Professional Documents
Culture Documents
About InfoWatch ....................................................... 3 Our Customers .......................................................... 3 Select the right InfoWatch solution to fulfill your business needs ......................................................... 4
Data Loss Prevention & Protection (DLP) ......................... 4 Intellectual Property Protection ......................................... 4 Risk Management and Compliance .................................. 4 Customer Experience and Reputation Management ........ 4 InfoWatch guide to successful DLP implementation ....... 21 What you gain with InfoWatch DLP solution ................... 21
Technology Excellence ............................................ 6 InfoWatch Traffic Monitor Enterprise Product Overview .................................................................... 7
Product Architecture ......................................................... 7 Data Monitoring and Protection ......................................... 8 Analysis and Decision Making Engine .............................. 9 Data Archiving and Reporting ........................................... 9 Vertical Industries Served ............................................... 10 Benefits ........................................................................... 10 Key Features in Traffic Monitor Enterprise 4.0* .............. 11 System Architecture ........................................................ 12 System Requirements ..................................................... 12
Success Stories....................................................... 34
InfoWatch Helps Prime Focus, a Global Visual Services Group, Protect Intellectual Property ............................... 34 InfoWatch Supports Raiffeisen Bank Russia in Securing Bank Data Confidentiality ................................................ 36 InfoWatch Supports Leading Russian and CIS Mobile Operators in Their Data Protection and Compliance Efforts38 InfoWatch Safeguards Banking Sensitive Data, Simplifies Security Risk Management and Ensures Compliance at First Energy Bank of Bahrain .......................................... 40 InfoWatch Group of Companies Contact Information ...... 42
Select the right InfoWatch product for your goal 19 Data Loss Prevention & Protection (DLP) ............ 19
Information Control is a Business Priority ....................... 19 InfoWatch DLP Solution Components ............................. 20
Partner Contacts:
www.infowatch.com/contacts
About InfoWatch
InfoWatch is a group of innovative technology companies focused on developing and providing cutting-edge comprehensive technologies and services dedicated to Data Loss Prevention & Protection, Intellectual Property Protection, Customer Experience and Reputation Management, as well as Risk Management and Compliance solutions. The company was founded in 2003 as a spin-off of Kaspersky Lab, subsequently acquired its first clients in 2004 and in the recent years has matured into a dynamically growing independent enterprise which currently remains amongst the top leaders on the global software market. InfoWatch group of companies includes several organizations working in the sphere of information security, corporate information security and linguistic analysis, namely InfoWatch, Kribrum and EgoSecure. With over 8-years of experience in data analysis and protection research InfoWatch has elaborated a strategic approach emphasizing on the development and implementation of comprehensive data monitoring and analysis solutions. Businesses and government agencies rely on InfoWatch solutions when they make a strategic decision on being aware of the business-related information flows within the organization and even outside its boundaries.
Mission
With over 8 years of extensive realworld software development expertise InfoWatch is committed to becoming a leading enterpriselevel IT solution provider on the market empowering its customers with a mixture of world-class technologies and services.
Our Customers
Finance/Banking Telecommunication s Manufacturing Media Energy & Power Government
Ministry of Finance
Ministry of Customs
Partner Contacts:
www.infowatch.com/contacts
CryptoStorage Enterprise + + +
KRIBRUM
+ +
4
Our Products
InfoWatch Traffic Monitor Enterprise
Comprehensive modular software solution designed to prevent leakage or unauthorized distribution of sensitive corporate data. InfoWatch Traffic Monitor Enterprise acts both as an endpoint sentry, enforcing policy at the PC level, and as network gatekeeper monitoring unstructured data traffic to ensure sensitive data is not leaked or exposed via email, webmail, social networking, instant messaging, or other online channels. Our solution features: Identification of sensitive data with unmatched precision, combining application of several analysis technologies Reliable protection of enterprise security perimeter through the control of most common data transfer channels such as email (SMTP), web (HTTP(S)), instant messengers (OSCAR-based IMs 40+ client types are currently supported), as well as removable data storage devices, local or network printers Automatic analysis and decision making: the solution automatically detects sensitive data and renders a comprehensive verdict on its further handling according to security policies Fast time-to-benefit: a set of preloaded industry-specific data processing and decision making rules and policies enable enterprises to immediately benefit from the data protection solution Forensic Storage for monitoring current activity with sensitive information (online queries) and retrospective analysis and investigation (analytic queries) Flexible deployment options: inline, ICAP and interception via copy mode (SPAN, port mirroring, etc.) Support for standard RHEL-core for low-level traffic interception to avoid possible hardware incompatibility issues Information security metrics for use in risk management and compliance processes Toolset for meeting various standard and compliance requirements Built-in reports and queries for real-time and historical incident assessments High performance and reliability
High performance during encryption and decryption Centralized logging of all actions with protected information for extensive customizable reporting Strong encryption algorithms used: AES 128/256
InfoWatch KRIBRUM
Cloud-based social media monitoring solution to help companies manage their reputation by improving customer experience and leveraging customer opinion expressed online for market-winning product development. Evaluate corporate brand perception by Internet audience and compare your own and competitive brands Detect unfavorable discussions concerning your company and resolve them by addressing negative comments directly to mitigate reputation risks Analyze customer reviews to detect product / service flaws and improve it Analyze customer support services efficiency and improve customer care immediately Analyze and improve marketing campaigns efficiency, define market trends based on informal customer opinions
Technology Excellence
Proven InfoWatch technologies are designed to control all major data transmission channels to perform complex data recognition, analysis, storage and encryption. While working with enormous amounts of unstructured data our products utilize sentiment scoring, contextual, morphological and linguistic analysis (support for English, Arabic, Vietnamese, German, French, Italian, Spanish, Russian and other European languages), optical character recognition (OCR), template and digital fingerprint analysis technologies. All of those together make InfoWatch products extremely efficient for unstructured data analysis. For the best-in-class content analysis we are proud to present our Autolinguist feature that enables automatic creation of data processing rules and technology framework or can be used for verticallyadapted data processing rules and technology framework customization for each industry served. To accomplish the highest level of data safety you are able to maximize the use of our genuine folder/container/full disk encryption tools. Searching for opinion on your brand online you will not miss a thing when using our proprietary web crawler along with getting all the data crystal-clear and properly arranged with efficient SPAM/duplication filtering and sentiment scoring technologies.
