clearswift ccsp selling clearswift argon for email

ClearswiftCCSP Selling Clearswift ARgon for Email

2

What is Argon for Email?

• Adaptive Redaction solution

• Complements existing email security and Data Loss Prevention (DLP) solutions

• Addresses issues with traditional DLP solutions

• Delivers enhanced– Risk mitigation

– Critical information protection

3

Clearswift ARgon for Email

Users

Users

Email Gateway/Managed Service

Internet

Email ServerClearswift ARgon

for Email

4

Complementary, Not Duplication

Anti Virus Anti Spam ReportingDLP

PoliciesData

Redaction

Document Sanitizatio

n

Structural Sanitizatio

n

3rd Party Email

Gateway

(Additional Feature)

û û û

ARgon for

Emailû û

Augments existing email gateway technologies

Adaptive Redaction

5

What’s the value to you?

• Overcome “we’ve got one already” objection

• Complements existing portfolio

• Faster sales

• Growing market– DLP 26%

– SEG 2%

– SWG 7% – Source: Gartner “Forecast: Information Security, Worldwide,

2012-2018, 2Q14 Update”

6 © Clearswift 2015

CCSP Clearswift ARgon for EmailWhy Does a Client Need ARgon for Email?

7

New Information Risks

• Targeted attacks

• Hidden information

Users

Users


Internet

Email Server

Document+ Malicious Active

Content


ContentDocument

+ Malicious Active Content

Document + Sensitive Information



8

Traditional DLP Pain Points

Long time to become effective

Stops the whole transmission

Large manual processing overhead

Can miss “hidden” sensitive

information

9


• Instant risk mitigation

• Protects critical information, reduces traditional DLP false positives and enables secure continuous collaboration

Users

Users


Internet

Email ServerDocument + Sensitive Information



Content

Redacted and Sanitized Document

Sanitized Document

10

Adaptive Redaction

• Data redaction– Remove sensitive information

• Document sanitization– Remove meta-data, version and document history

• Structural sanitization– Removes active content

11

Data Redaction

• Risk that confidential information may be shared inappropriately

• Business stops due to conventional DLP ‘stop and block’ functionality

• Real risks lost amongst noise

Problem

Solution

• Automatically remove sensitive information from emails and documents

• Share information without breaking legislative requirements (e.g. PCI DSS)

• Avoid unnecessary barriers

• Identify real risks

12

Data Redaction

• Detects sensitive information and removes it

• Redacted document delivered

• Policy driven

• Automated

• Works in both directions

How

**** **** ****

Senders

RecipientsClearswift ARgon

for EmailDocument + Sensitive Information

Redacted Document

Email ServerEmail Gateway/

Managed Service

13

Supported File Types

File Type Extensions

HTML .htm .html

Microsoft Word document (2007+) .docx .docm .dotx .dotm

Microsoft Excel spreadsheet (2007+) .xlsx .xlsm .xltx

Microsoft PowerPoint presentation (2007+)

.pptx .pptm .potx .ppsx .ppsm .thmx

OpenOffice Writer .odt

OpenOffice Calc .ods

OpenOffice Impress .odp

OpenOffice Graphic .odg

OpenOffice Master .odm

OpenOffice Math .odf

Adobe PDF (portable document format) .pdf

Rich Text Format encoded document .rtf

Notepad/Plain text .txt

14

Document Sanitization

• Organizations need to collaborate with third parties

• Sensitive information can be exposed in meta-data, track changes, quick save, etc.

• Users often not aware of risk

Problem

Solution

• Automatically detect and remove sensitive information from documents

• Prevent embarrassing disclosures

• Users can still share documents without unnecessary barriers

15


What they thought they sent

What they actually sent

What we sent for them

16


• Detects and removes– All/selected document properties

– Revision histories

• Policy driven

• Automated

Senders

RecipientsClearswift ARgon

for EmailEmail Server Email Gateway/

Managed Service


Sanitized Document

17




Microsoft Excel spreadsheet (2007+)

.xlsx .xlsm .xltx









Adobe PDF (portable document format)

.pdf

18

Structural Sanitization

• Risk of malware embedded in common file formats

• Threat increasing

• Common vector for exploits leading to loss of data

Problem

Solution

• Automatically detect and remove active content

• Improved defense from malware

• Users can still transmit/receive valid content

19

Structural Sanitization

• Removes active content from communications

• Protects against embedded APTs

• Ensures information is shared safely and without disruption

Recipients

SendersClearswift ARgon

for EmailEmail Server Email Gateway/

Managed Service

http://xxxxxxstralia.com.au/flash/uss05.exe

All active content removed

Document + Macros

+ Embedded DLLs

Sanitized Document

20



HTML .htm .html


Microsoft Excel spreadsheet (2007+)

.xlsx .xlsm .xltx









Adobe PDF (portable document format)

.pdf

Rich Text Format encoded document

.rtf

21

ARgon Benefits – No DLP

• Not disruptive

• Quickly reduce risk posture

• Reduce management overhead

• Identify real issues

• Rapid ROI

22

ARgon Benefits – Existing DLP

• Complementary

• Quickly reduce risk posture

• Reduce management overhead

• Identify real issues

• Rapid ROI

23

Why don’t I just sell a SEG/SXG?

