This document summarizes a presentation by Prakash Baskaran of Pawaa Software on data protection solutions. It discusses traditional approaches to data security that are no longer sufficient due to insider threats and activities like copying sensitive data to removable drives or screenshots. Pawaa's innovations include a browser wrapper that works on any computer to enforce usage policies for files downloaded from web applications, preventing unauthorized access or use of sensitive data. The presentation demonstrates PawaaWEBB, which deploys as a browser to protect a web application without requiring a locked down environment.

1. OCC Bangalore Presentation
Prakash Baskaran
prakash@pawaa.com
Control Protection
© Pawaa Software Freedom 1

2. Industry Pain Points
Index
Control Protection
© Pawaa Software Freedom 2

3. Recent Data Leak News
© Pawaa Software 3

4. Recent Data Leak News
© Pawaa Software 4

5. Recent Data Leak News
© Pawaa Software 5

6. Recent Data Leak News
© Pawaa Software 6

7. Recent Data Leak News
© Pawaa Software 7

8. Recent Data Leak News
© Pawaa Software 8

9. Defences everywhere
Network Level
Firewalls
Content filters
Email filters
IDS, IPS, UTM
Network controls
Desktop Level
Anti-virus
Identity Mgmt
Access controls
Customers Device locks
Suppliers & vendors Encryption
Partners & Consultants
VPN/WEB Remote Employees
but data leaks continue..
© Pawaa Software 9

10. Source of Data Leak: Insiders
Traditional Approaches Not Enough
Offline activities at endpoints
Clipboard and screenshots
Privilege abuse
Removable media
Local configuration changes
Logs without context
Source: Ponemon Institute
Too many point solutions
87% of insider attacks involved authorized
User Intents not deciphered
persons using legitimate commands.
-US Secret Service
Insider risk management
Through 2008, insiders will account for
majority of financial losses from computers needs to start with Endpoint
- Gartner Monitoring.
© Pawaa Software 10

11. Impacts of Data Leak
© Pawaa Software 11

12. Drivers: DLP converging with GRC
Key Driver
Common thread
between all these
regulations is to
protect information
and control
endpoints!
© Pawaa Software 12

13. Pawaa Innovations & Product Portfolio
Index
Control Protection
© Pawaa Software Freedom 13

14. Defences everywhere
Network Level
Firewalls
Content filters
Email filters
IDS, IPS, UTM
Network DLP
Desktop Level
Anti-virus
Access controls
Device locks
Web Applications
Encryption
Customers
Host based DLP
Suppliers & vendors
Partners & Consultants
Remote Employees
Pawaa Protects..
© Pawaa Software 14

15. Traditional Browser & Files
Traditional Web Browsers
Can trust but cannot verify.
Problems
Trusted users access information on Un-
trusted computers
No visibility beyond typical user
authentication
Simple user activities cause data leaks
Files at Desktop
Can easily walk away
Clipboard
Print
Save as
No audit trails available and compliance is
tricky
Files downloaded from web application
through typical browsers can easily “walk
away”
© Pawaa Software 15

16. Sharing Data over the Web
Traditional DLP Products
Only covers this scenario: Many common situations where you must
Trusted user, only using… share sensitive data within a context that is
Fully trusted machine, as long as… not so “locked down”
Under org’s full control, only within.. These use cases are often vital to a business
Intranet environment being able to operate and compete!
But what about… Only Pawaa has the technology for sharing
Cloud/ SaaS /ASP sensitive information:
Franchises and branches Over the browser, even in…
Extranets Non-intranet situations, even with…
Shared computers
Unknown computers to
Mobile staff with no VPN access
Protect information accessed
© Pawaa Software 16

17. Other Key Issues
Traditional DLP Products
Agent can be disabled
Agent must be pre-installed on machine Solves these serious protection issues
before protection starts
Huge logs practically unusable
Proving compliance = pull logs from Solves these serious workload issues
multiple products and correlate them
Pre-classify data (very time consuming)
Agent must run all the time Solves these serious usability issues
24x7 monitoring intrudes on user privacy
© Pawaa Software 17

18. Our Innovative Approach
Implements as a browser wrapper Un-hackable (up to 4 keys)
Downloaded once, 1st time user tries to Patented file format “wrapper”, works with
access sensitive data any native format
Works on un-trusted computers Preset IRM policies are auto-applied to any
accessing in multiple types of file created/downloaded
authentification
IRM enforces who, where, when and how
Agent is the conduit -- so data not the file can be consumed
available if the agent is “disabled”
File can only be consumed after policies are
Only log relevant into, so easy to detect enforced
suspicious activity
Even for files already created:
Policies can be modified
Content itself can be updated
Jointly protect against unauthorized access and unauthorized use
© Pawaa Software 18