www.infowatch.com
2011, InfoWatch
End-point Protection
Device Monitor Transparent Data Encryption*
Decision Making
Allow data transmission Block Further processing
www.infowatch.com
2. Analysis and Decision Making Engine Data Analysis component is comprised of:
Metadata analysis technologies used to effectively analyze formal attributes within a particular sensitive information piece: who, when and where transmits the data, its file type, name, size and etc. File header analysis and Optical Character Recognition (OCR) technologies are utilized to perform data analysis for identification purposes to accurately identify drawings, designs, multimedia content and a variety of other types of data. Afterwards this data is converted into text providing an ability to subsequently analyze it with unmatched precision Content analysis technologies include: Linguistic analysis technology to analyze unstructured data and define its subject (category), sensitivity level, etc. Digital fingerprinting technology to identify previously labeled confidential quotes within the information flow Templates analyzer technology to control template-based data, for example, social security or tax file numbers makes it possible to produce a decision to allow or block the data being transmitted, as well as provides an opportunity to request for further data information processing for an authorized officer to review or seal with an "IRM-Encrypted" stamp.
3. Data Archive and Reporting Module Data Archive and Reporting component
Forensic Storage is a centralized protected archive that stores the intercepted data for a defined period for analytics and reporting purposes. It also comes with an intuitive graphical reporting system that enables online & retrospective queries to effectively analyze captured essential data and delivers comprehensive statistic reports.
www.infowatch.com
2011, InfoWatch
When the data is copied to removable mass-storage devices (26 device types are currently supported), printed or scanned, the local agent makes shadow copies of all the files (including text extraction from graphics formats using Optical Character Recognition) and can even block the transmission process entirely. The data captured by InfoWatch OCR technology is subsequently converted into text providing an ability to analyze it with unmatched precision. Moreover, these shadow copies are collected within the Forensic Storage archive, where they are classified according to meta data attributes, such as User PC ID's, dates and times when the data was actually copied or printed, as well as file names, file size and etc. To achieve a maximum level of security InfoWatch CryptoStorage Enterprise software endpoint agent can be used to encrypt corporate data that is copied to external media devices or stored on user workstations including laptops.
In accordance with existing privacy regulations special legal or workers council permission is required to enable full-text search. 2011, InfoWatch 9
www.infowatch.com
The integrated graphical reporting system clearly shows the specifics of sensitive information flow. For example, graphic reports can be applied to track uploading confidential information to various web sites, etc. Depending on an InfoWatch solution type selected by the customer Forensic Storage archive may include up to 60 preloaded report templates and queries. Customized reports and search functionality are available upon request.
Benefits
Accurate identification of sensitive data with combined application of several analysis technologies Reliable protection of the enterprise security perimeter thanks to the control over the most common data transfer channels, data copying and printing Support for multiple file formats including popular and industry-specific file types Preloaded data processing and decision-making rules (finance and banking, telecommunications, manufacturing, media, energy & power and government) allowing enterprises to immediately benefit from an information protection solution Forensic Storage Archive for data classification, monitoring of current actions with sensitive information (online queries) and retrospective analysis, investigation (analytic queries) and reporting Flexible deployment options: inline and monitoring mode High performance, scalability and reliability Integration with transparent data encryption software (InfoWatch CryptoStorage Enterprise)
www.infowatch.com
2011, InfoWatch
10
www.infowatch.com
2011, InfoWatch
11
System Architecture
System Requirements
Hardware requirements for particular InfoWatch Traffic Monitor Enterprise and CryptoStorage deployment are based on the number of workstations (users). Typical configuration to monitor a range of 100-3003 users is provided below:
Server type Traffic Monitor server Quantity in cluster: 1 unit Server configuration
4
Server HP Proliant DL360 G7, 4 SFF Cage 2.5", 2x SAS SFF (2.5)HP 300GB 6G SAS 10K, 2x X5560 2.80 GHz, 4GB , P410 0MB(RAID 1,0), DVD, 2x 460W PS, ILO std (text console) Red Hat Enterprise Linux Server release 5 upd 7, x64 HP ProLiant DL380 G7 , 8 SFF Cage 2.5" , 8x SAS HP 146GB 6G SAS 15K, E5540 2.53 GHz, 12GB, P410 512MB(RAID 1,0,5) BBWC, DVD, 2x 1200W PS, ILO std (text console) Red Hat Enterprise Linux Server release 5 upd 7, x64 Server HP Proliant DL360 G7, 4 SFF Cage 2.5", 2x SAS SFF (2.5)HP 300GB 6G SAS 10K, 2x X5560 2.80 GHz, 4GB , P410 0MB(RAID 1,0), DVD, 2x 460W PS, ILO std (text console) Windows 2003 Server Service Pack 1 .NET Framework 2.0 SP1 MS Windows (2000 Server, XP, 2003, Vista). Hardware requirements; Pentium-4 3 GHz, 1Gb of RAM, 50 Mb of hard drive space
Forensic storage server 3 (three) months Data storage period for this configuration Device Monitor server
1 unit
1 unit
CryptoStorage server
1 unit
InfoWatch Traffic Monitor Enterprise is capable of supporting up to 20,000 simultaneous users, handling all their traffic within a single Data Center, which is field-proven by InfoWatch customers worldwide. The corresponding hardware requirements could be provided upon request. Please contact us at IW-Global@InfoWatch.com to calculate your configuration. 4 InfoWatch Traffi Monitor Enterprise supports installation on a wide range of hardware manufactured by various vendors, including virtual machines. www.infowatch.com 2011, InfoWatch 12
Another issue arises as the workplace increasingly goes mobile. Today corporate confidential data, such as signed contracts or software code, market research or product plans, patients healthcare records or customer information and a variety of other information types resides mostly on employees laptops rather than in a secure corporate IT environment. In this situation, loss of a device or access of unauthorized people to the information stored on it becomes much more of an issue than ever before. Traditional password protection of a laptop by integrated OS tools demonstrates its ineffectiveness. When being accessed from the other OS or hardware the data storage gets accessible again so the data can be read, copied or damaged by an unauthorized party. This particular trick and many others are never going to work while using InfoWatch CryptoStorage protection.