SEG ARgon for Email SXG

3rd party gateway compatibility û

Inbound email

Outbound email

Internal email û û

Anti-virus ü û Cost option

Anti-spam û û

Reporting AR focused

DLP policies

Adaptive Redaction Cost option Cost option

Default AR policy û û

Encryption Cost option TLS only û

IG Server integration Roadmap

24

ARgon Deployment - Platforms

• Developed on SEG V4 core technology– Red Hat Enterprise Linux x64 6.6

– 64 bit operating system

• Physical/soft appliance

• Virtual appliance– VMware ESX/ESXi and vSphere

– Hyper-V

• No hosted service at launch


CCSP Clearswift ARgon for EmailBuilding a Business Case

26

Building a Business Case

• Risk of new threats and critical information protection

• Probability of incident

• Accidental and malicious

• Complementary offering

• Research

• Push PoV

27

ARgon Sales Cycle

PoV Results & Business case

Report

PoV

Awareness and Value Meeting Operational

System Installed

Cost/Benefit Analysis

28

ARgon Deployment – Proof of Value

IronPort C160™ Email Security Appliance

Exchange Server

Most boundary gateways can deliver original message AND

duplicate message for processing on ARgon platform to demonstrate value without

interrupting email flow

----------------------------------------------------------------------

DMZ

LAN

Email Hygiene GatewayARgon for Email

• Side car deployment

• No impact to business email

• Copies of all live email sent to ARgon for analysis

• Shows “What would have happened”

29

ARgon Deployment – Live Deployment


Exchange Server

Email Hygiene Gateway

ARgon for Email

DMZ

---------------------------------------------------------------------------------------

LAN

• Located downstream from the existing email filtering solution

• Located within the internal network

• Message management controlled by business units and security

30

Filtering Rules


Exchange Server

AV + ASHygiene rules

Outbound Rules

Inbound AR Rules

Outbound AR Rules

31

Message Holding Areas


Exchange Server

Hygiene

AR

IT Admins

Business Admins

32

Services

• Installation and configuration– Out of the box policy

– Keep cost of purchase low

– Average duration: 1 day

• Advanced policy definition– Includes AR Policy Definition Workshop

– Advanced policy configuration

– Average duration: 3 days

• Health check– System and policy review

– Average duration: 1 day

• Training– Duration: 1 day

33

Objection Handling

Competitor Approach

“We’ve got a manual process.”

• People forget and make mistakes• Need to ensure employees are trained on

latest polices and how to implement them properly

“We’ve already got an email gateway/managed service.”

• Push new threats and critical information protection

• Highlight benefit of reducing management of false positives and “standard” sensitive items

“We use encryption to protect against data loss.”

• Highlight that this is only useful when it’s appropriate for that data to be shared with that person

• Doesn’t protect against accidental/malicious data loss

34

Objection Handling

Competitor Approach

“We’re considering a DLP suite.”

• Emphasise that can complement whatever solution they eventually choose

• Stress that ARgon can start to mitigate risk from day one

• Push new threats and critical information protection

• Position away from a full DLP solution

“We’ve got a DLP suite.” • Push new threats and critical information protection

• Emphasise that can complement whatever solution they have

• Highlight benefit of reducing management of false positives and “standard” sensitive items

35

Competitors

Competitor Approach

Glasswall • Only Structural Sanitization

Symantec • Only Structural Sanitization • Not on all products (e.g. cloud)

NextLabs • Data Redaction and Document Sanitization at end point (works within email clients)

OpenText • Data Redaction and Document Sanitization • Manual/automated process

Mimecast • Document Sanitization • Performed in the cloud solution• Uses the Microsoft Document Inspector and

removed revision history, etc.• Can convert file to pdf

Titus • Data Redaction• Manual process that only ‘blacks out' sensitive

content

36

Competitors

Competitor Approach

McAfee Endpoint DLP

• Can automate sensitive data [creates clear text]• Authorized user can then review redacted content

via ePO

Microsoft Document Inspector

• Removes revision history• Manual process

Websense • Data Redaction• Part of Data at Rest DLP function

Adobe Acrobat Pro

• Redact text and images• Manual process

Appligent • Redax product automatically redacts content in PDF documents

OmniX • Automated text redaction for litigation services

37

Collateral

• Sales presentation

• Solution paper

• Use case white paper

• ARgon vision slides and paper

• Objection handling FAQs

• Competitive positioning

• Telemarketing scripts

38

Roadmap

Note: All dates and functionality subject to change

Apr – May – Jun Jul – Aug – Sep

2015

Oct – Nov – DecJan – Feb – Mar

2016

ARgon for Web V1.0

• Adaptive Redaction• IGS integration• English and Japanese

ARgon for Email V1.1

• Japanese


• Adaptive Redaction• English only

ARgon for ICAP V1.1

• IGS integrationARgon for Exchange V1.0

• Adaptive Redaction• English and Japanese


• IGS integration

ARgon for ICAP V1.0

• Adaptive Redaction• English and Japanese

ARgon for Exchange V1.1

• IGS integration


CCSP Clearswift ARgon for EmailFrequently Asked Questions

40

FAQ

• What vendors’ solutions does ARgon work with?– Any solution that can pass SMTP emails to ARgon

• Does the client need to purchase all 3 AR features?– Yes, they are all included in the subscription cost

• Can I peer an ARgon with an SEG/SWG/SXG/SIG?– No, only other ARgon systems

• Can I upgrade an ARgon to a SEG?– No direct upgrade path, will require a new installation

– Potential to offer service to migrate policy and add hygiene components


CCSP Clearswift ARgon for EmailSummary

42


• Adaptive Redaction solution

• Complements existing email security and Data Loss Prevention (DLP) solutions

• Addresses issues with traditional DLP solutions

• Delivers enhanced– Risk mitigation

– Critical information protection

Selling Clearswift ARgon for Email

“Providing organizations a solution to rapidly protect their critical information without harming productivity, or replacing their current operational infrastructure.”

clearswift ccsp selling clearswift argon for email

Documents

existing email solutionno

us5ccsp clearswift argon

existing solutionargon

quartertraditional dlp

traditional dlp solutionsstop

clearswift marketing

areas of significant

significant areas of