s Option 3 : Maya can drag-and-drop the document into a “HotComputer Folder” where the document gets automatically protected 21
  22. 22. SharePoint upload Maya’s Option 4 : Maya can upload it into a protected SharePointComputer library 22
  23. 23. FileNet upload Maya’s Option 5 : Maya can upload it into a protected IBM FileNetComputer folder 23
  24. 24. Email send Maya’s Option 6 : Maya can attach the document to an email andComputer “SecureSend” the email via Outlook 24
  25. 25. Email send Maya’s Option 7 : Maya can attach the document to an email andComputer “SecureSend” the email via Lotus Notes 25
  26. 26. Other options …• Download of reports from transactional systems like ERP systems• Extraction from business intelligence and reporting tools• “Discovery” by E-discovery and content aware DLP systems – Pattern recognition – Owner and format recognition• ... 26
  27. 27. Policy controlled information Maya’s Seclore FileSecure protected document is marked with a redComputer lock icon 27
  28. 28. CollaborationEnterprise A protected document or email may be transmitted within or value outside. The policy attached to the information is persistent chain irrespective of the method of transmission and storage 28
  29. 29. Contents• Company Introduction• Walkthrough • Introduction & policy definition • Information creation • Policy application • Collaboration within the enterprise • Collaboration outside the enterprise • With desktop client installation • Without desktop client installation • Information audit • Policy changes• Contact 29
  30. 30. Product planning – process flow A Process Flow of Product Plan Policy admin Research Dept Head Research Maya NealResearch ResearchAssociate AssociateDepartment Maya sends this information to a few of her colleaguescirculation within the research department
  31. 31. Recipient – within the enterprise Neal’s Recipients receive the document through any method e.g.Computer email 31
  32. 32. Rights display Neal’s On clicking a rights display makes the recipient explicitlyComputer aware of his rights to the document 32
  33. 33. Unauthorized print Neal’s Unauthorized activities like attempts to print …Computer 33
  34. 34. Unauthorized Print Neal’s … are disallowedComputer 34
  35. 35. Unauthorized copy Neal’s Attempts to copy parts / whole of the document …Computer 35
  36. 36. Unauthorized copy Neal’s … are disallowedComputer 36
  37. 37. Unauthorized screen grab Neal’s Screen capture by the Prt Scr key, screen grabbing tools likeComputer Camtasia and screen sharing tools like Webex is blocked 37
  38. 38. Recipient – within the enterpriseOne moqe useqs qeceives File Head of The same information can be received by multiple people. InResearch’s such a case the rights applicable to each person will beComputer applied to the information 38
  39. 39. Rights displayThis useq has full contqol of document Head of The Head of Research is allowed to have full control over theResearch’sComputer document 39
  40. 40. Contents• Company Introduction• Walkthrough • Introduction & policy definition • Information creation • Policy application • Collaboration within the enterprise • Collaboration outside the enterprise • With desktop client installation • Without desktop client installation • Information audit • Policy changes• Contact 40
  41. 41. Collaboration - outside A Process Flow of Product Plan Policy admin External reviewerResearchDept Head - Legal Head Research Head - Finance Maya NealResearch ResearchAssociate Associate Head - Marketing External After internal circulation the same document can be sent tocirculation external entities like consultants
  42. 42. External user management External The external user may use a pre-existing identity already User’s with him (e.g. online banking system) or he may create anComputer identity using the built-in identity management tool 42
  43. 43. Using desktop agent External The external user may use a different productivity tool like User’s OpenOffice to access the protected document. In this caseComputer he needs to install the Seclore FileSecure desktop agent. 43
  44. 44. Explicit authentication External On clicking, he is taken to the authentication portal where he User’sComputer authenticates himself 44
  45. 45. Unauthorized save External Thereafter the document opens with his rights. Unauthorized User’sComputer attempts to e.g. Save the document … 45
  46. 46. Unauthorized save External User’s … are disallowedComputer 46
  47. 47. Contents• Company Introduction• Walkthrough • Introduction & policy definition • Information creation • Policy application • Collaboration within the enterprise • Collaboration outside the enterprise • With desktop client installation • Without desktop client installation • Information audit • Policy changes• Contact 47
  48. 48. Without desktop agent External In case the external user is not able / allowed to install the User’sComputer desktop agent he can click on the “webview” link …
  49. 49. Authenticates himself External User’s … authenticate himself …Computer
  50. 50. Clicks on View External User’s …choose the file he needs to view…Computer
  51. 51. Views the document External …and view the watermarked file within a secured browser User’sComputer window
  52. 52. Contents• Company Introduction• Walkthrough • Introduction & policy definition • Information creation • Policy application • Collaboration within the enterprise • Collaboration outside the enterprise • With desktop client installation • Without desktop client installation • Information audit • Policy changes• Contact 52
  53. 53. Information audit Maya’s The owner of the document can perform a usage audit onComputer the document 53
  54. 54. Information audit Maya’s The audit captures the WHO, WHAT, WHEN and WHERE of the access attempt. Authorized and unauthorized attemptsComputer are captured and reported 54
  55. 55. Forensics Maya’s Detailed forensic information is available for the usageComputer attempt. Customized reports can be defined and generated 55
  56. 56. Contents• Company Introduction• Walkthrough • Introduction & policy definition • Information creation • Policy application • Collaboration within the enterprise • Collaboration outside the enterprise • With desktop client installation • Without desktop client installation • Information audit • Policy changes• Contact 56
  57. 57. Product planning – process flow A Process Flow of Product Plan Policy admin External reviewer Research Dept Head - Legal Head Research Head - Finance Maya NealResearch ResearchAssociate Associate Head - Marketing Maya’s The policy attached to the document can be changed duringComputer its lifecycle
  58. 58. Remote policy changes Maya’s The policy attached to the document can be changed duringComputer its lifecycle. The owner may choose to “redistribute” … 58
  59. 59. Old policyOld Policy Definition Maya’s … view the existing policy applied to the document …Computer 59
  60. 60. Old policyOld Policy Definition Maya’s … along with the policy detailsComputer 60
  61. 61. New policyNew Policy definition Maya’s Remove the existing policy and apply a new policy …Computer 61
  62. 62. New policy Maya’s … which gives different rights to a new set of people.Computer 62
  63. 63. Remote copies of information External All copies of the information, local or remote reflect the User’sComputer policy change 63
  64. 64. Policy control message External Users whose rights have expired by time or by policy User’s changes can no longer view the document and a friendlyComputer message is displayed to them 64
  65. 65. More Info?www.seclore.com +91-22-4015-5252 65

×