Product Architecture
InfoWatch CryptoStorage Enterprise protects confidential corporate data stored on corporate servers, employee laptops, mass-storage devices, in virtual environments or cloud architectures against unauthorized access and disclosure. This client-server software product features sensitive data encryption (for laptops, desktops, USB drives, optical media, local and network folders), centralized management of information access rights and reporting. To enable employee access to the information either a password or two-factor authentication can be used. Both approaches prove efficient in protecting information against unauthorized access. Integrated resilience tools allow restoring access to the information in case of system errors during encryption.
5 6 7
InfoWatch Global Data Leakage Report 2010 Ponemon Institute. The Cost of a Lost Laptop Ponemon Institute. The Cost of a Lost Laptop 2011, InfoWatch 13
www.infowatch.com
CORPORATE NETWORK
Product system architecture To contribute to business continuity and to securely recover access to the protected information in case the employee leaves the company, forgets the password or loses his/her secret key, InfoWatch CryptoStorage Enterprise comprises a supervisory group feature. This feature can be enabled by product setup. The supervisory group includes several trusted employees (InfoWatch CryptoStorage Enterprise users) whose secret keys can be used to restore access to the encrypted information. For additional data security the access can be restored only when a certain set of keys specified by product setup number of supervisory group members (quorum) are available. Encrypted information (copied to a USB, for example) cannot be accessed outside the corporate network even by an authorized user without a special permit, issued by the InfoWatch CryptoStorage Enterprise server on a case-by-case basis. All actions with protected information are logged and stored for further analysis. Data-at-rest protection and cloud security InfoWatch CryptoStorage Enterprise features protection of information on local machines, in network repositories, virtual environments and cloud architectures. Encrypted information can be read only by its owner or users to whom the information owner allowed access. No matter where in the cloud the data is stored it is accessible only to authorized users and is perfectly secure. Safe hardware repair and green hardware disposal With InfoWatch CryptoStorage you can protect entire hard drives or their partitions. It is the safest way to prevent sensitive information leakage that can happen while repairing your PCs or laptops in service centers or disposal of hard drives in specialized hardware disposal agencies.
Your Gains
Management and mitigation of
financial, legal, reputational and other information-related risks associated with data loss Compliance with internal policies & standards, external rules and regulations, industry standards (for example PCI DSS, SOX, GLBA, HIPAA) and customer security requirements unlike other competing solutions, all product functionality is available inside a single module. No additional component licensing is required.
www.infowatch.com
2011, InfoWatch
14
Removable mass-storage device protection With InfoWatch CryptoStorage Enterprise you can protect information stored on various mass-storage device types USB drives, optical media, memory cards, etc. You can copy all the data you need to a removable mass-storage device and physically move it to another location. No data breach will happen even in the event of device theft or loss. Secure collaboration InfoWatch CryptoStorage Enterprise protects information both residing on endpoints and in server repositories to enable smooth and secure employee collaboration. Hierarchical multi-user access to the encrypted information with centralized access rights management can be easily set up. For example, employees from Microsoft AD group sales will have access to customer data, while the same information will not be available to the IT group members. The product allows protected information access outside the corporate network with special permits.
System requirements
Client side:
OS: MS Windows (XP, Vista, 7, 2003, 2008 R2). Hardware: Celeron 1GHz and higher, RAM 256Mb, 30Mb of hard drive space.
