Fasoo Data Security Framework



Similar documents
Stay ahead of insiderthreats with predictive,intelligent security

Securing and protecting the organization s most sensitive data

IBM Data Security Services for endpoint data protection endpoint encryption solution

CyberArk Privileged Threat Analytics. Solution Brief

ForeScout MDM Enterprise

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security

Enterprise Data Protection

White paper: Information Rights Management for IBM FileNet. Page 1

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

Strengthen security with intelligent identity and access management

Preemptive security solutions for healthcare

Secure Document Sharing & Online Workspaces for Financial Institutions

Information Rights Management for Banking Seclore FileSecure Provides Intelligent Document & Data Protection that Extends Beyond Enterprise Borders

IBM Data Security Services for endpoint data protection endpoint data loss prevention solution

A Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards

RSA Solution Brief RSA. Encryption and Key Management Suite. RSA Solution Brief

How To Create An Insight Analysis For Cyber Security

SECURE FILE SHARING AND COLLABORATION: THE PATH TO INCREASED PRODUCTIVITY AND REDUCED RISK

Achieving SOX Compliance with Masergy Security Professional Services

Leveraging innovative security solutions for government. Helping to protect government IT infrastructure, meet compliance demands and reduce costs

The ForeScout Difference

Securing the mobile enterprise with IBM Security solutions

Secure any data, anywhere. The Vera security architecture

Payment Card Industry Data Security Standard

Privileged. Account Management. Accounts Discovery, Password Protection & Management. Overview. Privileged. Accounts Discovery

The Benefits of an Integrated Approach to Security in the Cloud

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

Privilege Gone Wild: The State of Privileged Account Management in 2015

IBM Security Intrusion Prevention Solutions

How To Secure Your Store Data With Fortinet

Analyzing HTTP/HTTPS Traffic Logs

Cybersecurity and internal audit. August 15, 2014

IBM Endpoint Manager for Core Protection

Data Loss Prevention Program

Preparing for a Cyber Attack PROTECT YOUR PEOPLE AND INFORMATION WITH SYMANTEC SECURITY SOLUTIONS

How can Identity and Access Management help me to improve compliance and drive business performance?

SOOKASA WHITEPAPER CASB SECURITY OVERVIEW.

SafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud

SafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud

PCI Data Security Standards (DSS)

SANS Top 20 Critical Controls for Effective Cyber Defense

Stop advanced targeted attacks, identify high risk users and control Insider Threats

Fidelis XPS Power Tools. Gaining Visibility Into Your Cloud: Cloud Services Security. February 2012 PAGE 1 PAGE 1

Injazat s Managed Services Portfolio

The Hillstone and Trend Micro Joint Solution

RightsWATCH. Data-centric Security.

Privilege Gone Wild: The State of Privileged Account Management in 2015

Information Security for Modern Enterprises

BSM for IT Governance, Risk and Compliance: NERC CIP

CONTINUOUS DIAGNOSTICS BEGINS WITH REDSEAL

10 Building Blocks for Securing File Data

Don't Be The Next Data Loss Story

A HELPING HAND TO PROTECT YOUR REPUTATION

Protecting Business Information With A SharePoint Data Governance Model. TITUS White Paper

defending against advanced persistent threats: strategies for a new era of attacks agility made possible

Cisco Advanced Malware Protection for Endpoints

DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com

2011 Cyber Security and the Advanced Persistent Threat A Holistic View

KASPERSKY SECURITY INTELLIGENCE SERVICES. EXPERT SERVICES.

Proven LANDesk Solutions

Solving data residency and privacy compliance challenges Delivering business agility, regulatory compliance and risk reduction

10 Smart Ideas for. Keeping Data Safe. From Hackers

Seclore FileSecure. Securing Information Wherever it Goes. Extending Information Security Beyond Your Border

Mobile Protection. Driving Productivity Without Compromising Protection. Brian Duckering. Mobile Trend Marketing

WHITE PAPER AUTOMATED, REAL-TIME RISK ANALYSIS AND REMEDIATION

Selecting the right cybercrime-prevention solution

Seven Things To Consider When Evaluating Privileged Account Security Solutions

Lumeta IPsonar. Active Network Discovery, Mapping and Leak Detection for Large Distributed, Highly Complex & Sensitive Enterprise Networks

TASK TDSP Web Portal Project Cyber Security Standards Best Practices

How Digital Rights Management improves Data Loss Prevention

Secure Cross Border File Protection & Sharing for Enterprise Product Brief CRYPTOMILL INC

