micro focus presentation template · 2018-10-08 · phase 1: aws (sda 6.4) aws ami aws kms...

#MicroFocusCyberSummit


2nd Annual Voltage (Data Security) Technical Advisory Board (TAB)Farshad Ghazi

Alistair Rigg

Reiner Kappenberger

Kevin McLeod

Anthony Knight

Farshad Ghazi – Global Product Manager, SecureData Appliance

Alistair Rigg – Global Product Manager, SecureData Sentry

Reiner Kappenberger – Director of Global Product Management, Enterprise Data Security

Kevin McLeod – Global Product Manager, Covertix

Anthony Knight – Global Product Manager, SecureMail, SecureMail SaaS and SecureFile

Voltage Product Management

Micro Focus Confidential

2nd Annual Voltage TAB – Agenda

Time Topic Presenter

1:30 – 2:15pmSecureData for the Cloud – Revolutionizing the SecureData Infrastructure through Containerization

Farshad Ghazi, Global Product Manager, SecureData Appliance

2:15 – 3:00pmAchieving Data-Centric Security across Hybrid IT with SecureData Sentry

Alistair Rigg, Global Product Manager, SecureData Sentry

3:00 – 3:15pm Afternoon break

3:15 – 3:45pmInsight into Critical Data Usage Using SecureData with Enhanced DCAP Support

Reiner Kappenberger, Director of Global Product Management, Enterprise Data Security

3:45 – 4:15pmUnstructured Data Protection With Covertix, the Latest Addition to the Data Security

Kevin McLeod, Global Product Manager, Covertix

4:15-5:00pmSecuring Information Sharing – Inside and Outside of Your Organization

Anthony Knight, Global Product Manager, SecureMail & SecureFile



SecureData Appliance for the Cloud –Revolutionizing the SecureData Infrastructure through ContainerizationFarshad Ghazi

Foundational Requirements

Same results from anywhere Referential Integrity preservation

No matter where the data is coming from; e.g. Cloud app, IBM z/OS, HPE NonStop, …

Or where the key server resides

It should always produce the same encrypted value

Must be operational in a Hybrid IT environment Orchestration and provisioning across on-premises, private and public cloud

Any-to-any operation; e.g. key server on-premises or in any Cloud would yield the same results

Backward compatibility On-premises ISO version will be supported

No changes in how it is installed or used

New features and use cases offered with new architecture DevOps model, Service Discovery, Built-in load balancing, …


Cloud Usage Evolution

Cloud as Storage

* Use cloud as a scalable storage device

* Typically no major changes to on-premises architecture

* Maintains data relationship for cross-cloud usage and data correlation

Cloud Apps

* More advanced cloud usage

* App servers running on EC2 or Azure VM

* Minimizes data read/writes across app/storage boundaries

Zero data center

* Enterprise seeking no data center

* Everything in the cloud

* Secure Data Enterprise solution entirely in the cloud

Container / Microservices

* Flexible “Run Anywhere” container

* Maximum reuse

* Platform independent


Cloud Implementation and Maturity Phases


Software product roadmaps indicate Micro Focus’ directional intention at a point in time. In an evolving environment, roadmaps are subject to change and are therefore not a commitment or representation by Micro Focus to develop, modify, market or deliver a software product, code or functionality or to meet any specific timetable. They are also confidential information

and therefore not for disclosure to others or use other than for your evaluation of a business relationship with Micro Focus.

Phase 1: AWS (SDA 6.4)

AWS AMI

AWS KMS integration as FEK

Phase 2: Azure in SDA 6.6

Azure VM

Integration with Azure Key Vault (similar to AWS KMS)

Interop test with Azure AD

Phase 3: Basic containerization

Introduction of major services in Docker containers

Key services, REST and SOAP, PIE FES, Auth/Auth, Logging, Dashboard (MC), Smart Formats (DPL)

Phase 4: Orchestration

Container management thru Kubernetes

Usage of Kubernetes for container discovery, replication, clustering, updating, scaling...

Phase 5: Marketplace delivery

Marketplace integration for AWS, Azure, GCP

Auto-pass license management

Technical Background and Questions

Deployment model

Voltage to manage our own pods and deployment

or

Provide configuration to be integrated in deployment

Impact: e.g. rolling update?

Managed by Voltage?

Or incorporated in the enterprise update

E.g. Config ID inclusion in enterprise dev ops meta data

Question 1: Deployment


Central config service; multiple sites/regions

Do we need a node or Pod config?

E.g. regional differences that need to be applied

Question 2: Configuration


How they handle logging in their infra.?

