SlideShare a Scribd company logo

Awarenesstechnologies Intro Document

GuardEra Access Solutions, Inc.
GuardEra Access Solutions, Inc.

Complete internal threat solution on the endpoint delivered as a service

1 of 8
Download to read offline
AWARENESS T E C H N O L O G I E S Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna About Awareness Technologies, Inc Awareness Technologies, Inc (ATI) is a Los Angeles, California company founded in 2002 who has over 200,000 total users and 10,000 corporate customers using ATI’s patented Software as a Service (SaaS) all-in-one endpoint security solution to protect organizations from their greatest threat, the insider. Awareness Technologies was honored with the distinction of “Technology Fast 500” by Deloitte in 2008. Leading and marquee organizations in government, financial, health care, education and many Fortune 5000 companies use Awareness Technologies to mitigate the threats posed by insiders. Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna The primary focus of security professionals over the last 10 years has been External Security – keeping the unknown bad guy out. However, there is now recognition that Insiders are by far the greatest risk to a company, as they know where critical and confidential data already resides. Insiders can be an employee, contractor, telecommuter, traveler, or anyone that has privileged access to systems. Breaches caused by insiders can include negligence, pretexting, and carelessness, as well as a wide range of malicious behavior. Even most breaches by external individuals were made possible by insiders whether deliberate or not. Insiders are a growing problem and yet the technology solutions available to mitigate the insider threat are far fewer in number, and far less utilized than solutions that claim to prevent compromise by outsiders. The dedicated focus on external threats has created a very large gap in most organizations information security programs that companies are just now realizing they must address. Like the slow boil of a frog in water, as a society we have acclimated ourselves to a very unhealthy balance between external and internal threats. It is important that we understand why so we can reverse this trend. Information Security Evolution Over the past decade, information security has gone through a series of evolutionary steps. Originally there were single, individual threats from the outside. These were individually mitigated through separate solutions. Viruses were stopped by anti-virus solutions; hackers blocked by firewalls; SPAM filtered by anti-SPAM solutions, and so forth. Security 2000-2009 Viruses Hackers us Fire Company Network i-Vir wal Ant l are An alw ti- Sp ti-M am An Spam Malware The number of threats and paired solutions grew to the point where technology providers began offering solutions that included several mitigation techniques within a single device. These devices are commonly referred to as unified threat management (UTM) devices. Most organizations today don’t just have a firewall but rather an all-in-one device that that includes firewall, intrusion detection and prevention, gateway anti-virus, web content filtering, SPAM filtering and more. These UTM devices attempt to give you all the protection you need from Internet based threats. PAGE 1 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna The threat landscape has changed over the past few years to be more focused on internal threats. This includes attackers directly compromising internal systems as well as increased risks from insiders themselves. Confidential data loss, laptop theft and loss, employee productivity and liability issues, regulatory compliance, incident forensics and data monitoring and recording are all issues the modern day information security professional, compliance officer, and IT administrator must address. Security 2010 and Beyond DLP Viruses Hackers us i-Vir Fire Confidential Ant Data wal l Company Network Laptop Recovery Web Filtering Laptop Employee Theft/Loss Productivity are Employee Errors & alw Regulatory Failures An ti-M ti- Sp An am Employee Monitoring Spam Malware Again we see the same pattern but this time it revolves around insider threats. Individual internal threats spawn a myriad of individual point solutions . Software conflicts, management difficulty, and interoperability will naturally lead to the next evolution of insider threat mitigation solutions. What emerges is an all-in-one solution that has a complete set of security solutions to protect organizations from their greatest threat, the insider. In addition to the trend toward a unified threat solution, there are two other key themes that have now become core to IT security. The first is Software as a Service or SaaS. The need for simplicity has emerged as a critical element that allows companies to adopt a multitude of security technologies in a rapid and efficient manner. Proliferation of single Proliferation of single Emergence of UTM point solutions for point solutions for for Internal Threats external threats external threats 2000 2005 2007 2008 2009 2010 FUTURE Emergence of SaaS Emergence of UTM Proliferation of single Emergence of SaaS for external threats to consolidate point solution for for Internal Threats external threats internal threats PAGE 2 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna The second is the shift away from network-based security technologies to the endpoint, as recognition of the clear benefits from controlling the problem at their source – the endpoint. Summary of 4 core evolutionary themes in IT Security Old New External threats Internal Threats Multi-point solutions Unified Threat Solution Complex/costly SaaS (simple/lowcost) Network-based Endpoint-based The Solution in Concept With the above in mind, Awareness Technologies has created Interguard -- a complete, unified solution focused on insider threats through a single vendor that offers easy deployment and centralized management though a SaaS delivery model which sits on the endpoint providing complete visibility and control. 1. Unified Internal Threat Solution There is no shortage of technologies that mitigate specific threats. With the number of new threats compounding each year, more and more technologies are needed. These single point solutions have become a plague for IT administrators due to the overwhelming administrative and management requirements that accompany having so many different technologies, each with their own management and monitoring interface. Information security professionals need to have an all-in-one, multi-threat prevention platform that creates layered security protection for all insider threats including loss of critical data (both intentional and accidental) as well as employee productivity and malfeasance. Accordingly, a complete insider threat solution would include all elements necessary to control all insider actions including: Data Loss Prevention Web Filtering Laptop Recovery Employee Monitoring 2. End-Point Security Solution With the exception of desktop anti-virus, nearly everything organizations use to protect their networks and systems is applied on the network level. Firewalls, intrusion detection systems, proxies, filters, and scores of other technologies have been used at the “edge” of the network to keep the bad guys out. This approach is sensible to keep bad guys out; However, the situation is different with insiders as their damage is done from within the network or the endpoint. Accordingly, it is nothing more than common (or uncommon) sense that insider threat protection occur on the endpoint. In addition, with the advent of the mobile workforce, endpoint security has become that much more necessary as network based solutions do not adequately account for off-network staff. What information security professionals need is a next generation end-point solution that focuses on the insider that works everywhere and sees everything. No excuses or exceptions for telecommuters, travelers, and other remote employees. No security gaps missed by lack of visibility across all end-points, regardless of location. PAGE 3 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna 3. Software as a Service For years IT administrators and information security personnel have struggled with the difficulty of traditional client/server applications. Each new threat has a corresponding solution that must be tested, deployed and managed. Most require hardware for centralized data collection, reporting, management, configuration and monitoring. Procuring hardware for each new solution is both timely and costly. Setup and configuration of a system are often times so complex, it is nearly impossible to try solutions before you buy them. What information security professionals need is a method to easily and quickly download, try and buy solutions that don’t