Beyond passwords: Protect the mobile enterprise with smarter security solutions

How to Secure Your SharePoint Deployment

Where are Organizations Today? The Cloud. The Current and Future State of IT When, Where, and How To Leverage the Cloud. The Cloud and the Players

Ensuring the security of your mobile business intelligence

PAVING THE PATH TO THE ELIMINATION OF THE TRADITIONAL DMZ

endpoint Antivirus Application Control Removable Device Encryption enjoy Data protection

Cisco Advanced Malware Protection for Endpoints

Readiness Assessments: Vital to Secure Mobility

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

IBM Security re-defines enterprise endpoint protection against advanced malware

Mobile Application Security. Helping Organizations Develop a Secure and Effective Mobile Application Security Program

Security Intelligence Services.

Transcription:

Fasoo Data Security Framework

Needs for New Security Framework Significant data breach related news is continuously making headlines, and organizations involved in such breaches have suffered irreplaceable loss of intellectual property, losing customer and business partner trust, incurring considerable fines, decreasing revenue or profit or dropping in share prices. Although most organizations are constantly investing their time and efforts in information security, security related issues are happening repeatedly, and threats remain as substantial risks to organizations. In today s rapidly changing IT environment, an information security model that emerged in the early days of the Internet does not work as well as it used to. Conventional approaches have been based on the belief that information security is all about protecting network and system boundaries. However, as cloud computing and mobility are blurring the boundaries of an enterprise, defining the boundaries of a corporate network has become difficult or even meaningless. This disruptive change in the IT landscape is one of important reasons why a new security framework is required. Another reason for a new framework is to confront increasing insider threats. Traditionally, insider threat management was always on the top of the priority list for many organizations general security practices, but it has been often ignored in information security, relying on security guidelines and regulations without proper technical measures. There have been some technical measures to prevent insider threats, but most fail to mitigate insider threats. For example, enhanced perimeter based solutions like data loss prevention have been unable to stop data leaks by insiders who have gained access to the data through legitimate business activities. To be effective against insider threats, organizations are seeking a new approach and framework that is capable of enforcing persistent security policy on data, as well as the traditional security practices that include user training and background check. In addition to cloud, mobile and insider threats, advanced persistent threat (APT) has become the latest concern of CISOs. As cyber-attacks are constantly diversifying and evolving, it has become a complicated game of cat-and-mouse, and often times hackers are one step ahead in the game. There have been many efforts to detect and mitigate APT. However, it has been difficult to prevent and detect APT even after penetration, leaving organizations vulnerable to data breaches. In fact, organizations should implement a security framework that assumes your network will be penetrated, your systems infected by malware, and your data stolen. Cloud and mobile computing, insider threat and APT are forcing organizations to review and re-shape existing security frameworks to overcome challenging security issues and prevent data breaches. Fasoo Data Security Framework Fasoo The Fasoo data security data security framework framework helps organizations helps organizations to facilitate to exceptions to minimize productivity issues. Data security policies and facilitate enhance and enhance their information their information security security framework framework based based on a are constantly challenged by the unpredictable nature of data data-centric on a data-centric security security model model with with people-centric policies in usage in in a a business environment. Fasoo The data Fasoo security data framework security multi-layered approaches in complex and ever-diversifying supports framework the supports dynamic dynamic binding of binding policy with of policy rich context with rich and context allows enterprise IT environments. environment. exception and allows on-demand exception or on-demand through approval. or through The framework approval. offers The a framework unique methodology offers a unique to adjust methodology and optimize to adjust existing and optimize security Data-centric security model policies existing by security analyzing policies variation by analyzing of exception variation ratios of among exception groups. ratios In a new security framework, organizations should apply a security among groups. policy to data itself rather than controlling access to networks and systems. Within organizations, unstructured data causes lots of Multi-layered approach security issues since it is constantly being created and used by A security framework that has a data-centric security model with many different users, moved travels and stored is stored in multiple in multiple locations locations while people-centric policy may not be secure enough if it has only a while structured structured data data is generally is generally stored stored and and managed in in secure single layer of policy of policy enforcement. enforcement. The reasons The reasons are that exceptions are that environments. Therefore, it is not easy to design a security model are exceptions inevitable are in inevitable a dynamic in business a dynamic environment, business environment, and exclusions and for data, unstructured data. Organizations should incorporate a can exclusions be easily can found be easily in found real implementations. in real implementations. Exceptions Exceptions are a security policy not only for to data at rest or in transit, but also in use. temporary are a temporary deviation deviation from policy, from and policy, exclusions and exclusions are an exemption are an Fasoo The Fasoo data security data security framework framework allows organizations allows organizations to protect, to from exemption applying from security applying policy. security Fasoo policy. data The Fasoo security data framework security control protect, and control trace and their trace data their based data on based a data-centric on a data-centric security security model consists framework of a consists three-tiered of a suite three-tiered of solutions suite to of strengthen solutions to information strengthen no model matter no matter where where it actually it actually resides. resides. This This enables enables organizations to security. information Fasoo security. Enterprise The Fasoo DRM Enterprise (FED) suite DRM plays (FED) a pivotal suite role plays to to implement effective effective file-level file-level security security policies and policies granular and permission granular enforce a pivotal security role to enforce policy on security data among policy three on data layers among of data three protection. layers control permission for all control data types for all and data along types its and lifecycle. along its lifecycle. At of data the front-end, protection. Fasoo At the front-end, edata Manager Fasoo edata discovers Manager and discovers classifies the and data, classifies re-assure the data, to reapply policy policy to the to the data data unprotected due due to People-centric policy policy to policy exceptions and exclusions. and exclusions. At the back-end, At the back-end, Fasoo RiskView Fasoo A security policy on data should maintain a balance between enables RiskView organizations enables organizations to manage risks to manage holistically risks by collecting holistically and by security and and productivity to allow to allow users to users perform to business perform operations business analyzing collecting and logs analyzing of data usage logs of and data various usage sources and various that sources can be without operations interruptions without interruption since access since to access data occurs to data on occurs multiple on useful. that can Multi-layered be useful. approach This multi-layered enhances approach and completes enhances security and devices multiple devices by different by different users throughout users throughout its lifecycle. its lifecycle. This This why is level completes of the an framework. organziation s security framework. security why security policy policy on on data data should be be people-centric. The policy should be flexible and dynamically enforceable based on rich Fasoo The Fasoo data security data security framework framework is ideal for is a diversified ideal for a collaboration diversified context including content, user, device, time, location, etc. Even environment collaboration environment in the cloud in and cloud mobile, and mobile, effective effective for insider for insider threat though a flexible policy is in place, organizations need to allow management threat management and as and a last a last resort resort against against possible APT. APT.

