Clearswift Critical Information Protection Management Server & Agent
Clearswift Critical Information Protection Management Server & Agent By controlling where sensitive data resides and how it is used on endpoint devices, organizations can manage information security, governance and compliance risks and identify control priorities. The Clearswift Critical Information Protection (CIP) Management Server and Agent supports a combination of security features – including device control, deep content inspection, remediation actions, encryption and comprehensive auditing. Deep content inspection Clearswift CIP is a fully content-aware endpoint data loss prevention solution that provides complete visibility and control of data transferred from the endpoint and stored on it. The transfer of critical information can be logged, blocked or encrypted and the solution provides automated policy-based remediation. The Critical Information Protection Agent scans files for sensitive content and based on a granular organizational policy it provides the necessary flexibility to permit multiple behaviors, depending on the user and destination of file operations. Device control The ability to control users connecting personal USBs or smart devices to the corporate network has become a critical security requirement. Sensitive data can be lost and malicious applications can be introduced to networks due to the uncontrolled use of removable media. The CIP integrated device control provides granular management of removable media, permitting the legitimate productivity-enhancing use of these devices whilst reducing network risks and support costs – resulting in increased data security. Context-aware Data in Use (DIU) policies Flexible policies and context-aware content inspection mean that you no longer have to choose between the productive use of removable media and unacceptable risk. A policy which is too restrictive means that people either cannot work effectively, or they will find ways to bypass their security policy. Rules can be created that block all spreadsheets containing particular keyword terms from being copied to external devices. Alternatively, these files can be encrypted when transferred – which ensures that the contents of a USB cannot be read if it was to be left behind in a taxi or in another public place. Discovering Data at Rest (DAR)* By using the Clearswift Deep Content Inspection Engine, critical data can be discovered wherever it is stored on desktops, notebooks, servers and shared networks. This enables organizations to audit and manage critical information cleanup within data at rest. As with ‘data in use’ policies, built-in and customizable lexical expressions are included, which enables discovery of critical information such as Data Protection Acts of the Länder, Privacy Act, PCI, HIPAA and GLBA. Running in the background, utilizing advanced throttling techniques, the agent silently discovers critical information without interrupting end user activity. This provides unprecedented insight into potential data protection vulnerabilities that exist on your networks and systems. *November 2014 Data Sheet www.clearswift.com www.clearswift.com Educate users The key to an effective information security management policy is educated end users. The CIP can notify users of the risks involved when transferring critical information to unprotected devices, allowing them to specify a reason for the activity before the file is allowed to be transferred. Protect critical information to comply with regulations Staying within the bounds of a regulatory framework is paramount. By encrypting files, organizations can ensure that they comply with regulation, while facilitating the legitimate and productive use of removable media. Flexible policies can be built to enable the transfer of non-sensitive data such as sales brochures, whilst encrypting and protecting files that do contain critical information. Integrated policy management The interface of the Critical Information Protection Management Server is powerful, yet simple to use. With pre-defined lexical expressions, file name lists and media types, it’s easy to build policies, manage violations and report on trends and behavior. In this way, valuable insight is provided without consuming valuable admin resource. Integration with the award-winning Clearswift SECURE Email and Web gateways enables teams to share policy elements, which ensure the consistent application of content rules and compliance with regulations. | 2 | Clearswift Critical Information Protection Management Server and Agent | October 2014 | Data Sheet www.clearswift.com The Critical Information Protection Agent enforces flexible, content-aware policies and can carry out different actions depending on the content policy. Block Encrypt XLS Notify Audit Reporting and Monitor Mode Clearswift is able to provide a useful proof-of-value exercise by running the CIP Agent in ‘Monitor Mode’, where organizations can see the results of their policies without the operation executing in ‘Active’ mode. The results are provided by Clearswift’s reporting function, which shows where critical information resides, who is using endpoint devices and what information is being transferred to unsecured devices. Reports will generate a detailed audit of discovered date, devices connecting, and the information transferred to and from the device by each user. The audit is unnoticeable to the end user, so that data and device details can be collected without the user changing their behavior. This helps organizations to understand the usage patterns and business requirements for removable media. Flexible deployment options You