require any hardware whatsoever. This is what SaaS promises, however few technology providers have been able to step up and address the needs of organizations in this way. Internet Offsite Employee Employee on Data Center Reporting the road Organization Data Protection and Employee Productivity Redefined In order to understand the solution, we need to agree on the problem. From a very high level, insiders can do two things to cause damage to a business. The first is leak or lose critical data, while the second is use company resources for unproductive purposes. Most of us believe that DLP and Webfiltering are sufficient to solve these issues. But are they? Let’s start with the first – leak or lose of data. Again, the common view is that DLP is the answer to prevent data leaks. However, let’s examine the realities. In DLP, we set up policies to prevent confidential data from leaving the organization, either through email or removable media. So the first step is to set up policies, and then let the machine do the rest. Standard DLP is ideal for what it does, but let’s examine it in the real world by looking at some what if scenarios: 1. DLP is only as good as the policies you set up. What if you don’t set up all the policies you need? What if there are gaps? How would you even know if sensitive data was leaking out? 2. As most DLP solutions are network based, what if you have remote or travelling staff? What if personal webmail (hotmail) is used to send out data? 3. What about data that is sensitive but required for business, such as a salesperson needing client data including all contact information, expiration date and amount of contracts? Since we can’t prevent them from having this data, how do we control this threat if they leave to go to a competitor? 4. What about data that is saved to a laptop that walks out the door every day or from time-to-time? How does standard DLP address lost or stolen laptops? PAGE 4 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna For this reason, we believe that DLP is a necessary but insufficient solution for protecting data. In order to complete the picture, organizations need to be able to both record and store all computer activity as well as have the ability to retrieve/disable the asset or delete the information stored on laptops. By recording all computer activity data, Information security specialists can now review the realities of what data is leaving the organization and thus fine-tune policies. In addition, a complete forensic record exists on demand should an issue arise. With respect to laptops, most data breaches today occur as a result of lost or stolen laptops. These have also represented the most public and damaging cases. Thus, the ability to geolocate and/or disable a laptop or delete sensitive information remotely is a critical element of complete data protection. As such, Awareness Technologies Data Protection suite includes complete data protection through: 1. DLP Screen all email (both work and personal) including attachments for sensitive data and block if needed. Detect and block non-public personal information (NPPI) from leaving your network or organization. Stop the use of removable media. Block files based on their content from being copied to portable media. Protect and enforce policies governing each employee’s computer use, including those that never connect to a network…including laptops! Easy intuitive policy creation. 2. Stolen Laptop Protection Remotely retrieve important files invisibly, using any Internet connection. Monitor everything the thief does including all of the files they attempt to access, etc. Prevent the thief from being able to access to any desired programs (Excel, Word, etc.) Remotely delete files or an entire hard drive. Secure and confirm deletion to the highest government standard of unrecoverability. Geo-locate the stolen laptop, in real-time over any Internet connection, often with greater accuracy than GPS. 3. Employee Monitoring Trigger words allow for proactive alerts without the need to log in to the admin view. Works invisibly and undetectable at each desktop, without impacting central network computer resources. Records all employee communications including email, webmail, and instant messaging. Blocks or limits applications like peer to peer, webmail and instant messaging. Records and analyzes all keystroke activity, regardless of the application used. Formats all data into easy-to-read reports, making it easy to find and evaluate critical security lapses. Screenshots taken whenever an alert word is typed or read on a webpage. Ability to search all stored data based on alert words as well as sender or recipient. Full individualized reporting on an employee’s computer activity. PAGE 5 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna Now let’s turn to Employee Productivity. Again, it is commonly believed that standard network-based webfiltering fully addresses this issue. But let’s ask a few what ifs: 1. What if the employee is remote or travelling? In today’s business climate, few organizations don’t have a growing remote employee base. Once of the network, there is no way to enforce policy. 2. Are there other unproductive activities beyond simple url blocking, such as IM, personal email, peer-to-peer, games? 3. What can you really tell about an employee’s day from a list of urls visited? Can you really tell what is being googled? For this reason, we believe that standard network-based webfiltering is insufficient. The first problem is addressed by a solution that works both on and off network. Endpoint solutions accomplish are the only way to address this scenario. The second problem is addressed through a solution that goes beyond webfiltering by recording all computer activity and can block any application such as webmail, IM, games and peer-to-peer. In this way, an employer can be assured that company assets can only be used for work purposes as can see a full picture of the employees day in context. That is, how much time is spent on work email, vs personal email vs. websurfing vs IM vs. Excel or Word or Powerpoint. Day in the life of an employee: Business Email Games Media Player Microsoft Office File Sharing IM/Chat Personal Email Web Browsing As such, Awareness Technologies Employee Productivity suite includes: 1. Webfiltering Monitors and filters Internet use on and off the network (even on laptops). Blocks or limits applications like peer-to-peer and instant messaging. Screenshots taken whenever an alert word is typed or read on a webpage. All search terms captured. Works whether the system is connected to the network or not. PAGE 6 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna 2. Employee Monitoring Works invisibly and undetectable at each desktop, without impacting central network computer resources. Records all employee communications including email, webmail, and instant messaging. Blocks or limits applications like peer to peer, webmail and instant messaging. Records and analyzes all keystroke activity, regardless of the application used. Formats all data into easy-to-read reports, making it easy to find and evaluate critical security lapses. Screenshots taken whenever an alert word is typed or read on a webpage. Ability to search all stored data based on alert words as well as sender or recipient. Full individualized reporting on an employee’s computer activity. Employers today recognize that employees represent their greatest competitive asset, and thus their greatest potential threat. With a business climate today that demands maximum employee productivity and recognizes that employees have access and knowledge of critical data. a greater portion of the IT security budget will begin to be spent on solutions that mitigate the greatest threat to organizations, the insider. While this fundamental shift will not happen overnight, it will literally redefine information security over the next decade. As such, we urge organizations to consider the entirety of the problem and to not take the same piecemeal approach initially used in addressing external threats. Organizations should consider lessons learned from the evolution of external security and consider solutions that solve the problem. In summary, these are: 1. Complete – one solution and one interface for all insider threats. 2. SaaS – removes obstacle to adoption through simplicity of installation and management. 3. Endpoint – control the problem at the source for complete visibility and control. Awareness Technologies The Awareness Technologies solution is the next evolution in insider risk mitigation technology designed for organizations of all sizes. With its easy to deploy, easy trial, and no hardware required, you can immediately enjoy the benefits of this next generation solution within minutes. PAGE 7 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.

