People Centric DLP
e-Safe Compliance People Centric DLP offers a holistic solution for the issues of data discovery, data classification, data leak prevention, and information security.
It uses the approach of "Trust but Verify" which enables organisations to successfully implement comprehensive data and information security governance strategy, built around people and business processes, with the help of technology.
Integrated Discovery and Classification of Data
Successful data protection includes identification and discovery of sensitive data. e-Safe Compliance integrated data classification and discovery tools provide the permanent and explicit identification labels to the degree of certainty that is required for proper data governance.
Classification of data in databases and other data stores
e-Safe Compliance enables central security team to define rules for classification of data at rest within databases and other data stores such as local and shared drives, and file servers. The system also empowers information owners to classify data themselves through Information Classification Tool (ICT). The rules are defined based on sensitive words, regular expressions, file names, and source code.
Discovery of sensitive data in network drives and other data stores
e-Safe Compliance offers a scanning utility, which is based on the rules, and scans network, shared and local drives, and databases to discover and locate sensitive data and information. The utility allows administrators and information owners to define the location of the sensitive data and to set the scanning frequency. Once defined any new data or information created in this location is automatically scanned based on the rules defined and is classified at any of the three different levels i.e. highly restricted, restricted, internal etc. These sensitivity levels define how this information should be dealt with.
Monitoring of Data in Motion & Data in Use
The solution empowers Information Owners to define the risks related to the data and their severity. Advanced analytics calculate risk results by monitoring user behaviour over time and produce a risk score based on the actions taken by each user. The reports generated based on user actions and risk scores are sent direct to the information owners for in-time review and further action.
Preventing Data from being Leaked
People Friendly Data Protection
Other than central security team to apply protection policies centrally, e-Safe Compliance empowers information owners and end users themselves to directly protect and restrict the access to their sensitive data using persistent and transparent encryption, and rights management. The usage of sensitive data is tracked through document tracking system and is reported to the information owner. In case of genuine business need, the system allows authorised users to override restrictions by giving a reason hence the users are no longer prevented from doing their job. Enables easy to use and secure sharing of sensitive documents with 3rd party or external mobile users through iOS and Android apps.
Trust but Verify - Built around People and Processes
The solution, built around people and business processes, consists of 2 main security modes which are Centralized Security and Decentralized Security.
Centralized security mode enables the IT security team to classify, protect and monitor the use of company’s established information stores such as databases, file stores etc. Information is auto classified on an ongoing basis using automated tools. The classified information is protected using encryption and appropriate access control is applied to it via centrally defined rules.
Decentralized security mode engages information owners in the classification and protection of adhoc generated data. e-Safe Compliance does this through an automated workflow system where information owners can define rules regarding their information and protect ad-hoc related information.
Both IT security team and information owners can verify that sensitive information is being protected and is not being misused through document tracking and automated User Behaviour Analytics (UEBA) reports.