Using syslog? Other log forwarders?

Docker provides some basic logging mechanism

Will default Docker logging mechanism be used?

Is an embedded SIEM required?

Or the ability to connect to the SIEM of choice within an enterprise environment

Question 3: Logging


Kubernetes Cluster

Hyb

ridP

ub

licP

rivateDeployment

Pod 1• Key services• Replica = 2

Pod 2• REST services img• SOAP services• Replica = 3

Pod 3• AuthN/AuthZ• Format services• Replica = 2

Pod 4• PIE services• Replica = 100

App1.yml

K8SCluster

Services(Master)

API

P1 R1Worker

KP1 R2

WorkerK

P2 R2Worker

K

P3 R1Worker

K

P2 R3Worker

KP2 R1

WorkerK

P3 R1Worker

K

P4 R1Worker

KP4 R2

WorkerK

P4 R100Worker

K


P1 R1Worker

KP1 R2

WorkerK

K8SCluster

Services(Master)

API

v1v1

Application Service

etcd

Rolling Update


1

K8SCluster

Services(Master)

API

Application Service

etcd

P1 R1Worker

KP1 R2

WorkerK

P1 R1Worker

KP1 R2

WorkerK

v1v1

v2v2

2


Rolling Update


K8SCluster

Services(Master)

API

Application Service

etcd

P1 R1Worker

KP1 R2

WorkerK

P1 R1Worker

KP1 R2

WorkerK

v1v1

v2v2


Rolling Update


3

P1 R1Worker

KP1 R2

WorkerK

K8SCluster

Services(Master)

API

v2v2

Application Service

etcd


Rolling Update


4

Thank You.



Achieving Data-Centric Security Across Hybrid IT with SecureData Sentry

Alistair Rigg

CONFIDENTIAL AND PROPRIETARY. Roadmap information is confidential and subject to change. Please refer to the following “Confidential Information” and “Forward-looking Disclaimer” text for restrictions on use and a disclaimer regarding forward-looking info.

Customers with CDA

Confidential information. This Roadmap contains Confidential Information of Micro Focus and/or its

affiliates (“Micro Focus”), and is subject to change without notice. If you have a valid Confidential Disclosure

Agreement (“CDA”) with a Micro Focus entity, use of the Roadmap is subject to that CDA, and allowed solely

for the purpose of evaluating purchase decisions from Micro Focus.

Forward-looking Disclaimer. This document is not to be construed as a commitment by Micro Focus, its

affiliates, or by any participating company to develop, deliver, modify, or market a product, code, feature or

functionality, or to meet any dates, and should not be relied upon in making purchasing decisions. The

development, release, and timing of features or functionality described for Micro Focus products remains at

the sole discretion of Micro Focus. Micro Focus may change the contents of this document at any time

without obligation to notify any entity of the change. Micro Focus, its affiliates, and any participating

company make no representations or warranties with respect to the contents of this document, and disclaim

any express or implied warranties of merchantability or fitness for any particular purpose.


Confidential information. This Roadmap contains Confidential Information of Micro Focus and/or its affiliates (“Micro

Focus”), and is subject to change without notice. If you have a valid Confidential Disclosure Agreement (“CDA”) with a

Micro Focus entity, use of the Roadmap is subject to that CDA and allowed solely for the purpose of evaluating purchase

decisions from Micro Focus. If not, it is subject to the following terms. For 3 years after disclosure, You may use the

Roadmap solely for the purpose of evaluating purchase decisions from Micro Focus. You must use a reasonable standard

of care to prevent disclosure. You will not disclose the contents of the Roadmap to any third party with Micro Focus’ prior

written approval unless it first becomes publically known or is rightfully received by you from a third party without duty of

confidentiality.

Forward-looking Disclaimer. This document is not to be construed as a commitment by Micro Focus, its affiliates, or by

any participating company to develop, deliver, modify, or market a product, code, feature or functionality, or to meet any

dates, and should not be relied upon in making purchasing decisions. The development, release, and timing of features or

functionality described for Micro Focus products remains at the sole discretion of Micro Focus. Micro Focus may change

the contents of this document at any time without obligation to notify any entity of the change. Micro Focus, its affiliates,

and any participating company make no representations or warranties with respect to the contents of this document, and

disclaim any express or implied warranties of merchantability or fitness for any particular purpose.