Recommended

How To Identify And Mitigate Security And Intellectual Property Risks When Ou...
How To Identify And Mitigate Security And Intellectual Property Risks When Ou...How To Identify And Mitigate Security And Intellectual Property Risks When Ou...
How To Identify And Mitigate Security And Intellectual Property Risks When Ou...Altoros
 
Hawaii Pacific GIS Conference 2012: Disaster Management and Emergency Respons...
Hawaii Pacific GIS Conference 2012: Disaster Management and Emergency Respons...Hawaii Pacific GIS Conference 2012: Disaster Management and Emergency Respons...
Hawaii Pacific GIS Conference 2012: Disaster Management and Emergency Respons...Hawaii Geographic Information Coordinating Council
 
Agenda Security Helsinki 29okt2009
Agenda Security Helsinki 29okt2009Agenda Security Helsinki 29okt2009
Agenda Security Helsinki 29okt2009Anna Näsmark
 
Return on Security Investment
Return on Security InvestmentReturn on Security Investment
Return on Security InvestmentConferencias FIST
 
Business Driven Security Securing the Smarter Planet pcty_020710_rev
Business Driven Security Securing the Smarter Planet pcty_020710_revBusiness Driven Security Securing the Smarter Planet pcty_020710_rev
Business Driven Security Securing the Smarter Planet pcty_020710_revShanker Sareen
 
Maximizing Security Training ROI
Maximizing Security Training ROIMaximizing Security Training ROI
Maximizing Security Training ROISymosis Security (Previously C-Level Security)
 
Hacking case-studies
Hacking case-studiesHacking case-studies
Hacking case-studiesvenkadesh Prasath
 
Complete Security with Sophos and Softchoice
Complete Security with Sophos and SoftchoiceComplete Security with Sophos and Softchoice
Complete Security with Sophos and SoftchoiceSoftchoice Corporation
 

Recommended

How To Identify And Mitigate Security And Intellectual Property Risks When Ou...
How To Identify And Mitigate Security And Intellectual Property Risks When Ou...How To Identify And Mitigate Security And Intellectual Property Risks When Ou...
How To Identify And Mitigate Security And Intellectual Property Risks When Ou...Altoros
 
Hawaii Pacific GIS Conference 2012: Disaster Management and Emergency Respons...
Hawaii Pacific GIS Conference 2012: Disaster Management and Emergency Respons...Hawaii Pacific GIS Conference 2012: Disaster Management and Emergency Respons...
Hawaii Pacific GIS Conference 2012: Disaster Management and Emergency Respons...Hawaii Geographic Information Coordinating Council
 