Server side:
MS Windows (XP, Vista, 7, 2003, 2008, 2008 R2). Hardware: Pentium-4 3 GHz, RAM 1Gb, 30 Mb of hard drive space
www.infowatch.com
2011, InfoWatch
16
How It Works
Key Features
Efficient information extraction Broad coverage: all types of online media are monitored (social networks, blogs and microblogs, online mass media, forums, industry-focused portals, video portals, etc.) High level of relevant information extraction thanks to the use of a proprietary web crawler in addition to common search engines and search APIs of social media (where available) Data extraction accuracy up to 95% of spam and duplicates are filtering out Close-to-real-time monitoring information is provided within 2-4 hours since it appears Monitoring online activities of authors and communities specified by Customer Automatic analysis Advanced matured proprietary linguistic technologies with due consideration of industry-specific context are applied for the highly reliable automatic text analysis Automatic sentiment scoring with over 80% fidelity Automatic text categorization by topics with support of custom categories and keywords (tags) Detection of original and following publications, geography and other attributes Comparison of any parameter with that of any competitor Multi-Language Support Full support of English, Russian and Arabic languages; other languages are coming soon
www.infowatch.com
2011, InfoWatch
17
Extensive Easy-to-Use Reporting Web access to all data and analytics Direct links to found online comments, with their full text available within the system Instantly available visual reports, each graph element is clickable to provide more details Export to XLS, PDF, XML, etc. Workflow support, role-based access model Deployment and Integration API for integration with corporate IT systems (BI, CRM, call center, etc.) Deployment in any environment, including a private cloud
Vertical Solutions
InfoWatch delivers industry-specific solutions those providing superior quality of relevant information extraction and automatic analysis, thanks to: Using industry-specific dictionaries, taxonomies, ontologies, and search queries (linguistic models) Support of industry-specific topics and product categories Monitoring pre-selected industry-focused web resources along with general media with an option to add any other websites upon request Vertical solutions:
Retail banking Telecommunications Airlines Consumer goods
www.infowatch.com
2011, InfoWatch
18
www.infowatch.com
2011, InfoWatch
19
Endpoint protection component provides control over local and network printers, portable devices and removable media and shadow copying of the printed or written to a device data and encryption of file folders, removable mass storage media, hard discs or their partitions Network / gateway protection component controls data sent via mail, secure web and web-mail, blogs, Internet-forums, instant messengers and offers integration with digital rights management systems (i.e. Oracle IRM) helping companies that have already deployed such solutions to save their expenses on implementing a fully-functional information security system Content Analysis Engine performs metadata and content analysis through linguistic analysis, digital fingerprinting, optical character recognition and template analyzer. InfoWatch Content Management system also uses file header information to perform analysis of data and uniquely identify sensitive data (drawings, designs, multimedia content, etc.) Storage component is a centralized protected archive that stores the intercepted data for analytical and reporting purposes. The component is also used for incident investigation
InfoWatch DLP components are a part of InfoWatch Traffic Monitor Enterprise and CryptoStorage Enterprise Product Family.
www.infowatch.com
2011, InfoWatch
20
www.infowatch.com
2011, InfoWatch
21
Intellectual Property Categories The four legally-defined categories of intellectual property are: Patents (registered invention) Trademarks (a name, phrase, sound or symbol used in association with services or products); Copyrights (written or artistic expressions fixed in a tangible medium) Trade secrets (a formula, pattern, device or compilation of data that grants the user an advantage over competitors) But intellectual property can also be something broader and less tangible than these four protected classes: it can simply be an idea.
www.infowatch.com
2011, InfoWatch
23
www.infowatch.com
2011, InfoWatch
24
www.infowatch.com
2011, InfoWatch
25
Solution Architecture
DLP toolset control of major data transmission channels and reliable protection of sensitive information against unauthorized access and loss with InfoWatch Traffic Monitor Enterprise and CryptoStorage Enterprise Product Family Forensics investigation and archiving component used in conjunction with InfoWatch Traffic Monitor Enterprise Reputation Management cloud-based social media monitoring component helping companies manage their reputation risks in the Internet with InfoWatch Kribrum When implemented properly, InfoWatch Risk Management and Compliance solution returns a wealth of information about data being stored, transferred and used on and across the networks and the Internet. Using DLP toolset and Forensics for data discovery and through studying the results and better understanding of data flows, the company will be able to determine where to apply extra layers of protection. It may choose to take advantage of the built-in active prevention features within the DLP toolset or choose to utilize other controls to enable this protection. Reputation Management component helps companies manage their reputation risks in the Internet sources like Facebook, Twitter and etc. by identifying and resolving critical situations before they grow out of control. It is important to recognize the fact that InfoWatch Risk Management and Compliance Solution can help identifying specific types of information within much larger repositories of unstructured data.
www.infowatch.com
2011, InfoWatch
26
www.infowatch.com
2011, InfoWatch
27
SOX
Publicly traded companies Unannounced financial data, trade secrets
GLBA
Banks, financial Institutions, insurers, securities brokers Names, addresses, phone numbers, bank and credit card account numbers and social security number
HIPAA
Healthcare providers, health plans and selfinsured employers Names, addresses, phone numbers, e-mail, date of birth, social security number, medical record number, insurance benefit number. Failure to comply: up to $25,000. Wrongful disclosure: up to $250,000, depending on pretense and intent, plus prison time. InfoWatch Traffic Monitor InfoWatch CryptoStorage Enterprise InfoWatch Linguistic Analysis Digital Fingerprinting InfoWatch Template Analyzer InfoWatch AutoLinguist
Penalties
Products for meeting compliance requirements Technologies used for data analysis
InfoWatch Traffic Monitor InfoWatch CryptoStorage Enterprise InfoWatch Linguistic Analysis Digital Fingerprinting InfoWatch Template Analyzer InfoWatch AutoLinguist
InfoWatch Traffic Monitor InfoWatch CryptoStorage Enterprise InfoWatch Linguistic Analysis Digital Fingerprinting InfoWatch Template Analyzer InfoWatch AutoLinguist
InfoWatch Linguistic Analysis Digital Fingerprinting InfoWatch Template Analyzer InfoWatch AutoLinguist
What you gain with InfoWatch Risk Management and Compliance solution
High-tech competitive advantage for managing operations, risks and reputation Better understanding of business processes and trends Reduction of financial loss Compliance with regulatory requirements Protection of commercial secrets, intellectual property Increased trust of customer and partners
www.infowatch.com 2011, InfoWatch 28
The Solution
InfoWatch KRIBRUM is a cloud-based social media monitoring solution. KRIBRUM provides businesses with a comprehensive structured outlook of how the Internet audience perceives a company, its products, service, personalities, and competitors. The system gathers and analyses unlimited volumes of company-related unstructured text data, i.e. comments, references, articles, opinions, published in the Internet, and delivers structured visual reports at any time. KRIBRUM combines proprietary cuttingedge search and linguistic technologies for efficient data extraction and automatic analysis with high-quality sentiment scoring and topic categorization.