Customers without CDA


Product Context & Vision

Enterprise Cloud Trends and Risks


Cloud Trends Security Risks and Concerns

Cloud is the

#1 targetfor security spend increase by

Chief Security Officers2

An average of

27different cloud apps and services

are used by an enterprise1

1: The 2018 Global Cloud Data Security Study, by Ponemon Institute LLC, 20182: 2017 Security Priorities, survey of Chief Security Officers, IDG, 2017

Spinning up cloud workloads at the speed your business demands

Adopting XaaS IT solutions for hybrid computing opex economies

Accessing data for business processes and analytics

But Data Protection Must Not Hinder:

Protect “de-identified” data at global scale

Transfer protected/ingested data to the cloud

Maintain real-world value, control – usability

Eliminate the need to decrypt or use live data

Solution: Use De-identified Data in the Cloud

First name: John

Last name: Smith

Company: ACME

First name: Kijx

Last name: Yöecä

Company: aICb


Compute

Data

Name SS# Credit Card #

Kwfdv Cqvzgk 161-82-1292 3712 3486 3545 1001

Veks Iounrfo 200-79-7127 5587 0856 7634 0139

Pdnme Wntob 095-52-8683 5348 9209 2367 2829

Eskfw Gzhqlv 178-17-8353 4929 4333 0934 4379

Jsfk Tbluhm 525-25-2125 4556 2545 6223 1830

Name SSN Credit Card #

James Potter 385-12-1199 3712 4567 8901 1001

Ryan Johnson 857-64-4190 5587 0806 2212 0139

Carrie Young 761-58-6733 5348 9261 0695 2829

Brent Warner 604-41-6687 4929 4358 7398 4379

Anna Berman 416-03-4226 4556 2525 1285 1830

CorporateData Center

VoltageServers

VoltageServersand / or

Name SS# Credit Card #

James Potter 385-12-1199 37123 456789 01001

Ryan Johnson 857-64-4190 5587 0806 2212 0139

Carrie Young 761-58-6733 5348 9261 0695 2829

Brent Warner 604-41-6687 4929 4358 7398 4379

Anna Berman 416-03-4226 4556 2525 1285 1830

Protect on-premises and deploy protected data to the cloud

Enable protect & access within compute workloads

Deploy Voltage Servers into AWS and Azure*

Plan for containerizationof Voltage Servers

opening up other cloud opportunities, incl. Google Cloud

SaaS data protection with Voltage SecureData Sentry

Platform Support and Design Fundamentals:Securing Cloud Workloads


SecureDataSentry

Amazon Web Services

WindowsAzure

GoogleCloud Platform

Salesforce

Microsoft Dynamics CRM

Data Protection Approaches with Voltage SecureData Sentry and Direct Integration

Database Web UI Web Application Web Service Layer

HTTP REST JDBC

SecureDataSentry

1

SecureDataSentry

2

SecureDataSentry

3

SecureDataSimple API

UDF

5

SecureDataREST API

REST

4


Integration with the Voltage SecureData Simple API

ssnfpe.protect(SSN) ssnfpe.access(SSNe)

SSN: 022-37-2773

Databases Logs, Reports, and Backups

Web Application(Java / Linux)

Web Form

SSN: 734-81-9292 SSN: 734-81-9292 SSN: 734-81-9292 SSN: 022-37-2773

Customer Service Application

(Windows .NET)

Atalla HSMs

Management Console

Key Servers


Data Protection Alternate Approach with Voltage SecureData Sentry

ssnfpe.protect(SSN)

ssnfpe.access(SSNe)

SSN: 022-37-2773

Databases Logs, Reports, and Backups

Web Application(Java / Linux)

Web Form

SSN: 734-81-9292 SSN: 734-81-9292 SSN: 734-81-9292 SSN: 022-37-2773

Customer Service Application

(Windows .NET)