Agenda Security Helsinki 29okt2009
Agenda Security Helsinki 29okt2009Agenda Security Helsinki 29okt2009
Agenda Security Helsinki 29okt2009Anna Näsmark
 
Return on Security Investment
Return on Security InvestmentReturn on Security Investment
Return on Security InvestmentConferencias FIST
 
Business Driven Security Securing the Smarter Planet pcty_020710_rev
Business Driven Security Securing the Smarter Planet pcty_020710_revBusiness Driven Security Securing the Smarter Planet pcty_020710_rev
Business Driven Security Securing the Smarter Planet pcty_020710_revShanker Sareen
 
Maximizing Security Training ROI
Maximizing Security Training ROIMaximizing Security Training ROI
Maximizing Security Training ROISymosis Security (Previously C-Level Security)
 
Hacking case-studies
Hacking case-studiesHacking case-studies
Hacking case-studiesvenkadesh Prasath
 
Complete Security with Sophos and Softchoice
Complete Security with Sophos and SoftchoiceComplete Security with Sophos and Softchoice
Complete Security with Sophos and SoftchoiceSoftchoice Corporation
 
Mx Pb En 100929
Mx Pb En 100929Mx Pb En 100929
Mx Pb En 100929GuardEra Access Solutions, Inc.
 
Forrester Healthcare
Forrester HealthcareForrester Healthcare
Forrester HealthcareGuardEra Access Solutions, Inc.
 
Patrick Notley1
Patrick Notley1Patrick Notley1
Patrick Notley1GuardEra Access Solutions, Inc.
 
HITECH Modifications to HIPAA
HITECH Modifications to HIPAAHITECH Modifications to HIPAA
HITECH Modifications to HIPAAGuardEra Access Solutions, Inc.
 
HIPAA Regs
HIPAA RegsHIPAA Regs
HIPAA RegsGuardEra Access Solutions, Inc.
 
Wordpress Case Study - A Recruitment Website
Wordpress Case Study - A Recruitment WebsiteWordpress Case Study - A Recruitment Website
Wordpress Case Study - A Recruitment Websitestevewilsonguru
 
Understanding Advanced Cybersecurity Threats for the In-House Counsel
Understanding Advanced Cybersecurity Threats for the In-House CounselUnderstanding Advanced Cybersecurity Threats for the In-House Counsel
Understanding Advanced Cybersecurity Threats for the In-House CounselAdam Palmer
 
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House CounselAdam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House CounselAdam Palmer
 
Anti virus in the corporate arena
Anti virus in the corporate arenaAnti virus in the corporate arena
Anti virus in the corporate arenaUltraUploader
 
L123
L123L123
L123Btyy121
 
Project.pptx
Project.pptxProject.pptx
Project.pptxDhruv896840
 
Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Hamisi Kibonde
 
[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx
[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx
[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptxCompanySeceon
 
Readying People Against Deceptive Practices
Readying People Against Deceptive PracticesReadying People Against Deceptive Practices
Readying People Against Deceptive PracticesMSFTSIRv16
 
VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareGFI Software
 
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTMDSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTMAndris Soroka
 
Attact evolution
Attact evolutionAttact evolution
Attact evolutionRoshAan4
 
The impact of a security breach on MSP's and their clients
The impact of a security breach on MSP's and their clientsThe impact of a security breach on MSP's and their clients
The impact of a security breach on MSP's and their clientsJose Lopez
 
The risk landscape dave cunningham quoted sep 2008
The risk landscape dave cunningham quoted sep 2008The risk landscape dave cunningham quoted sep 2008
The risk landscape dave cunningham quoted sep 2008David Cunningham
 
ITrust Company Overview EN
ITrust Company Overview ENITrust Company Overview EN
ITrust Company Overview ENITrust - Cybersecurity as a Service
 
2013 global security report
2013 global security report2013 global security report
2013 global security reportYury Chemerkin
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
 

More Related Content

Viewers also liked

Wordpress Case Study - A Recruitment Website
Wordpress Case Study - A Recruitment WebsiteWordpress Case Study - A Recruitment Website
Wordpress Case Study - A Recruitment Websitestevewilsonguru
 

Viewers also liked (6)

Mx Pb En 100929
Mx Pb En 100929Mx Pb En 100929
Mx Pb En 100929
 
Forrester Healthcare
Forrester HealthcareForrester Healthcare
Forrester Healthcare
 
Patrick Notley1
Patrick Notley1Patrick Notley1
Patrick Notley1
 
HITECH Modifications to HIPAA
HITECH Modifications to HIPAAHITECH Modifications to HIPAA
HITECH Modifications to HIPAA
 
HIPAA Regs
HIPAA RegsHIPAA Regs
HIPAA Regs
 
Wordpress Case Study - A Recruitment Website
Wordpress Case Study - A Recruitment WebsiteWordpress Case Study - A Recruitment Website
Wordpress Case Study - A Recruitment Website
 

Similar to Awarenesstechnologies Intro Document

Understanding Advanced Cybersecurity Threats for the In-House Counsel
Understanding Advanced Cybersecurity Threats for the In-House CounselUnderstanding Advanced Cybersecurity Threats for the In-House Counsel
Understanding Advanced Cybersecurity Threats for the In-House CounselAdam Palmer
 
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House CounselAdam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House CounselAdam Palmer
 