www.infowatch.com 2011, InfoWatch 29
Industry focus There is no universal language, and same words may have different meanings and express different emotions in various contexts. To ensure high accuracy of automatic sentiment analysis the current context, mainly accustomed by industry specifics, is considered: a linguistic model is created for each industry.
Vertical Solutions
InfoWatch delivers industry-specific solutions providing high-quality extraction and automatic analysis, thanks to: Using industry-specific dictionaries, taxonomies, ontologies, and search queries (linguistic models) Support of industry-specific topics and product categories Monitoring pre-selected industry-focused web resources with an option to add other websites upon request KRIBRUM vertical solutions address key business cases of each target industry, as described below.
www.infowatch.com
2011, InfoWatch
31
Competitive Intelligence KRIBRUM tracks subscribers feedback on competitors offerings and provides the same data on competitors as on the Customers monitored objects. Competitive comparison by any parameter is available at any moment. Network Development Subscribers comments on connection quality help identify most urgent or persistent problems with the network.
www.infowatch.com
2011, InfoWatch
33
Success Stories
InfoWatch Helps Prime Focus, a Global Visual Services Group, Protect Intellectual Property
Introduction The challenge of intellectual property protection still remains to be deficient. In fact most of the times the majority of people tend to be reluctant to overlook on this important task or not address this problem entirely given the nature that the actual meaning of what intellectual property could or couldnt be still confuses everyone. Intellectual property (IP) can be anything from a particular manufacturing process to plans for a product launch, a secret like a chemical formula, or a list of the countries in which your patents are registered. Intellectual property is the greatest competitive advantage a company has towards sustainability and profitability and thus should be carefully protected against loss or disclosure. In every specific case only the company itself can define what comprises its intellectual property and should be secured. Customer Prime Focus is a global Visual Entertainment Services group that provides creative and technical services to the Film, Broadcast, Commercials, Gaming, Internet and Media industries. Visual Entertainment Services is a new definition for an industry where technology, visual delivery platforms and content are converging and evolving. Prime Focus lists BBC, Corner Stone Entertainment, the Brooklyn Brothers, Warner Bros. Streetlight Films and many other companies among its customers. Challenges Maintaining a trustworthy relationship amongst customers and partners is of outermost importance for a media services company like Prime Focus. Providing such a company with new movie or game ideas for production, the global international filming or gaming vendors want to be assured that these digital assets are kept confidential until the official release date given the fact that the entertainment market constantly absorbs an enormous amount of competitiveness. Cases when competitors learn about upcoming projects and come up with a product first are not that rare in the visual entertainment market. Prime Focus, as a globally-operating company, guaranteeing its customers with end-to-end solutions from pre-production to final delivery was keen on keeping intellectual property of its customers protected against malicious or accidental leakage and disclosure. The emphasis was made on safeguarding video (movies) and text files (scripts). The requirements list included prevention of video and text files leaving the corporate network and a unified archive for long-term storage of the information on activities done with the essential data to enable retrospective analysis when needed. Feroz Shaikh Vice President IT Prime Focus: When choosing the right intellectual property protection solution we decided to implement InfoWatch Traffic Monitor, as it features complex information analysis, arbitrary data categorization and unified Forensic Storage. The Prime Focus facility in Mumbai, India is one of the busiest VFX facilities in the region. With a capacity seating of over 600 artists and 10 plus features in production at any given moment. Date of implementation: January 2011
www.infowatch.com
2011, InfoWatch
34
Solution To ensure reliable intellectual property protection during the overall selection process Prime Focus carefully studied all available alternatives to minimize the integration efforts and impact it would have on the existing IT infrastructure. The company was choosing from several vendors, including InfoWatch. InfoWatch offered Prime Focus its enterprise-grade internal data protection solution InfoWatch Traffic Monitor Enterprise. The solution gives companies full control over their information flow and helps safeguarding intellectual property. InfoWatch Traffic Monitor Enterprise provides comprehensive protection against information leakage and data breaches. It acts as a network gatekeeper monitoring outbound traffic to ensure sensitive data is not leaked or exposed via email, webmail, social networking, instant messaging, or other online channels and controls local activities with the data (copying and printing). Several analysis technologies, such as in-house developed linguistic analysis, digital fingerprinting and templates analyzer provide high intellectual property detection reliability. The analysis results trigger automatic decision on whether e-mailing or copying this specific information would be a security policy violation and on how it should be processed further, for example, sent or blocked. The decision is based on pre-defined security policies and rules that can be easily customized. The intercepted and analyzed data is stored in a centralized archive Forensic Storage for retrospective analysis and investigations. InfoWatch not only offered a comprehensive reliable solution, but was also able to fulfill Prime Focus' specific requirements for 64-bit OS support. Results InfoWatch cooperation with the media company started from a pilot project. PrimeFocus is happy with the way software integration was carried out and how InfoWatch delivered exceptional technical support, training and consulting services throughout all stages of project implementation, which had only taken a couple of days to complete. Subsequently the customer extended the cooperation with a commercial agreement, thus expressing their assurance in the choice made towards a solution provider. Today InfoWatch Traffic Monitor Enterprise successfully safeguards Prime Focus intellectual property and helps strengthening trustworthy relationships with customers and partners.
