The Data Leakage Threat
Preventing confidential data leakage has become one of the principal security challenges and compliance headaches for companies all over the world.
The increased use of cloud based services like Dropbox, Skydrive & iDrive, Instant Messaging, Skype, regular email clients like Outlook and web-based e-mail such as Hotmail and Gmail has in the last few years increased the number of accidental - and intentional - data leakage (DLP) incidents.
Careless employee behaviour is actually being considered a greater security threat than hackers - and has led to many significant ICO fines - highlighting the need for close and detailed monitoring of all data transferred outside of companies networks.
To protect your company data you need to be aware of its content. If data leaves the endpoint to the cloud, USB Stick, DVD, smartphone, tablet or in an e-mail, then you need to be sure that its content is not against your policy.
The Skype Threat
One simple example is IP telephony; you want your company to be as efficient, productive and cost-conscious as possible. You allow users or even encourage them to use Skype. Great to keep call costs low and people connected to work efficient. The downside? Who knows what files they are transferring outside the company network using Skype’s file transfer features...
With Content Aware Protection you can take control at the endpoint over what data content is allowed to be transferred using Skype for example.
Endpoint Protector adds Content Aware Data Loss Prevention for Mac OS X - the first of its kind.
What it does Endpoint Protector Content Aware module actually do?
- Prevent intentional data theft
- Prevent accidental data loss and data leakage
- Stop irresponsible data use by employees
- Monitor all data transfers, either directly or performed or through a simple copy & paste
How does it do that?
By inspecting "on the fly" ALL data transfers to and from;
- Applications like e-mail, cloud services, web-browsers, file sharing applications, etc.
- Data transfers to all portable and removable devices is inspected
- Detecting transfers of regulated data types such as Credit Card Numbers or Social Security Numbers
- Detection of keywords in files based on custom dictionaries, etc..
- Filtering of File Types
Full DLP in 4 easy steps...
1) In the Endpoint Protector management console, simply define and enable your content policy (a sample default policy included out of the box)
2) Define what content you deem as sensitive or restricted.
3) Select to scan all data transfers (to devices, applications, email, IM, online services) for sensitive data
4) Select an action (blocked and/or reported) is taken if policy violation is detected.
That's it !
A non-exhaustive list of fully monitored & controlled applications.