Transcription
SecloreOverview6 April 2014
Who We Are High-growth Information Rights Management (IRM) softwareproduct company Global Headquarters – Mumbai, India Customers in India, Middle East, Europe, South-East Asia Incubated and promoted by IIT Bombay (2006-08)oTechnology commercialization program “SINE” (www.sineiitb.org) 100 employees 250 clients, 3 millions users Geographic coverageoDirect – South Asia, Europe, North America, Middle EastoIndirect – Africa, South America, North Asia
Awards & Recognition20122013Seclore was named in the Deloitte Technology Fast 50 for 2012, andagain in 20132012Seclore was named as the Gartner Cool Vendor for 20122010Seclore was in 2010 global list of "Hidden Gems" in Identity and AccessManagement2010Seclore was among the top 10 finalists in the Innovations Ideas inPractice 2010 by IIT, Bombay Alumni Association, Pune2009Seclore was among the top 25 in the Marico Innovation for India 2010Awards2009The TR35 award is for innovators, whose inventions and research,Massachusetts Institute of Technology (MIT) finds exciting
Global Presence Partnerships with leading SI companies like IBM, Wipro, HCL etc. for globalimplementation, integration and support Customers and partners spread across timezones, languages and culturesPrivate and Confidential4
Seclore FileSecureTHE PROBLEM
Enterprise Information , Documents,Folders, Emails
Traditional information security approachCreate a boundary around the informationandControl who can access itSecure the Endpoints Servers Network Sharing methodPerimeter Securityworks within the Enterprise
but what about information going outside?Very often, information needs to traveloutside the enterprise boundary ersEvery enterprise needsExternal Collaboration
Today’s RealityThere isNOperimeter!!!
So, can I secure my information?Information sentoutside theenterprise boundaryis impossible tocontrolControls arelimited toNDAs?
Seclore FileSecureTHE SOLUTION
What Seclore FileSecure controlsTOP SECRETPOLICY 1CONFIDENTIALPOLICY 2INTERNALPROTECTORPOLICY 3PUBLICPOLICY 4
Policy AttributesPermanenceProtection will always persist with the fileRemote-ControlChange your protection policy,sitting anywhere in the worldAudit TrailAll activities on file tracked:Users, Activity type, Date/Time, Location
The dream is reality!
The Past and the FutureSecure YOUR informationregardless of how it is shared ordistributedDevice restrictionsBYOD, CD’s, Pen drives, etc.Service restrictionsEmail, Internet access, Filetransfers, etc.Seclore FileSecure removes the need forthese restrictions
Audit the Usage of Information WHO accessed the file, WHAT did the user do, WHEN & WHERE, is all captured fromdistributed usage environments and reported centrally These audit reports can be sliced and diced using a report builder, and can be used incompliance reporting for frameworks like ISO 27001, Sarbanes-Oxley, GLBA, PCI-DSS,HIPAA, etc.
Seclore FileSecureDATA CLASSIFICATION
Holistic information loss Content Inspection(aka Data LeakagePrevention, DLP)
Data Classification Identifies sensitivity of information Provides a convention for information labels Educates the users on how to use ion to be strictly used within the organization. Unauthorizeddisclosure of such information can have serious business impact E.g.Business plans, strategy, financials, trade secrets etc.ConfidentialInformation to be shared on a ‘need to know’ basis only. Unauthorizeddisclosure can impact some part of the business. E.g. Customer data,Employee data, partner agreements etc.InternalInformation that may be shared with any employee.Unauthorized disclosure cannot significantly impact the business. E.g.Operation procedures, product documents, internal reports etc.PublicInformation that may be shared with anyone. Unauthorized disclosuredoes not have any business impact. E.g. Product features, publishedpricing, publishedreports etc.Private and Confidential19
Seclore FileSecureMODES OF PROTECTING INFORMATION
1. Manual ProtectionA document on user desktops/laptops can be manually protected by using mouseright click option or as soon as the document is created on a user driven promptor predefined settings
2. Folder Based ProtectionA document gets protected as soon as the document is placed in a certainlocation: E.g. Folder / File Server.
3. Email ProtectionA document gets protected along with the email content by using FileSecure’semail protection functionality.
4. Document Management System ProtectionA document gets protected via integration with content management systemssuch as MS Sharepoint, IBM FileNet, EMC Documentum, Omnidocs etc.