SecureDataSentry

Atalla HSMs

Management Console

Key Servers


Voltage SecureData Sentry: Flows and Modes

Name: SmithSSN: 123-11-1123

Web Proxy

Native xDBC Driver

Wire Protocol

HTTP/S

HTTP/S

xDBC

REST/SOAP




Voltage SecureData Sentry: Flows and Modes


Web Proxy

Sentry xDBC Driver

Sentry Engine

Stream Content Parsing

SentryManagement Console

ICAP/S

Native xDBC Driver

SQL

Wire Protocol

HTTP/S

HTTP/S

xDBC

Voltage SecureData Sentry

Voltage SecureDataKey & Web Servers

REST/SOAP

Name: MzigdSSN: 093-34-3945

Name: °¿1°Mzigd¿°SSN: °¿1°093-34-3945¿°

Protection ModeData Access & Protection

Salesforce Protection Module

Target Variables<App X> Protection Module

<App Y> Protection Module

Simple API / REST

Deployment Plans

<App X>

<App Y>

Salesforce

Inspection ModeData Discovery

+ Developer Mode

Application Profile

Discovery Template

Protection TemplateInspection

Protection Module

Variables & Expressions

Configure Protection

Proprietary Protocol


ALM Octane

ALM/Quality Center

Salesforce Classic

Salesforce Lightning

Salesforce Health Cloud

Salesforce Financial Services Cloud

Office 365

SugarCRM

Microsoft Dynamics 365

Oracle Service Cloud

SharePoint 2013 and later

SAP Hybris Cloud4Customer

ServiceNow

Symantec Endpoint Protection Cloud

BMC Remedyforce

Nimonik

Fortinet Analyzer

And many, many more…

Supported Application Examples

Salesforce SAP Hybris Microsoft Fortinet


Voltage SecureData Sentry TechnologiesMulti-Channel Protection

Protocols and APIs:

HTTP / HTTPS

SMTP

ICAP / ICAP-S

Content:

HTML

HTML5

XML

JSON

Protection Mechanisms:

Format Preserving Encryption (FPE)

Format Preserving Hashing (FPH)

Secure Stateless Tokenization (SST)

Identity Based Signature/Encryption (AES)

...

Additional Features:

Escaping, e.g. °¿1°kHy7h¿°

Key Management:

Stateless Key Management PDF

DOCX

GZIP

XLSX

CSV

REST

SOAP

JDBC

ODBC

custom and binary protocols

SecureDataSentry


Voltage SecureData Sentry: Deployment OptionsPOC Setup

Squid Proxy is used

Proxy is configured directly in the browser

3128

Name: SmithSSN: 123-11-1123 Name: °¿1°Mzigd¿°

Ticket: #1 ProbName: °¿2°cPaj¿°Ticket: #2 Prob

Name: °¿3°Ofa3¿°Ticket: #3 Prob

Linux Server / VM

Voltage SecureDataSentryEngine

Squid Proxy

Linux Virtual Appliance

VoltageSecureDataServer

ICAP/-S

ServiceNow


Only corporate proxy is used

Use of ICAP protocol

No changes to end user browsers

Corporate proxy can perform:

request filtering

authentication handling

Corporate proxy might not be able to forward user information:

IP of workstation

userid

Voltage SecureData Sentry: Deployment OptionsCorporate Proxy

Corporate Proxy


Name: °¿2°cPaj¿°Ticket: #2 Prob


Linux Server / VM




ICAP/-S


Name: °¿1°Mzigd¿°Ticket: #1 Prob

ServiceNow

Corporate proxy may not support ICAP protocol

Corporate proxy is forwarding requests to Squid

No changes to end user browsers

Corporate proxy can perform:

request filtering

authentication handling

Corporate proxy might not be able to forward user information:

IP of workstation

userid

Voltage SecureData Sentry: Deployment OptionsProxy Chaining

Corporate Proxy


Name: °¿2°cPaj¿°Ticket: #2 Prob


Linux Server / VM


Squid Proxy




Name: °¿1°Mzigd¿°Ticket: #1 Prob

ServiceNow

Product Roadmap

2H 2018 Future Future

FutureAvailable FutureSecureData Sentry Roadmap


SecureData Sentry v3.0

ICAP proxy interception of SaaS applications

Dataflow inspection

JDBC driver interception of COTS and proprietary applications

SecureData Sentry (Marketplace & search index)

Container marketplace

Generic search index

Generic web services integration

New application support

SecureData Sentry (Governance checker)

Governance checker


SecureData Sentry (UBA & adaptive protection)

Adaptive protection profiles

User behavior analysis


SecureData Sentry

ODBC driver interception of COTS and proprietary applications

LDAP authentication/ authorization methods


SecureData Sentry (Multi-tenancy & orchestration)

MSS multi-tenancy

Container orchestration

UI integration

Workflow engine


SecureData Sentry (Container)

Basic containerization of major services

Contextual selection/ definition of protection mechanism

Autopass integration


Software product roadmaps indicate Micro Focus’ directional intention at a point in time. In an evolving environment, roadmaps are subject to change and are therefore not a commitment or representation by Micro Focus to develop, modify, market or deliver a software product, code or functionality or to meet any specific timetable. They are also confidential information and therefore not for disclosure to others or use other than for your evaluation of a business relationship with Micro Focus.

Feature Description

ODBCInterception

Similar to the existing JDBC interception functionality, adds the capability to intercept ODBC traffic. Data can now be redirected to Sentry’s own ODBC drivers (Windows, Debian) for protect and access operations between applications using the ODBC API and supported databases.