decide how you want to buy and deploy the Critical Information Protection Management Server. It’s supplied either as a pre-installed hardware appliance, as a software image that can be loaded on a choice of hardware platforms – or virtualized in a VMware environment. Discover critical information at rest on endpoint devices and take appropriate remediation actions according to policy, reducing the risk of breaching data protection regulations. Delete XLS Move Encrypt Notify | 3 | Clearswift Critical Information Protection Management Server and Agent | October 2014 | Data Sheet www.clearswift.com About Clearswift Clearswift is trusted by organizations globally to protect their critical information, giving them the freedom to securely collaborate and drive business growth. Built on an innovative Deep Content Inspection engine, our unique Adaptive Redaction technology enables deploying a data loss prevention solution simply and easily, forming the foundation of an Information Governance vision, for organizations to have 100% visibility of their critical information 100% of the time. Clearswift operates world-wide, having regional headquarters in Europe, Asia Pacific and the United States. Clearswift has a partner network of more than 900 resellers across the globe. More information is available at www.clearswift.com Feature Clearswift Critical Information Protection Management Server & Agent Flexible Policy Granular policy controls Easy to define policies to allow legitimate usage while minimizing risk. Directory Integration Create policies based on Active Directory users and groups, simplifying policy development and deployment. Flexible policy Flexible and granular policies enable both a white list and black list approach. Offline policy enforcement The agent will enforce policies and continue to track device and file activity, regardless of whether the agent is connected to the network or offline. Content-aware Data Loss Prevention Clearswift content inspection engine The agent utilizes the same award winning and market proven deep content inspection engine as Clearswift Gateway solutions. Lexical analysis and regular expressions Search file content for key words and phrases using simple expressions or more complex regular expressions to identify sensitive data. Pre-defined critical information list templates Credit card, bank account, social security and national security numbers can be easily detected. Shared policy details with Clearswift solutions Ensure consistent policy development and enforcement by sharing lexical expressions, file names and media types with the Clearswift SECURE Gateways. Discover Critical Data at Risk (version 2.0) UK - International HQ Clearswift Ltd 1310 Waterside Arlington Business Park Theale, Reading, Berkshire RG7 4SA Tel : +44 (0) 118 903 8903 Fax : +44 (0) 118 903 9000 Sales: +44 (0) 118 903 8700 Technical Support: +44 (0) 118 903 8200 Email: [email protected] Australia Clearswift (Asia/Pacific) Pty Ltd 5th Floor 165 Walker Street, North Sydney New South Wales, 2060 Australia Tel: +61 2 9424 1200 Technical Support: +61 2 9424 1210 Email: [email protected] Germany Clearswift GmbH Landsberger Straße 302 D-80 687 Munich Germany Tel: +49 (0)89 904 05 206 Technical Support: +49 (0)800 1800556 Email: [email protected] Japan Clearswift K.K Shinjuku Park Tower N30th Floor 3-7-1 Nishi-Shinjuku Tokyo 163-1030 Japan Tel: +81 (3)5326 3470 Technical Support: 0066 33 812 501 Email: [email protected] United States Clearswift Corporation 309 Fellowship Road, Suite 200 Mount Laurel, NJ 08054 United States Tel: +1 856-359-2360 Technical Support: +1 856 359 2170 Email: [email protected] Flexible and efficient discovery scans Advanced filtering and throttling functionality accelerates scans and eliminates end user impact. Agent or agentless discovery scans Discover sensitive data on local drives or shared network drives. Remediation actions The solution provides remediation through automatically moving, encrypting or deleting critical data. End User Education End user notifications Educate end users about the risk of using removable media containing critical information by notifying them of policy violations and acceptable use of devices. Configurable messages The administrator can specify and edit the message displayed to the end user when a specific policy is breached. Regulatory Compliance Compliance dictionaries Editable compliance dictionaries including GLBA, HIPAA, SEC, SOX, PCI and PII are included to minimize reputational and terminology risks. File encryption Enable legitimate productive use of removable media while ensuring regulatory compliance by encrypting relevant information (via ZipCrypto). Data at rest remediation Ensure compliance by removing regulated information from endpoint devices. Control Devices Monitor and control Enhance productivity with granular control of devices, allowing legitimate and productive business use of devices. Limit device access Reduce risks by selecting the device types that can connect to the network and who can connect them. Management Intuitive web based interface Easy to use, without requirements for complex syntax or Linux commands. Role-based access Granular role based access to the Critical Information Protection server ensures server integrity is maintained. Small agent footprint Simple to deploy, the agent installs silently on users’ PCs without interrupting their day-to-day activity. Platform compatibility Agent compatible with Windows 7, Windows 8 and 8.1 and Windows Server platforms 2008 and 2012. | 4 | Clearswift Critical Information Protection Management Server and Agent | October 2014 | Data Sheet www.clearswift.com
© Copyright 2024