Overview
Challange
Understanding your Digital Asset
Solution Approach
Related Products

Overview

When traditional assets are lost, the loss is typically considered to be the summation of the purchase price and the costs of labor and material used to put an asset into production, reduced by depreciation charges and insurance recoveries. With digital assets, traditional loss valuation fails to reflect the full loss to the company, as much of a digital asset's value is based on intangibles. Here, the argument is made that without a full valuation of digital assets, managers do not know the true loss they have experienced should the asset be lost. 

The current use of information technology and the internet has increased the capabilities and connectivity of users and is constantly evolving. This evolution is constantly increasing the IT risk spectrum. IT risks are impacted heavily by a number of significant trends. 

Mobile Computing & Social Media

  • Increased vulnerability due to anytime, anywhere accessibility
  • Risk of unintended sharing, amplification of casual remarks and disclosure of personal and company  data. The availability of this data on the web facilitates cyber attacks.
  • Employees may violate company policies in terms of data leakage

Cloud Computing

  • Lack of governance and oversight over IT infrastructure, applications and databases
  • Vendor lock-in
  • Privacy and security
  • Availability of IT to be impacted by the use of the cloud
  • Increased risk to regulatory noncompliance (e.g.,SOX, PCI). The cloud also brings about challenges in auditing compliance.
  • The cloud may impact the agility of IT and organizations; the platform dictated by the provider may not align with software development and strategic needs of the user.

Cybercrime

  • Spread of malicious code in company systems causing system outages
  • The risk of theft of personal, financial and health information
  • Loss of confidential data due to external vulnerabilities
  • Financial loss due to unauthorized wire transfers

Data loss risks

Corporate data, Personally identifiable data, Customer data, Transaction data are permanent under following risks:

  • Loss or theft of laptops and mobile devices
  • Unauthorized transfer of data to USB devices
  • Improper categorization of sensitive data
  • Data theft by employees or external parties
  • Printing and copying of sensitive data by employees
  • Insufficient response to intrusions
  • Unintentional transmission of sensitive data

Impact:

  • Brand damage and loss of reputation
  • Loss of competitive advantage
  • Loss of customers
  • Loss of market share
  • Erosion of shareholder value
  • Fines and civil penalties
  • Litigation/legal action
  • Regulatory fines/sanctions
  • Significant cost and effort to notify affected parties and recover from the breach

There is no simple solution or tool that can be implemented to address the variety of data loss risks that organizations face. In order to address data loss risks, a comprehensive solution that includes people, processes and technology needs to be implemented.  

Organizational preparation

To effectively manage data loss risks, clear business objectives should be defined to drive the DLP program. As minimum you should cover

  • Prevent the intentional or unintentional disclosure of sensitive data to unauthorized parties
  • Maintain adequate security and provide usability
  • Protect customer data and brand reputation
  • Protect personally identifiable information and intellectual property
  • Reduce the organization’s risk and cost of compliance

For this you must understand first

  • What data you have
  • The value of your data
  • Your obligations for protecting that data
  • Where your data resides
  • Who is accessing your data
  • Where your data is going
  • How you protect your data
  • Your protection gaps and risks
  • How to respond to data leakage events

Mechanism to minimize the risk

Control Risky Apps Without Restricting Users / Proactive Application Control

  • Full Application Visibility
  • Context-Aware Application Control
  • To-and-from Data Flow Control

Automatically Classify Regulated Data

  • Protect data in use
  • Safeguard shared data
  • Automatically encrypt data

Data Classification

  • Automatic and Persistent
  • Content- and Context-Aware
  • Comprehensive
  • Efficient and Scalable

Device Control & Encryption

  • USB Drives are a Primary Vector for Data Loss
  • Stay in Control of Your Data Wherever it Goes
    • Provides automated, policy-based usage controls for removable media devices, including alerts, prompts, or blocks when risky behavior is attempted (e.g. trying to copy sensitive data to a USB drive)
    • Gives you forensics-quality reporting with deep visibility and continuous monitoring of data activity on a device
    • Distinguishes devices by class and allows use only by authorized individuals
    • Automatically identifies and encrypts sensitive data transferred to removable media based on classification, recipient, and destination
    • Allows you to enable auto decryption for devices with agents or password-based decryption for non-agent devices
    • Eliminates the need for individual management and encryption agents, as one Digital Guardian agent delivers unified device and file encryption, control, access, and audit policies

Email Control & Encryption

  • Provides policy-driven control over email, both fat clients and webmail, for message body and attached files — including blocking, justification, and automated encryption
  • Motivates users to change behavior and comply with corporate email policy
  • Uses automated key management to seamlessly and transparently encrypt and decrypt sensitive email messages, and protects email sent off-network with password-based encryption (AES-256)
  • Supports mobile, joint-venture, outsourced, and other partner-related work environments with WinZip password-based collaborative encryption
  • Applies email encryption only when needed

Malware Protection

  • Dynamic Malware Detection
  • Comprehensive Prevention and Containment
  • Real-time Malware Incident Response
  • Advanced Reporting and Forensics
  • Data Protection on and off the Corporate Network

Trusted Network Awareness

  • Securing Remote Access is a Challenge
  • Prevent Insecure Data Transfer. Secure transfer of sensitive data is ensured by prompting the user and blocking access until a secure VPN connection is established.

Privileged User Control

  • Privileged Users Can be a Significant Risk
  • Ensure Privileged Users can access the tools and information they need, but sensitive data remains in safe hands.
  • Context-aware privileged-user visibility
  • Secure data-usage control
  • Data policy enforcement, regardless of IT privileges
  • Tamper-resistant security, on or off the network