Upload
novaccent
View
804
Download
2
Tags:
Embed Size (px)
DESCRIPTION
Basis presentatie van Seclore filesecure
Citation preview
Introduction and presentation to CEVA Logistics
&
About …About …
Seclore is a high growth information security product company focused on providing Security without compromising collaboration
Seclore’s flagship product Seclore FileSecure is used by More than 1.5 million users & some of the largest enterprises
TELEMARKETER
Information exchange in the collaborative world
Information is exchanged between Employees of the organisation
Enterprise
CUSTOMERS
VENDORS
Information is exchanged between employees & vendors & employees & customers
Competitors
What happens if an employee with privileged access leaves to join a competitor ?What happens if information shared with a vendor is lost by the vendor ?
VPN
SSL
UTM
Firewall
…
Firewalls
Underlying Issues
Share it = It becomes his (also)Ownership and usage cannot be separated
Shared once = Shared foreverImpossible to “recall” information
Out of the enterprise = Free for allTechnology & processes are only applicable within
Options for securing unstructured information
Option 1 : Control Distribution
. . .
Security Collaboration
Options for securing unstructured information
Option 2 : Control Usage
. . .
Security Collaboration
RightLocation
RightTime
RightAction
RightPerson
• WHO can use the information
People & groups within and outside of the organization can be defined as rightful users of the information
• WHAT can each person doIndividual actions like reading, editing, printing,
distributing, copy-pasting, screen grabbing etc. can be controlled
• WHEN can he use itInformation usage can be time based e.g. can
only be used by Mr. A till 28th Sept OR only for the 2 days
• WHERE can he use it fromInformation can be linked to locations e.g. only
3rd floor office by private/public IP addresses
Seclore FileSecure allow enterprises to define, implement & audit information usage “policies”. A “policy” defines :
Seclore FileSecure
Information Rights Management
Policies are• Persistent : Policies are implemented on information and all
its copies wherever they are transmitted or stored• Dynamic : Policies can be changed without having access to
or redistributing the information• Monitored : Policy changes can be monitored
User actions are• Monitored : Individual actions ( authorized AND
unauthorized ) like viewing, editing, printing etc. are monitored and centrally available in a reporting tool
Maya’sComputer
Information creation
Maya’sComputer
Manual policy assignment
Policy definition – WHO, WHAT
Policy definition – WHEN, WHERE
Owner of Document protects the file
Maya’sComputer
Manual protection
Maya’sComputer
Manual policy assignment
Hot Folder protection
Sharepoint upload
FileNet upload
Email send
Email send
Other options of applying policies
• Download of reports from transactional systems like ERP systems
• Extraction from business intelligence and reporting tools
• “Discovery” by E-discovery and content aware DLP systems– Pattern recognition– Owner and format recognition
• ...
Policy controlled information
organization
Collaboration
RightLocation
RightTime
RightAction
RightPerson
Research Dept.Research Dept.
Maya Research Associate
NealResearch Associate
Head Research
Collaboration - within
Neal’sComputer
Recipient – within the enterprise
Neal’sComputer
Rights display
After a user “accepts” the policy is when the actual content is shown to him/her
Neal’sComputer
Unauthorized print
Neal’sComputer
Unauthorized print
Neal’sComputer
Unauthorized copy
Neal’sComputer
Unauthorized copy
Neal’sComputer
Unauthorized screen grab
One more users receives File
Head ResearchComputer
Recipient – within the enterprise
This user has full control of document
Head ResearchComputer
Rights display
Policy admin
Research Dept.Research Dept.
Maya Research Associate
NealResearch Associate
Head Research
Head - Marketing
Head - Finance
Head - Legal
External reviewer
Head Research Distributes files to other Internal Employees and External Users
Collaboration - outside
External user identity management
External Reviewer's Computer
Recipient - outside
External Reviewer's Computer
Explicit authentication
External Reviewer's Computer
Unauthorized save
External Reviewer's Computer
Unauthorized save
Maya's Computer
Information audit
Maya's Computer
Information audit
Maya's Computer
Forensics
Owner (Maya) Redistributes the File with New Policy
Maya’sComputer
Old Policy Definition
Maya's Computer
Old policy
Old Policy Definition
Internal Users
External Users
Old policy
New Policy definition
Maya's Computer
New policy
Internal Users
New policy
External Reviewer Still has a file on his desktop
External Reviewer's Computer
Orphaned copies of information
External Reviewer's Computer
Policy control message
External Reviewer's Computer
The default disclaimer
Key criteria in evaluating IRM for Ceva
Format and application support
Integration-friendliness around existing IT infrastructureIdentity systemsTransactions systemsReporting and BI toolsECM systems
Auditing capabilities
External user identity management
Mature policy management and consulting services
Licensing modelUser based / Protector based
Thank You
Website : www.seclore.com
Blog : blog.seclore.com Phone : +91-22-4015-
5252