All our users access information using mobile devices which can be personal or company based.
How can we prevent the insider threat in this highly mobile environment?
The use of mobile devices, laptops and a greater flexibility in working from home is set to grow exponentially over the next couple of years; users now want to access information all the time and from any device.
This flexibility has given new challenges to information security where the traditional methods of restricting information within the boundaries of an organization are no longer possible. The following are some of the security challenges posed by the growing demand for mobility within organizations:
- Users access sensitive documents and emails on their personal mobile phones or tablets. How can you ensure information is secure in the event
- They lose the device
- They act maliciously by leaking the information out to a 3rd party
- Off network activity using company laptops. How do you implement the same level of security on these devices as when they are connected to the organization’s network
- Users access company documents, applications etc from their home PCs. How do you ensure the security of information without infringing their privacy.
|SOLUTION à SECURE INFORMATION AT ITS SOURCE A UNIQUE SOLUTION TO MOBILE SECURITY
e-Safe Compliance solves the mobile issues using a fundamentally different approach. Most DLPs solely rely on blocking leakage points such as chats, emails etc. Yet the growing demand for mobility has made this an impossible task. By contrast e-Safe Compliance adopts a data driven approach.
e-Safe Compliance’s mobile security approach is based on securing the information at its source. The approach is based on the assumption that it is no longer possible to only rely on controlling information transfer points and that the information itself needs to be secured. The following are details of this solution
SECURING INFORMATION AT ITS SOURCE A SOLUTION FOR HANDHELD, TABLETS, LAPTOPS AND WORK FROM HOME SCENARIOS:
e-Safe Compliance encrypts all documents using persistent universal encryption. Documents encrypted using universal encryption can only be opened on devices having the e-Safe agent installed and with the relevant user credentials. These documents are then tracked throughout their lifecycle from creation to deletion. As such if users wish to access these documents on their laptops or their home PCs they need to have permission from their company to have the e-Safe application installed. In the event the user leaves the organization the admin can simply switch off the application from the server which removes all sensitive information from the remote or mobile device.
For mobile phones and tablets e-Safe offers an e-Safe Compliance APP which has to be installed on handheld devices with the relevant user credentials to access these documents. The APP ensures documents are maintained in an encrypted form at all times and, in case the device is lost, the APP can be remotely removed, thereby securing all the documents. The APP also reports back complete usage details for the document; as such the administrator can know who is having what sensitive information at any given period of time. Further if the user tries to act maliciously and send the document out to a third party, the document is useless as it will remain encrypted.
SECURING CORPORATE EMAILS AND SHAREPOINT AT THE SOURCE
e-Safe Compliance monitors emails and secures them at the server level. Hence it doesn’t matter how or from where a user accesses his email. Email transactions containing sensitive information are automatically encrypted thus requiring that the receiving party has the necessary credentials to open it. Further the module alerts the information owners and IT security admin in any case where the email containing sensitive information is forwarded to a malicious third party.
Similar to emails e-Safe Compliance monitors and secures the Sharepoint server from the server level. Sensitive documents downloaded from sharepoint get auto encrypted no matter from whence they are accessed. This ensures security of information. Further all usage is logged.
MONITORING USERS AT THE SOURCE: A SOLUTION TO OFF-NETWORK RISKY BEHAVIOUR
Mobile users having laptops etc are a major security threat. Most organizations have central security controls but these become useless when the user is offline or is connected to some external 3rd party network.
e-Safe Compliance solves this problem by doing all monitoring at the end-point level, having an agent installed in each PC. The agent is not affected by whether the user is offline or online or whether he is connected to the corporate network or not.
MONITORING USERS AT THE SOURCE IN THEIR HOME PCS
The biggest challenge when monitoring personal user devices is ensuring the privacy of their personal data. The challenge is how to monitor and secure corporate information while completely excluding user’s personal information.
e-Safe Compliance achieves this by creating a separate user profile in the user’s home PC which is authorised and is fully tracked. Users can connect to the corporate network, access encrypted documents, shared folders and applications when they login using this user profile. Whereas when they want to do personal work they just log off and log into this PC using their normal credentials.