Anti virus in the corporate arena
Anti virus in the corporate arenaAnti virus in the corporate arena
Anti virus in the corporate arenaUltraUploader
 
Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Hamisi Kibonde
 
[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx
[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx
[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptxCompanySeceon
 
Readying People Against Deceptive Practices
Readying People Against Deceptive PracticesReadying People Against Deceptive Practices
Readying People Against Deceptive PracticesMSFTSIRv16
 
VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareGFI Software
 
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTMDSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTMAndris Soroka
 
Attact evolution
Attact evolutionAttact evolution
Attact evolutionRoshAan4
 
The impact of a security breach on MSP's and their clients
The impact of a security breach on MSP's and their clientsThe impact of a security breach on MSP's and their clients
The impact of a security breach on MSP's and their clientsJose Lopez
 
The risk landscape dave cunningham quoted sep 2008
The risk landscape dave cunningham quoted sep 2008The risk landscape dave cunningham quoted sep 2008
The risk landscape dave cunningham quoted sep 2008David Cunningham
 
2013 global security report
2013 global security report2013 global security report
2013 global security reportYury Chemerkin
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperCMR WORLD TECH
 
Security Strategies for UC
Security Strategies for UCSecurity Strategies for UC
Security Strategies for UCDigium
 
Symantec reportinternetsecurity
Symantec reportinternetsecuritySymantec reportinternetsecurity
Symantec reportinternetsecurityAchraf Chtibi
 
rovide 34 paragraphs that define how the IT security landscape has evo.docx
rovide 34 paragraphs that define how the IT security landscape has evo.docxrovide 34 paragraphs that define how the IT security landscape has evo.docx
rovide 34 paragraphs that define how the IT security landscape has evo.docxacarolyn
 
symc_annual2001
symc_annual2001symc_annual2001
symc_annual2001finance40
 

Similar to Awarenesstechnologies Intro Document (20)

Understanding Advanced Cybersecurity Threats for the In-House Counsel
Understanding Advanced Cybersecurity Threats for the In-House CounselUnderstanding Advanced Cybersecurity Threats for the In-House Counsel
Understanding Advanced Cybersecurity Threats for the In-House Counsel
 
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House CounselAdam Palmer: Managing Advanced Cyber Threats for In-House Counsel
Adam Palmer: Managing Advanced Cyber Threats for In-House Counsel
 
Anti virus in the corporate arena
Anti virus in the corporate arenaAnti virus in the corporate arena
Anti virus in the corporate arena
 
L123
L123L123
L123
 
Project.pptx
Project.pptxProject.pptx
Project.pptx
 
Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)Noah Maina: Computer Emergency Response Team (CERT)
Noah Maina: Computer Emergency Response Team (CERT)
 
[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx
[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx
[Infographic] The MSP Journey to AI_ML-Powered Detection and Response.pptx
 
Readying People Against Deceptive Practices
Readying People Against Deceptive PracticesReadying People Against Deceptive Practices
Readying People Against Deceptive Practices
 
VIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of BloatwareVIPRE Business Takes a Bite out of Bloatware
VIPRE Business Takes a Bite out of Bloatware
 
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTMDSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
DSS ITSEC Conference 2012 - Cyberoam Layer8 UTM
 
Attact evolution
Attact evolutionAttact evolution
Attact evolution
 
The impact of a security breach on MSP's and their clients
The impact of a security breach on MSP's and their clientsThe impact of a security breach on MSP's and their clients
The impact of a security breach on MSP's and their clients
 
The risk landscape dave cunningham quoted sep 2008
The risk landscape dave cunningham quoted sep 2008The risk landscape dave cunningham quoted sep 2008
The risk landscape dave cunningham quoted sep 2008
 
ITrust Company Overview EN
ITrust Company Overview ENITrust Company Overview EN
ITrust Company Overview EN
 
2013 global security report
2013 global security report2013 global security report
2013 global security report
 
Security - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaperSecurity - intelligence - maturity-model-ciso-whitepaper
Security - intelligence - maturity-model-ciso-whitepaper
 
Security Strategies for UC
Security Strategies for UCSecurity Strategies for UC
Security Strategies for UC
 
Symantec reportinternetsecurity
Symantec reportinternetsecuritySymantec reportinternetsecurity
Symantec reportinternetsecurity
 
rovide 34 paragraphs that define how the IT security landscape has evo.docx
rovide 34 paragraphs that define how the IT security landscape has evo.docxrovide 34 paragraphs that define how the IT security landscape has evo.docx
rovide 34 paragraphs that define how the IT security landscape has evo.docx
 
symc_annual2001
symc_annual2001symc_annual2001
symc_annual2001
 

More from GuardEra Access Solutions, Inc.

Valiente Balancing It SecurityCompliance, Complexity & Cost
Valiente Balancing It SecurityCompliance, Complexity & CostValiente Balancing It SecurityCompliance, Complexity & Cost
Valiente Balancing It SecurityCompliance, Complexity & CostGuardEra Access Solutions, Inc.
 