Fasoo Data Security Solutions Fasoo data security solutions enable organizations to implement a data-centric security model, people-centric policy and multi-layered approach. Other Systems Fasoo edata Manager helps organizations discover its unstructured data residing on endpoint devices and in repositories, and then classify and protect data using FED or simple data encryption according to the organizations security policies. Fasoo edata Manager enables organizations to: Discover data residing on endpoint devices and in repositories Classify data based on content patterns defined by regular expressions Protect data using FED policy or simple data encryption Generate various reports required by regulations and compliance for data governance Based on the organizations confidentiality requirements, the FED suite controls who can access data on what device, when, and in what context. FED also allows organizations to track both authorized and unauthorized access to data, send alerts where necessary, and respond to data security triggers to prevent a possible data breach. Organizations can review security policies by analyzing exceptionally authorized access to data, and optimize them by comparing (minimizing) variation of the exception ratio among groups. Fasoo Enterprise DRM enables organizations to: Provide persistent data security throughout its entire lifecycle Enable cross-platform and multi-device support with extensive application coverage Restrict unauthorized copy and paste attempts of protected content Prevent unauthorized screen capture attempts while protected documents are in use Enforce the policy of protected documents on its derivative files Limit file access using validity time/period or device ID Revoke access of protected documents when required Leverage existing repository ACLs by integrating with backend systems Enforce policy when data is being created on PCs Authenticate unmanaged external users efficiently using email validation Provide innovative methodologies for security policy optimization Fasoo RiskView offers visualization of risks based on correlation modeling by comparing logs of authorized data usage and various sources that can be useful. Fasoo RiskView enables organizations to: Collect logs of FED, Fasoo edata Manager and other various systems Analyze statistics of retention and usage of sensitive data Define a risk index based on multiple data breach related scenarios Visualize a risk index of users and groups Help business managers determine level of intervention for risk management