InfoWatch Traffic Monitor Enterprise is a comprehensive packaged software solution that gives enterprises full control over their information flow, helps minimize financial and other risks, associated with data loss and ensure legal compliance in the data protection field.
Customer Reference Competition in visual entertainment market is really fierce today. Our customers share with us their future release plans and rely on our discretion in keeping them safe. To better serve the needs of our respected customers we decided to implement additional security measures a special intellectual property protection solution. Wherever possible, Prime Focus collaborates with leading technology vendors and IT developers. We enjoyed working with InfoWatch team on this project; not only did they offer us a comprehensive solution to protect our intellectual property, but they also were diligent enough to deliver qualified high-quality integration and technical support services.
Feroz Shaikh Vice President IT Prime Focus
www.infowatch.com 2011, InfoWatch 35
Svetlana Belyalova, Information Security Director: The solution helped us to prevent 369 information security violations during about half a year after implementation.
www.infowatch.com
2011, InfoWatch
36
In the event of a security policy violation the security officer will be notified. InfoWatch Traffic Monitor provides the security officer with detailed information on the intercepted object, without direct access to its contents to comply with personal data privacy regulations. The analyzed data is stored in a centralized archive Forensic Storage for further reporting and statistics. Results InfoWatch Traffic Monitor Enterprise was successfully integrated into the banks IT infrastructure and is now actively used to control corporate e-mail exchange. The solution has proved to be easy to manage and maintain: several information security officers now effortlessly control e-mail flow in all bank branch offices throughout Russia ensuring that no confidential data ever leaves the company via e-mail although at the same time allowing for all regular business mail to pass. The solution helps Raiffeisen Bank Russia to minimize financial and other risks associated with information loss and ensure legal compliance to information security requirements. In the first six months after installation 369 information security violations were prevented thanks to InfoWatch Traffic Monitor Enterprise. Customer reference Reputational risks arising from confidential data loss are most important for a bank, as reputation counts among major assets of a financial institution. Bad reputation means no customers and no future. DLP solutions are most effective today in protecting sensitive information against leakage. We decided to choose InfoWatch Traffic Monitor Enterprise as it combines the most effective data analysis technologies, including linguistic analysis, digital fingerprints and analysis. The complex application of these technologies delivers the required information security level. InfoWatch Traffic Monitor Enterprise fully controls outgoing e-mail flow (SMTP). Thanks to relevant data categorization the solution installed in all our branch offices can be easily managed by several information security officers with the same high protection level. The solution helped us to prevent 369 information security violations during the first 6 months after implementation.
Svetlana Belyalova Information Security Director Raiffeisen Bank Russia
InfoWatch Traffic Monitor Enterprise is a comprehensive packaged software solution that gives enterprises full control over their information flow, helps minimize financial and other risks, associated with data loss and ensure legal compliance in the data protection field.
www.infowatch.com
2011, InfoWatch
37
InfoWatch Supports Leading Russian and CIS Mobile Operators in Their Data Protection and Compliance Efforts
Introduction Because of their business specifics telecom operators collect and process an enormous amount of personal data customer names, addresses, IDs, account numbers, complaints, and etc. This information is used to better understand customers needs, work out new attractive service offers, shared with 3rd parties such as outsourced call-centers conducting a study on customer satisfaction on carriers request or promoting carriers new initiatives. Local and international regulators pay great attention to the matter of keeping the data collected by telecom operators secured. Nowadays in almost every country in the world there are specific legislations in place that govern personal data processing, for example Federal Data Protection Act in Germany, Data Privacy Directive and Privacy and Electronic Communication Regulation in the European Union, Data Privacy Act in the UK, Federal Law on Personal Data in Russia, and many others. The amount of accumulated information and regulators requirements put carriers under a high pressure and force them to thoroughly address the issue of data protection: people are generally very sensitive when it comes to their personal information. Even a single customer data leak can result in corrupted reputation, devastating customer churn, financial underperformance and regulatory fines. Customers 2 leading Russia & CIS mobile carriers with approximately 115 million subscribers. Both carriers have a diversified service portfolio for end-users and business customers, ranging from basic local and international mobile calls to differentiated value-added services like WiFi and 3G connectivity. The carriers are members of respected Russian and international telecommunication industry associations. Challenges To protect their sensitive data, comply with personal data protection legislation and multiple internal and external information security regulations, the carriers needed a solution that would give them full control over their information flow and provide insight into where and how the information is transmitted and who uses it. The carriers had a range of requirements to the desired solution: scalability for easy deployment across their regionally distributed facilities, reliability to guarantee protection of confidential data combined with uninterrupted business-processes, enhanced performance to handle a huge amount of data, long-term data storage and information access logging features for further investigation.