More from GuardEra Access Solutions, Inc. (20)

Rp 2010 data-breach-report-en_xg
Rp 2010 data-breach-report-en_xgRp 2010 data-breach-report-en_xg
Rp 2010 data-breach-report-en_xg
 
Deepwater Horizon
Deepwater HorizonDeepwater Horizon
Deepwater Horizon
 
Cloud Computing Payback
Cloud Computing PaybackCloud Computing Payback
Cloud Computing Payback
 
10844 5415 The Value Of Corporate Secrets
10844 5415 The Value Of Corporate Secrets10844 5415 The Value Of Corporate Secrets
10844 5415 The Value Of Corporate Secrets
 
Security Breach Laws
Security Breach LawsSecurity Breach Laws
Security Breach Laws
 
2010 New Guidelines Hipaa Checklist V1
2010 New Guidelines Hipaa Checklist V12010 New Guidelines Hipaa Checklist V1
2010 New Guidelines Hipaa Checklist V1
 
2010 Hipaa Rules 011310
2010 Hipaa Rules 0113102010 Hipaa Rules 011310
2010 Hipaa Rules 011310
 
Og Disparate It Mgmt Tool Impact Report
Og Disparate It Mgmt Tool Impact ReportOg Disparate It Mgmt Tool Impact Report
Og Disparate It Mgmt Tool Impact Report
 
Accel Ops Brochure0609
Accel Ops Brochure0609Accel Ops Brochure0609
Accel Ops Brochure0609
 
Healthcare Data Security Update
Healthcare Data Security UpdateHealthcare Data Security Update
Healthcare Data Security Update
 
HITECH Act
HITECH ActHITECH Act
HITECH Act
 
EMR Yes- No
EMR Yes- NoEMR Yes- No
EMR Yes- No
 
SourceFire IPS Overview
SourceFire IPS OverviewSourceFire IPS Overview
SourceFire IPS Overview
 
Closing the Clinical IT Chasm
Closing the Clinical IT ChasmClosing the Clinical IT Chasm
Closing the Clinical IT Chasm
 
Valiente Balancing It SecurityCompliance, Complexity & Cost
Valiente Balancing It SecurityCompliance, Complexity & CostValiente Balancing It SecurityCompliance, Complexity & Cost
Valiente Balancing It SecurityCompliance, Complexity & Cost
 
2009 Databreach Report
2009 Databreach Report2009 Databreach Report
2009 Databreach Report
 
Mini IT Security Assessment
Mini IT Security AssessmentMini IT Security Assessment
Mini IT Security Assessment
 
Enabling Healthcare Reform Using IT
Enabling Healthcare Reform Using ITEnabling Healthcare Reform Using IT
Enabling Healthcare Reform Using IT
 
Thisa Lite Message
Thisa Lite MessageThisa Lite Message
Thisa Lite Message
 
Thisa Customer Presentation Ga
Thisa Customer Presentation GaThisa Customer Presentation Ga
Thisa Customer Presentation Ga
 