19. Demonstration
For this demonstration…
Non “locked down” scenario
• No Intranet, no VPN
• Everything is accessing web apps via a browser
• Machine unknown to the enterprise
PawaaWEBB has been deployed for the web application that
needs protection
© Pawaa Software 19

20. Demonstration
Demonstration
• PawaaWEBB – deploys as a browser wrapper
• Acts as the required conduit – no access if not running
• To access a secure URL – user downloads & installs once
Instant protection
No army of install engineers
© Pawaa Software 20

21. Demonstration
Desktop Client
Only required while accessing secure URLs
• Users – minimizes machine “overhead” (agent not
running all the time)
Demonstration
• Admins – logs capture relevant activity (not logging
“all activity for all users all the time”)
© Pawaa Software 21

22. Demonstration
Authentication
Goes beyond just username and password
• Communicates with server
• Can work with many authentication methods (i.e., AD,
SAML, OpenID, etc.)
• Updates all policies
• Rechecks components for tampering – config files, DLLs,
registry entries, etc.
© Pawaa Software 22

23. PawaaWEBB Screenshots
© Pawaa Software 23

24. PawaaWEBB Screenshots
File Download PawaaFILE Conversion Local File System Monitoring
Application Monitoring Hardware Monitoring Network Monitoring
© Pawaa Software 24

25. Demonstration
© Pawaa Software 25

26. “View Policy” – Selected Highlights
Can monitor individual fields (detect, alert, block)
Can monitor click behavior within the browser
“View Policy” – Selected Highlights
Configure upload/download permissions by URL
(including allowable file types)
Data masking within the browser views
© Pawaa Software 26

27. Demonstration
Patented file format “wrapper”, works
with any native format
Un-hackable, but not just encrypting…
Pre-set IRM policies are auto-applied to
any file created/downloaded
IRM enforces every aspect of consuming
the file
© Pawaa Software 27

28. Demonstration
PawaaFILE wraps around any native format
Displayed as a .paw file format
Logo can carry client branding
© Pawaa Software 28

29. PawaaFILE Screenshots
© Pawaa Software 29

30. Demonstration
File checks with server, when opened
This allows updates to be applied, even on files
“in the wild”
IRM policy changes
Even content can be updated
© Pawaa Software 30

31. “HotDoc” Examples
John and Eric (mobile salesmen)
download the confidential price
list to their notebooks
John Eric
Later: 1) headquarters updates the price list and 2) Eric quits.
Admin makes both changes on the server
When John next opens the Eric can’t use
document, the price list the file, in
content is auto-updated any way
© Pawaa Software 31

32. Demonstration
Server Console
Only log relevant info, so easy to perform
detection, forensics, and audits
Even capture activity on files “in the
wild”
© Pawaa Software 32

33. Solutions with PawaaWEBB & PawaaFILE
Index
Control Protection
© Pawaa Software Freedom 33

34. Integration with Cloud Applications
Advantages of Cloud based Applications
No Hardware
No Software
Huge cost savings
PawaaWEBB & PawaaFILE Integration
Complete audit trail on user behavior
Control and security for the
downloaded files and reports.
Control over the user desktop and user
activities such as print, screenshot,
clipboard and other activities.
Fills the missing web and file security
for cloud applications
© Pawaa Software 34

35. Integration with Open Source Apps
Advantages of Open Source Applications
Open Source Software benefits
Widely popular
PawaaWEBB & PawaaFILE Integration
Complete audit trail on user behavior
Control and security for the
downloaded files and reports.
Control over the user desktop and user
activities such as print, screenshot,
clipboard and other activities.
Increases the adoption of Open source
software and adoption of Pawaa
products.
© Pawaa Software 35

36. Integration with Smart Cards
PawaaFILE with Proximity Cards
Can eliminate the need for authentication
Will open only the files that are authorized
for the card holder
Can carry the file policies on the card
Will open .paw files faster and enforce the
policies quicker
Ideal for hospital and clinical environments
PawaaFILE On Smart Health Cards
Only authorized users can open the files
Privacy, confidentiality and security
guaranteed.
© Pawaa Software 36

37. Hot Doc Feature of PawaaFILE
PawaaFILE Solutions
PawaaFILE knows the source, knows the
user and so can automatically update the
contents.
Applications: Credit card statements,
mutual fund statements, bank account
statements, telephone or utility
statements
Eliminates the need for the user to
frequently visit the web site to download
Ensures constant interaction with the bank
and the customer
Customized ads for the users
Increases the brand identity of the owner
© Pawaa Software 37

38. PawaaDOCS – SaaS application
© Pawaa Software 38

39. Thank you.
Prakash Baskaran
prakash@pawaa.com
Control Protection
© Pawaa Software Freedom 39