Every company runs the risk of its sensitive, business or proprietary information
getting out of the company's IT system through uncontrollable channels. The losses
caused by such data movements can be estimated at billions of dollars every year,
it does not only mean that the data are acquired by unauthorized persons, but
the business reputation of the company is also damaged, and the appearance of
the leaked data in the public domain also causes losses that can be expressed
in monetary terms.
In order to avoid these losses, companies have to make more and more efforts,
since on the one hand the number of data loss channels is increasing constantly,
on the other hand, the laws and other statutory requirements regulate the data
protection more and more stringently. These requirements may apply to healthcare
institutes, companies listed on the stock market, banks, financial institutes
and agencies of national defense:
- Health Insurance Portability and Accountability Act (HIPAA)
- Sarbanes -Oxley Act (SOX )
- Gramm-Leach-Bliley Act ( GLBA)
- International Traffic in Arms Regulations (ITAR)
- Payment Card Industry Data Security Standard (PC I DSS )
In order to avoid these losses, the affected companies need a well-managed solution,
capable of controlling all data movements, with statements and reporting options.
McAfee Data Loss Prevention - The full scale solution
The solution of McAfee DLP eliminates this gap. I.e., in addition to the already
existing protection solutions (and it must be emphasized that not instead of them,
since DLP IS not a firewall or IPS product) it protects the critical data of the
company and controls access.
McAfee Data Loss Prevention (DLP) is the most comprehensive industrial solution
for the prevention of data loss through malicious or even accidental intrusion.
Uniquely in the market, McAfee offers its DLP on solution applicable on both network
and user level as part of a full risk management portfolio.
Levels of protection
If we need full protection, we must to control our data on the following channels:
- USB tool (even by using Whitelist tools)
- Memory card
- CD, DVD
- floppy diskette
- File server
- HTTP, FTP
-Application level protection
- E-mail sending
- Uploading onto the web, web-based mailing
- Screen capture programs
- Peer-to-Peer networks
- Instant Messaging applications
Those companies who do not need this full functionality or require gradual implementation,
have the option of purchasing the product components separately, implementing
the protection and supervision of, for example, only external tools.
Microsoft Windows content protection services (Rights Management Services)
The Rights Management Services of Windows Server 2003/2008 and Windows will protect
the information in collaboration with the applications, wherever the information
is stored, thus fulfilling the needs of those customers who work with confidential
Web contents, documents and e-mails. RMS addresses the importance needs of large
corporations and institutes: it provides a new type of protection for confidential
information, for example, for plans on company mergers and acquisitions, loan
applications, payroll information, status reports on products.
The benefits of RMS service are available through various applications (word
processors, mailing applications, business applications, etc.). The users are
able to specify what kind of permits belong to a given document or letter, they
can specify the conditions of use, for example, whether a particular document
is about to be printed, is the addressee authorized to copy or forward it. Companies
can create templates, by which they can make the process of the application of
the rights simpler and ensure compliance with the internal policy of the company
RMS provides permanent protection, which means that the defined rules travel
together with the data, wherever the data are sent. This complements the already
existing perimeter network solutions applied (firewall, access regulation list),
we specify who should have access to the documents and files.
On the server side Windows Server 2003/2008 systems are necessary for running
RMS, and on the Microsoft Internet side RMS updates are required (downloadable
free of charge). On the client side a system enabled for RMS is necessary, which
is the following for Windows client systems: Windows XP operating system or higher.
Windows client systems need updated API interfaces for this, which are available
free of charge through Windows Update.
An existing Active DirectoryR is necessary for the user authentication operations
of RMS. It can also be integrated with other devices (smartcard, biometric tools).
We recommend Microsoft RMS service to companies for whom it is important to regulate
user rights attached to documents and letters, the integrity of information contained
in the documents, furthermore, to companies that consider it important to use
a homogeneous system (Microsoft products).
Synergon recognized user demands built on the importance of data security in
time, thus its solutions provide protection for every kind of risk that may occur.
Synergon is a market leader in Hungary in the field of IT security. In collaboration
with partners who produce global leading IT security solutions, we offer solutions
that make the operation of the IT system more efficient and easier to run, and
thus they contribute to the simpler and more problem-free operation of the enterprise.
Thus the Customer can be sure that we provide solutions by which the increased
needs for information protection can be covered fully.
Questions to be considered
Does the protection of business or personal data play a key role in security
Is there a legal requirement for data protection that the organization has to
observe? Would you like to ensure compliance with this in the shortest possible
Has it ever happened that you lost data stored in a stolen device?
What is your existing protection for sensitive data against data loss or theft?
What workstations do employees of the organization use? (notebooks, desktop PC,
mobile tools, smart phones) How many units do they have of these? Are any of these
the property of the user?
If you consider the implementation of a data protection solution, what solution
would that be? (SW based full disk encryption, hw based full disk encryption,
SW based file/folder level encryption)