Awarenesstechnologies Intro Document

  • 1. AWARENESS T E C H N O L O G I E S Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna About Awareness Technologies, Inc Awareness Technologies, Inc (ATI) is a Los Angeles, California company founded in 2002 who has over 200,000 total users and 10,000 corporate customers using ATI’s patented Software as a Service (SaaS) all-in-one endpoint security solution to protect organizations from their greatest threat, the insider. Awareness Technologies was honored with the distinction of “Technology Fast 500” by Deloitte in 2008. Leading and marquee organizations in government, financial, health care, education and many Fortune 5000 companies use Awareness Technologies to mitigate the threats posed by insiders. Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
  • 2. AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna The primary focus of security professionals over the last 10 years has been External Security – keeping the unknown bad guy out. However, there is now recognition that Insiders are by far the greatest risk to a company, as they know where critical and confidential data already resides. Insiders can be an employee, contractor, telecommuter, traveler, or anyone that has privileged access to systems. Breaches caused by insiders can include negligence, pretexting, and carelessness, as well as a wide range of malicious behavior. Even most breaches by external individuals were made possible by insiders whether deliberate or not. Insiders are a growing problem and yet the technology solutions available to mitigate the insider threat are far fewer in number, and far less utilized than solutions that claim to prevent compromise by outsiders. The dedicated focus on external threats has created a very large gap in most organizations information security programs that companies are just now realizing they must address. Like the slow boil of a frog in water, as a society we have acclimated ourselves to a very unhealthy balance between external and internal threats. It is important that we understand why so we can reverse this trend. Information Security Evolution Over the past decade, information security has gone through a series of evolutionary steps. Originally there were single, individual threats from the outside. These were individually mitigated through separate solutions. Viruses were stopped by anti-virus solutions; hackers blocked by firewalls; SPAM filtered by anti-SPAM solutions, and so forth. Security 2000-2009 Viruses Hackers us Fire Company Network i-Vir wal Ant l are An alw ti- Sp ti-M am An Spam Malware The number of threats and paired solutions grew to the point where technology providers began offering solutions that included several mitigation techniques within a single device. These devices are commonly referred to as unified threat management (UTM) devices. Most organizations today don’t just have a firewall but rather an all-in-one device that that includes firewall, intrusion detection and prevention, gateway anti-virus, web content filtering, SPAM filtering and more. These UTM devices attempt to give you all the protection you need from Internet based threats. PAGE 1 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
  • 3. AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna The threat landscape has changed over the past few years to be more focused on internal threats. This includes attackers directly compromising internal systems as well as increased risks from insiders themselves. Confidential data loss, laptop theft and loss, employee productivity and liability issues, regulatory compliance, incident forensics and data monitoring and recording are all issues the modern day information security professional, compliance officer, and IT administrator must address. Security 2010 and Beyond DLP Viruses Hackers us i-Vir Fire Confidential Ant Data wal l Company Network Laptop Recovery Web Filtering Laptop Employee Theft/Loss Productivity are Employee Errors & alw Regulatory Failures An ti-M ti- Sp An am Employee Monitoring Spam Malware Again we see the same pattern but this time it revolves around insider threats. Individual internal threats spawn a myriad of individual point solutions . Software conflicts, management difficulty, and interoperability will naturally lead to the next evolution of insider threat mitigation solutions. What emerges is an all-in-one solution that has a complete set of security solutions to protect organizations from their greatest threat, the insider. In addition to the trend toward a unified threat solution, there are two other key themes that have now become core to IT security. The first is Software as a Service or SaaS. The need for simplicity has emerged as a critical element that allows companies to adopt a multitude of security technologies in a rapid and efficient manner. Proliferation of single Proliferation of single Emergence of UTM point solutions for point solutions for for Internal Threats external threats external threats 2000 2005 2007 2008 2009 2010 FUTURE Emergence of SaaS Emergence of UTM Proliferation of single Emergence of SaaS for external threats to consolidate point solution for for Internal Threats external threats internal threats PAGE 2 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
  • 4. AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna The second is the shift away from network-based security technologies to the endpoint, as recognition of the clear benefits from controlling the problem at their source – the endpoint. Summary of 4 core evolutionary themes in IT Security Old New External threats Internal Threats Multi-point solutions Unified Threat Solution Complex/costly SaaS (simple/lowcost) Network-based Endpoint-based The Solution in Concept With the above in mind, Awareness Technologies has created Interguard -- a complete, unified solution focused on insider threats through a single vendor that offers easy deployment and centralized management though a SaaS delivery model which sits on the endpoint providing complete visibility and control. 1. Unified Internal Threat Solution There is no shortage of technologies that mitigate specific threats. With the number of new threats compounding each year, more and more technologies are needed. These single point solutions have become a plague for IT administrators due to the overwhelming administrative and management requirements that accompany having so many different technologies, each with their own management and monitoring interface. Information security professionals need to have an all-in-one, multi-threat prevention platform that creates layered security protection for all insider threats including loss of critical data (both intentional and accidental) as well as employee productivity and malfeasance. Accordingly, a complete insider threat solution would include all elements necessary to control all insider actions including: Data Loss Prevention Web Filtering Laptop Recovery Employee Monitoring 2. End-Point Security Solution With the exception of desktop anti-virus, nearly everything organizations use to protect their networks and systems is applied on the network level. Firewalls, intrusion detection systems, proxies, filters, and scores of other technologies have been used at the “edge” of the network to keep the bad guys out. This approach is sensible to keep bad guys out; However, the situation is different with insiders as their damage is done from within the network or the endpoint. Accordingly, it is nothing more than common (or uncommon) sense that insider threat protection occur on the endpoint. In addition, with the advent of the mobile workforce, endpoint security has become that much more necessary as network based solutions do not adequately account for off-network staff. What information security professionals need is a next generation end-point solution that focuses on the insider that works everywhere and sees everything. No excuses or exceptions for telecommuters, travelers, and other remote employees. No security gaps missed by lack of visibility across all end-points, regardless of location. PAGE 3 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