Encrypt and control your sensitive data with Fasoo Enterprise DRM Last resort against insider threats and APT Enterprise Digital Rights Management Enterprise Digital Rights Management (EDRM) is the most advanced file-based security solution that allows organizations to protect, control and track sensitive documents containing intellectual property, trade secrets, personally identifiable information, and more. In contrast with conventional security solutions that protect information at the network or system level, EDRM protects information itself persistently while it is stored, being used, being transmitted, and even after transmission throughout the entire document lifecycle. EDRM is the only effective solution against document leaks by authorized insiders and malicious outsiders. With EDRM, organizations can safely share confidential documents internally and externally, liberating their business without any concern about unintended information loss. Advantages of Fasoo EDRM Fasoo EDRM enables organizations to protect documents persistently on any device at any time throughout the entire document lifecycle. It protects almost any document format, including ordinary office documents, graphics, images and engineering drawings. Fasoo EDRM is not limited to the PC platform as it is also available on mobile devices such as the iphone, ipad and Android devices. For each document, Fasoo EDRM can control granular permissions such as view, edit, print, print watermark, screen watermark and screen capture. Further constraints can be imposed, such as the number of devices, valid access period and number of times a user can access the document. Fasoo EDRM can meet the various security requirements of the different stages in the document lifecycle. Enterprises have deployed lots of application systems to share documents internally. Documents, however, become out of control and vulnerable to loss once downloaded or checked out from application systems such as ECM, ERP, SCM, CRM, PLM, EHR and more. Fasoo EDRM can easily integrate with existing systems to protect downloaded content. It is also equipped with a patented email-based authentication technology to protect documents shared externally with partners or customers. Even documents created and used on PCs and mobile devices can be secured by Fasoo EDRM before they are shared internally. Printouts and screens can be overlaid with dynamic watermarks. They help to trace the source of a potential data breach and make users more cautious about handling their printouts and taking pictures of their screens. Fasoo has transformed EDRM to set security policy automatically according to the content of document. This enhanced capability makes it smarter and easier to use. The policy can be adjusted without user intervention based on access time, device location and document usage history. This context-aware feature makes EDRM more secure without impacting usability and lessens the administrative burden significantly. By collecting and analyzing log data intelligently in real time, Fasoo EDRM can assess and optimize security policies to balance security and productivity, while alerting administrators to irregular or unusual user activities. Fasoo EDRM has become a core security infrastructure component for organizations and seamlessly integrates with the disruptive changes in enterprise IT environments. We Secure Your Data PC Server Mobile Cloud Email Printer

Key Differentiators of Fasoo EDRM Proven to scale within some of the largest enterprise environments in the world Breadth of solutions with ability to handle various enterprise requirements with 15+ years of EDRM focus Flexible data protection policy and authentication models designed to cover full document lifecycle Cross-platform and multi-device support with extensive application coverage Innovative security policy optimization Complete Data-Centric Security Architecture Sharing and Collaborating Internally Fasoo Secure Node (FSN) Secure, control and track sensitive documents created and used on endpoints Fasoo Secure Document (FSD) Secure, control and track downloaded documents beyond the controlled boundaries of content repositories Collaborating with Partners & Customers Fasoo Secure Exchange (FSE) Secure, control and track sensitive documents shared with external users Sharing Files to Your Mobile Device Fasoo Mobile Solution Secure your data on mobile platforms, not your device Monitor and Analyze Your Data Fasoo Usage Tracer Monitor and analyze user/file activities, and optimize existing security policies Printing and Displaying Your Files Fasoo Secure Print (FSP) Trace printing activities and deter information leaks through printouts Fasoo eprint Reinforce print security and help reduce costs Fasoo Secure Screen (FSS) Prevent and deter security breaches through your screen Extend Security Perimeter of Your ECM Fasoo Secure Document for IBM ECM Secure, control and track documents beyond the controlled boundaries of IBM ECM Fasoo Secure Document for SharePoint Secure, control and track documents beyond the controlled boundaries of Microsoft SharePoint

About Fasoo Fasoo has been successfully building its worldwide reputation as an enterprise DRM (Digital Rights Management also known as information rights management, IRM) solution provider with industry leading solutions and services. Fasoo solutions allow organizations to prevent unintended information disclosure or exposure, ensure a secure information-sharing environment, better manage workflows and simplify secure collaboration internally and externally. Fasoo has successfully retained its leadership in data security by deploying solutions for more than 1,200 organizations in enterprise-wide level, securing more than 2.5 million users. As the leader within the digital rights management industry providing various data-centric solutions, Fasoo continues to expand in new business areas to provide you with complete data security. Address: 197 State Route 18 South East Brunswick, NJ 08816 Contact Information: Phone: (408) 389-3097 (732) 253-5312 E-mail: inquiry@fasoo.com Web: www.fasoo.com

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information