InfoWatch in Brief
Selected Customers:
www.infowatch.com
2011, InfoWatch
38
Solution Both carriers addressed InfoWatch for its enterprise-grade internal data protection solution InfoWatch Traffic Monitor Enterprise. The solution provides enterprises with full control over corporate information flow, helps achieving better operational efficiency and ensuring compliance with multiple local and international data privacy and protection regulations. InfoWatch Traffic Monitor Enterprise intercepts email, Web, secure Web, IM, network printing traffic and makes shadow copies of data being printed, scanned, written to external media, sent by email, or posted to a social network. The intercepted data is first analyzed according to formal attributes, such as sender/recipient, send date and time, etc. Then the contents of the data are extracted and analyzed using several content analysis technologies, such as digital fingerprints, templates analyzer and linguistic analysis. The combined application of several content analysis technologies ensures more precise and accurate confidential data identification. After analysis the solution automatically produces a decision on how the intercepted data should be processed further sent or blocked. The decision is reached according to pre-defined security policies and rules that can be flexibly customized. The security officer gets alarmed in the event that a security policy has been breached. InfoWatch Traffic Monitor Enterprise provides the security officer with comprehensive information on the intercepted data without giving direct access to it to ensure that no personal data / correspondence privacy acts are violated. The security officer can confirm or alter the systems decision. The intercepted data is stored in a centralized archive Forensic Storage for an unlimited storage time. InfoWatch Traffic Monitor Enterprise allows tracing all employees operations with the data and features users current activity monitoring and retrospective analysis. Results InfoWatch cooperation with the carriers started from a pilot project that was later extended to serve the needs of their multiple regional branch offices throughout Russia and CIS. Thus the carriers validated their assurance when choosing internal data security solutions provider. To speed up the implementation InfoWatch supplied the product with a set of preinstalled data processing rules (set of preloaded data processing and decision-making rules, report templates and analytic queries, which are customized for a variety of vertical industries.), especially custom-tailored for telecommunications market. InfoWatch Traffic Monitor Enterprise was successfully integrated into carriers IT infrastructure and is now used to provide reliable protection of the network security perimeter. The solution helps carriers protect both of their own and their customers data and comply with the requirements of the Russian Federal Law On Personal Data and several other standards and regulations.
InfoWatch Products: InfoWatch Traffic Monitor Enterprise is a comprehensive packaged software solution that gives enterprises full control over their information flow, helps minimize financial and other risks, associated with data loss and ensure legal compliance in the data protection field.
www.infowatch.com
2011, InfoWatch
39
InfoWatch Safeguards Banking Sensitive Data, Simplifies Security Risk Management and Ensures Compliance at First Energy Bank of Bahrain
Introduction Today, the vital importance of confidential data protection and overall information security has become absolutely apparent, especially in the banking industry where most of the data is considered to be sensitive & essential for any business to remain competitive. At the same time, corporate data volumes are substantially growing, IT infrastructure is going more diverse, and corporate staff is getting more involved into using various web and mobile services, which all makes corporate information protection to be a really challenging task. Customer First Energy Bank B.S.C. (c) (FEB or the Bank) is an Islamic investment bank licensed by the Central Bank of Bahrain and is headquartered in Manama, Kingdom of Bahrain. The Bank operates an extensive network across the region, emphasizing on investments in development, production, transportation, storage, refining and distribution of hydrocarbons, as well as on oilfield services and energy sector technologies. FEB also explores opportunities to invest in the development of power generation capacity and renewable energy technologies. The Bank operates in accordance with Islamic Shariaa principles as a financial partner in project development, joint ventures, mergers and acquisitions, including asset & portfolio management. FEB has an authorized share capital of $2 billion USD and a paid up capital of $1 billion USD. The Banks shareholders include investors from Bahrain, the United Arab Emirates, Libya, Saudi Arabia and other countries within the region. Challenges Faced by the challenges of sensitive data protection in the rapidly emerging information environment, First Energy Bank required an industry-proven solution to safeguard its confidential information, "zeroday" documentation and a variety of other private banking data from leakage and improper distribution, while simplifying security management with minimal IT resources. Among major requirements, First Energy Bank needed full support for Arabic languages, while complying with general and banking industry-specific info security standards and regulations. Solution InfoWatch DLP Banking Suite secures confidential banking data by controlling its distribution and addresses critical security and compliance requirements. The Suite includes InfoWatch Traffic Monitor Enterprise that delivers comprehensive easy-to-manage functionality of Data Loss
www.infowatch.com 2011, InfoWatch
FEB was incorporated in the Kingdom of Bahrain in June of 2008 and is the first Islamic investment bank entirely focused on the global energy sector, predominantly within Middle East and North Africa.