  • 5. AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna 3. Software as a Service For years IT administrators and information security personnel have struggled with the difficulty of traditional client/server applications. Each new threat has a corresponding solution that must be tested, deployed and managed. Most require hardware for centralized data collection, reporting, management, configuration and monitoring. Procuring hardware for each new solution is both timely and costly. Setup and configuration of a system are often times so complex, it is nearly impossible to try solutions before you buy them. What information security professionals need is a method to easily and quickly download, try and buy solutions that don’t require any hardware whatsoever. This is what SaaS promises, however few technology providers have been able to step up and address the needs of organizations in this way. Internet Offsite Employee Employee on Data Center Reporting the road Organization Data Protection and Employee Productivity Redefined In order to understand the solution, we need to agree on the problem. From a very high level, insiders can do two things to cause damage to a business. The first is leak or lose critical data, while the second is use company resources for unproductive purposes. Most of us believe that DLP and Webfiltering are sufficient to solve these issues. But are they? Let’s start with the first – leak or lose of data. Again, the common view is that DLP is the answer to prevent data leaks. However, let’s examine the realities. In DLP, we set up policies to prevent confidential data from leaving the organization, either through email or removable media. So the first step is to set up policies, and then let the machine do the rest. Standard DLP is ideal for what it does, but let’s examine it in the real world by looking at some what if scenarios: 1. DLP is only as good as the policies you set up. What if you don’t set up all the policies you need? What if there are gaps? How would you even know if sensitive data was leaking out? 2. As most DLP solutions are network based, what if you have remote or travelling staff? What if personal webmail (hotmail) is used to send out data? 3. What about data that is sensitive but required for business, such as a salesperson needing client data including all contact information, expiration date and amount of contracts? Since we can’t prevent them from having this data, how do we control this threat if they leave to go to a competitor? 4. What about data that is saved to a laptop that walks out the door every day or from time-to-time? How does standard DLP address lost or stolen laptops? PAGE 4 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
  • 6. AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna For this reason, we believe that DLP is a necessary but insufficient solution for protecting data. In order to complete the picture, organizations need to be able to both record and store all computer activity as well as have the ability to retrieve/disable the asset or delete the information stored on laptops. By recording all computer activity data, Information security specialists can now review the realities of what data is leaving the organization and thus fine-tune policies. In addition, a complete forensic record exists on demand should an issue arise. With respect to laptops, most data breaches today occur as a result of lost or stolen laptops. These have also represented the most public and damaging cases. Thus, the ability to geolocate and/or disable a laptop or delete sensitive information remotely is a critical element of complete data protection. As such, Awareness Technologies Data Protection suite includes complete data protection through: 1. DLP Screen all email (both work and personal) including attachments for sensitive data and block if needed. Detect and block non-public personal information (NPPI) from leaving your network or organization. Stop the use of removable media. Block files based on their content from being copied to portable media. Protect and enforce policies governing each employee’s computer use, including those that never connect to a network…including laptops! Easy intuitive policy creation. 2. Stolen Laptop Protection Remotely retrieve important files invisibly, using any Internet connection. Monitor everything the thief does including all of the files they attempt to access, etc. Prevent the thief from being able to access to any desired programs (Excel, Word, etc.) Remotely delete files or an entire hard drive. Secure and confirm deletion to the highest government standard of unrecoverability. Geo-locate the stolen laptop, in real-time over any Internet connection, often with greater accuracy than GPS. 3. Employee Monitoring Trigger words allow for proactive alerts without the need to log in to the admin view. Works invisibly and undetectable at each desktop, without impacting central network computer resources. Records all employee communications including email, webmail, and instant messaging. Blocks or limits applications like peer to peer, webmail and instant messaging. Records and analyzes all keystroke activity, regardless of the application used. Formats all data into easy-to-read reports, making it easy to find and evaluate critical security lapses. Screenshots taken whenever an alert word is typed or read on a webpage. Ability to search all stored data based on alert words as well as sender or recipient. Full individualized reporting on an employee’s computer activity. PAGE 5 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
  • 7. AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna Now let’s turn to Employee Productivity. Again, it is commonly believed that standard network-based webfiltering fully addresses this issue. But let’s ask a few what ifs: 1. What if the employee is remote or travelling? In today’s business climate, few organizations don’t have a growing remote employee base. Once of the network, there is no way to enforce policy. 2. Are there other unproductive activities beyond simple url blocking, such as IM, personal email, peer-to-peer, games? 3. What can you really tell about an employee’s day from a list of urls visited? Can you really tell what is being googled? For this reason, we believe that standard network-based webfiltering is insufficient. The first problem is addressed by a solution that works both on and off network. Endpoint solutions accomplish are the only way to address this scenario. The second problem is addressed through a solution that goes beyond webfiltering by recording all computer activity and can block any application such as webmail, IM, games and peer-to-peer. In this way, an employer can be assured that company assets can only be used for work purposes as can see a full picture of the employees day in context. That is, how much time is spent on work email, vs personal email vs. websurfing vs IM vs. Excel or Word or Powerpoint. Day in the life of an employee: Business Email Games Media Player Microsoft Office File Sharing IM/Chat Personal Email Web Browsing As such, Awareness Technologies Employee Productivity suite includes: 1. Webfiltering Monitors and filters Internet use on and off the network (even on laptops). Blocks or limits applications like peer-to-peer and instant messaging. Screenshots taken whenever an alert word is typed or read on a webpage. All search terms captured. Works whether the system is connected to the network or not. PAGE 6 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.
  • 8. AWARENESS T E C H N O L O G I E S Awareness Technologies Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna 2. Employee Monitoring Works invisibly and undetectable at each desktop, without impacting central network computer resources. Records all employee communications including email, webmail, and instant messaging. Blocks or limits applications like peer to peer, webmail and instant messaging. Records and analyzes all keystroke activity, regardless of the application used. Formats all data into easy-to-read reports, making it easy to find and evaluate critical security lapses. Screenshots taken whenever an alert word is typed or read on a webpage. Ability to search all stored data based on alert words as well as sender or recipient. Full individualized reporting on an employee’s computer activity. Employers today recognize that employees represent their greatest competitive asset, and thus their greatest potential threat. With a business climate today that demands maximum employee productivity and recognizes that employees have access and knowledge of critical data. a greater portion of the IT security budget will begin to be spent on solutions that mitigate the greatest threat to organizations, the insider. While this fundamental shift will not happen overnight, it will literally redefine information security over the next decade. As such, we urge organizations to consider the entirety of the problem and to not take the same piecemeal approach initially used in addressing external threats. Organizations should consider lessons learned from the evolution of external security and consider solutions that solve the problem. In summary, these are: 1. Complete – one solution and one interface for all insider threats. 2. SaaS – removes obstacle to adoption through simplicity of installation and management. 3. Endpoint – control the problem at the source for complete visibility and control. Awareness Technologies The Awareness Technologies solution is the next evolution in insider risk mitigation technology designed for organizations of all sizes. With its easy to deploy, easy trial, and no hardware required, you can immediately enjoy the benefits of this next generation solution within minutes. PAGE 7 Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.