5. Content Discovery (DLP)A document gets protected as soon as it is “discovered” or “tagged” by a DLP systemView only orksStoreddataDLP PolicyInstantMessageMonitoring & PreventionDiscovery & ProtectionFileServersView Edit accessFTPWebserversSharePoint /Lotus Notes /ExchangeDatabasesUnauthorizedSeclore FileSecurePolicy ServerAll DLP processes monitoring Endpoint, Network and Storage can invokeFileSecure API to protect file-based content
Integration OfferingsContent / Document Management:IBM FileNetNewgen OmnidocsMS SharepointEMC DocumentumData Loss Prevention:Websense DLPSymantec DLPMyDLPMcAfee DLPGTB DLPMail & Messaging:IBM Lotus NotesOracle CollabSuiteMS Exchange
Seclore FileSecureINDUSTRY USE SCENARIOS
Outsourced Printing – Protected by Seclore12Protected usingSeclore FileSecureData file generatedData file sent to outsourcedprinting vendor34Protected data file downloaded and savedProcessed in Printing Application; Protectedprint-ready output file generated5Protected print-ready files printingusing a Windows spoolerThese policy documents / account statementsare now ready to be dispatched
Secure Outsourcing - Use Case Scenario Client Document is thendistributed internallyView only accessView Edit accessBPO /KPO /LPOSeclore FileSecurePolicy ServerUnauthorized
Selected Industries’ Use CasesManufacturingKnowledge Process OutsourcingClient LiabilityPlan SpecificationsAn existing plant was beingdecommissioned and shipped toanother location forreconstructionThe liability of the client’s confidentialinformation is passed on to theoutsourcing firm through contracts ofagreementsResearch IPSeveral research relateddocuments that contain theorganization’s primary intellectualpropertyFreelancersPlant CommissioningThe new plant to be constructedinvolved external consultants andvendors who would work on thedesigns and specificationsPharmaceuticalKnowledge ManagementThe KM portal is made accessibleto everyone within theorganization. This is a hugearchive of intellectual propertyTendering ProcessProduct DossiersThe data processing and operationsinclude freelancers who enter intotemporary relationships for shortperiods onlyA product dossier contains thecomplete information for a drugmolecule. Loss of this informationcan cause serious financial impactOperational PlansInformation DistributionLocation RestrictionOperational strategy, budgets andstrategic focus areasThe information distributionmedium was difficult to secure dueto constraints on infrastructureInformation usage was required tobe restricted to a certain locationonly. It should not be availableanywhere elseOperational ReportsManpower TurnoverManpower TurnoverPeriodic reports on operationalmetrics like output quality wastage,equipment utilization machinerybreak-down chartEngineering ServicesDue to nature of the industry themanpower turnover is quite high,which increases the potential fordata leakageManpower turnover is a seriousthreat to the information security.Key people could leave theorganization with its IPEach project tender contains verysensitive information relating topricing structure, materials costingand rate contractsConsulting ServicesThe final deliverable is a set ofrecommendations that aredelivered as a document- This is intellectual propertyDesign SpecificationsDesign specifications are shared withvendors and fabricators - data shouldnot be accessible after the project eSecure helped to ensureinformation can be restricted to thegroup of people who require informationFileSecure helped to ensurecollaboration without compromising onsecurity given the constraints oninfrastructure and involvement ofexternal partiesProduct dossiers and research reportscould be freely shared with externalparties and still be controlled fromwithin the organizationFileSecure implemented across multiplefirms within the group including EPC andmanufacturing units Sharing of the most confidential IPrelated information did not compromisethe information security controls FileSecure capabilities to restrictprinting, copying and screen capture arebeing used extensively. External partieshave access to this data but cannotmisuse it AutoCAD drawings are being widely usedwith the standard AutoCAD software andAutoCAD viewers The customer liability was significantlyreduced It was possible to securely scale theoperations and work with freelancersPrivate and Confidential
Thank You! And Questions Seclore Technology Pvt Ltdwebsite: www.seclore.comemail:geet.lulla@seclore.com
All DLP processes monitoring Endpoint, Network and Storage can invoke FileSecure API to protect file-based content 5. Content Discovery (DLP) . Websense DLP McAfee DLP Symantec DLP GTB DLP MyDLP Mail & Messaging: IBM Lotus Notes MS Exchange Oracle CollabSuite. INDUSTRY USE SCENARIOS