40
Prevention & Protection (DLP) both on gateway (web, secure web, and email traffic control) and endpoint (reading, copying and printing control with shadow copies functionality) levels, and CryptoStorage Enterprise that enables transparent encryption of sensitive data on laptops, desktops, USB drives, optical media, local and network folders restricting access to encrypted data solely by the person who encrypted it. Subsequently, an integrated InfoWatch Forensic Storage technology archives the data for further analysis and investigation, in compliance with banking security requirements. First Energy Bank selected the InfoWatch solution over the rest of the competition not only due to its functionality, reliable performance and compliance, but also because of InfoWatch expertise in addressing the specific banking business needs, and fast time to benefit: InfoWatch DLP Banking Suite comprises a set of preloaded banking-specific data processing and decision making rules (including the Arabian Linguistic Analysis Engine) and policies. It automatically detects banking sensitive data and renders a comprehensive verdict on its further handling according to banking security or compliance policies. Another InfoWatch advantage is the capability of archiving terabytes of analytical data, including those from corporate email streams for further retrospective analysis and forensic compliance. Results The efficiency of InfoWatch DLP Banking Suite and timeliness of its deployment was demonstrated within just 72 hours upon deployment: InfoWatch Traffic Monitor Enterprise successfully prevented an internal security policy breach. The incident was identified, blocked, captured and analyzed by InfoWatch proprietary Decision Making Engine, and then the incident was stored in InfoWatch Forensic Storage Archive for further processing. The whole InfoWatch team is delighted to be part of this project to securely enable First Energy Bank's business with our latest innovations to prevent security breaches and safeguard their most essential digital assets. This project clearly demonstrates that InfoWatch protection and encryption solutions entirely meet today's Middle East banking security and compliance standards. Customer Reference We had witnessed an immediate demonstration of comprehensive functionally and the actual value this DLP solution had brought to our Bank, which is definitely above all other previously tested solutions. We are delighted with InfoWatchs technology excellence and expertise in banking domain, which underlies their efficiency in preventing both accidental and intentional data loss. Partnership with InfoWatch secures our business in a complicated information environment. Ali Al Saegh IT Security Manager FirstEnergyBank InfoWatch Traffic Monitor Enterprise InfoWatch Traffic is Monitor Enterprise a comprehensive packaged software is a comprehensive solution that gives packaged software enterprises full control solution that gives over their information enterprises full control flow, their information over helps minimize flow, helps minimise financial and other risks, associated other financial and with data loss and ensure risks, associated with legal compliance ensure data loss and in the legal compliance field. data protection in the data protection field.
www.infowatch.com
2011, InfoWatch
41
Local Offices
Russian Federation InfoWatch Headquarters 2-aya Zvenigorodskaya str., 13, bld. 41 123022, Moscow, Russia www.infowatch.com Office: +7 495 22 900 22 Fax: +7 495 22 900 22 info@infowatch.com IW-Global@infowatch.com pr@infowatch.com Germany EgoSecure Subsidiary GMBH InfoWatch Group
Pforzheimer str. 134 76275, Ettlingen, Germany www.egosecure.com Office: +49(0)7243 / 354 95-0 Fax: +49(0)7243 / 354 95-10 sales-de@infowatch.com contact@egosecure.com
Business partners
Asia-Pacific Communication Links Ravi Kiran Estate Unit N 116 first floor Plot N B58, Oshiwara Link Road, Next to Monginis Factory, Andheri West, Mumbai 400053, India Office: +91-22-26736767 Fax: +91-22-267-36863 Site: www.comlinks.in E-mail: naveen@comlinks.in SPECTRUM (Comguard) 522, Arcadia, Hiranandani Estate, Ghorbunder Road, Thane (W)-400607, Maharashtra, India Tel: +91-22-40243181 Fax: +91-22-40243181 Site: www.spectrumme.com E-mail: harish@comguard.net XPAND Solutions 20/3 Manthope Second Street Maduvankarai Guindy, Chennai 600032, India Tel +91-422-4288127 Fax: +91-422-4288199 Site: www.xpand.in E-mail: shanawaz@xpand.in
www.infowatch.com 2011, InfoWatch 42
Softline Solutions International Sdn Bhd el: +603 6411 3699 ext. 7153 Support Line: +603 6411 3698 Fax: +603 6411 3696 bill.tan@softline.my E-mail: info@softline.my Unit K-3A-3A, block K, Solaris Mont Kiara, Jalan Solaris Off Jalan Duta Kiara, Mont Kiara 50480 Kuala Lumpur, Malaysia Site: www.softline.my CHIPSANG & ASHMANOV Co., Ltd. Tel : +84 (8) 39 33 99 55 Fax : +84 (8) 39 33 34 86 Head Office Lot T2-4, Saigon Hi Tech Park, D1 Street, Dist. 9, HCMC, Vietnam Branch 253 Dien Bien Phu Street, Ward 7, Dist. 3, HCMC, Vietnam Site: www.csa.vn E-mail: thuonglc@csa.vn Middle East Fakhro Electronics WLL Tel:1722 0091(D) Fax:1722 0049 P.O. Box 39, Manama, Kingdom of Bahrain, Office 12, Building 425, Road 1805, Manama 318 Site: fakhro.com E-mails: shiv@fakhro.com, information@fakhro.com Spartan Infotech Co. WLL Tel: +973 77110190 Fax: +973 77110191 2nd Floor, No. 668, Al Hasan Building, Diplomatic Area 317, Manama, Kingdom of Bahrain Site: spartaninfotech.com E-mail: ashok@spartaninfotech.com Gulf Bureau for research and economic consultants Tel +96614655370 Fax +96614631045 Business development manager 501\502 Rabayat bld., Olaya road, P.O. Box 92658, Riyadh 11663, Kingdom of Saudi Arabia Site: gulf-bureau.com E-mail: latifihm@gulf-bureau.com Softline el +98 (21) 88794947 ext. 108 2nd Floor, No. 259, Dastgerdi St., Tehran, Islamic Republic of Iran Site: www.softlinegroup.com E-mail: navid.fathi@softlinegroup.com
www.infowatch.com
2011, InfoWatch
43