LDAP Username + Password Auth

Enables username and passwords provided to the JDBC driver by an application to be used to query an LDAP directory. This enables LDAP group membership to be used as an authorization method via JDBC.

LDAP Username + Shared Secret

Auth

Enables username provided to the proxy by an application to be used to query an LDAP directory. This enables LDAP group membership to be used as an authorization method in combination with a shared secret.


Support has been added for Micro Focus ALM/Quality Centre, and Oracle ServiceCloud.

Upgrades Integration with SimpleAPI 5.20, Flyway 5.1.1, UI internationalization (Japanese), bug fixes, etc.

Voltage SecureData Sentry – FutureThis is a rolling (up to three year) Roadmap and is subject to change without notice.



Feature Description

Basic Containerization

Dockerization of major services. Docker swarm.

Contextual protection

Define and select different Voltage protection formats via the Control UI rather than having to edit PFL

Autopassintegration

Automatic license verification.

xDBC enhancements

Addition of new SQL statement parsing to JDBC and ODBC wrappers: e.g., detecting column and table names, etc.


Office 365 Support: In scope: Dynamics, Online Office, SharePoint, OneDrive. Out of scope: Azure AD, Exchange (reason: exchange model currently complex but imminently to be simplified--so waiting on "Outlook 2019" for REST interface).

Voltage SecureData Sentry – ContainerizationThis is a rolling (up to three year) Roadmap and is subject to change without notice.



Feature Description

Container orchestration

Kubernetes integration and orchestration.

UI integration Orchestration of Sentry UI with SDA's management console for a single pane of glass.

Workflow engineEnables dual control for configuration changes. Introducing approval workflows to define access to data. Integration in customer processes. Required for user behavior analysis later.

MSS multi-tenancy

Support for managed security service model.


New templates, application profiles, and/or wrapper extensions added as required and access to application environments permit.

Voltage SecureData Sentry – Multi-Tenancy & Orchestration

This is a rolling (up to three year) Roadmap and is subject to change without notice.




Feature Description

Containermarketplace

Availability of Sentry containers in major cloud marketplaces.

Generic Search Index

Partial search enablement generally application across all cloud/SaaS apps.

Generic Web Services

integrationTBC



Voltage SecureData Sentry – Marketplace IntegrationThis is a rolling (up to three year) Roadmap and is subject to change without notice.




Feature Description

Governance checker

Check existing configurations against a set of regulations to identify potential compliance or non-compliance, i.e.: protection of PII for GDPR requires a set of fields to be protected



Voltage SecureData Sentry – Governance CheckerThis is a rolling (up to three year) Roadmap and is subject to change without notice.




Feature Description

Adaptive protection

profiles

Application independent. Identification of certain content independent of target application and protect based on customer policy. E.g., if policy is to protect CCN. Independent of the application, detect CCNs and protect.

User behavior analysis

Based on log information, a baseline analysis on user behavior. Ability to alert when threshold values are achieved. E.g., a sales rep downloads ~10 contacts per week from SFDC. When he leaves, he downloads 100s of them—anomaly that can be detected, reported, blocked, etc.



Voltage SecureData Sentry – UA & Adaptive ProtectionThis is a rolling (up to three year) Roadmap and is subject to change without notice.




Thank You.



Insight into Critical Data Usage Using SecureData with Enhanced DCAP Support

Reiner Kappenberger

DCAP – Data Centric Audit and Protection (Gartner Term)

SecureData covers:

Data Centric

Protection

SecureData improvements

Audit


Thank You.



Unstructured Data Protection with Covertix, the Latest Addition to the Data Security PortfolioKevin McLeod

Micro Focus acquisition

In development since 2009

Based in Israel

Available on the market since 2014, mainly in EU and EMEA

Highly inclusive patent around transparent data protection and end user access control

Complementary product to Voltage SecureMail and SecureData

Part of the Voltage data security pillar within Micro Focus

Available to transact deals late September

Some major accounts already on board (mainly in EMEA & UK)

UK government account with 220K licenses

London and US based financial account with 2000 licenses and expansion options

Microprocessor firm in the Netherlands with 5000 licenses

What is Covertix?


Unstructured data management solution

Discovery (initial and continuous)

Classification (initial and continuous)

Data Protection (encryption)

Monitoring (open, edit, save, cut/paste, print, send, etc.)

Access Control (by whom, to what and in which ways they interact)

Reporting and Audit (general and regulatory-specific, such as GDPR, SIEM, etc.)

Alerts (centralized SOC based and department-specific)

3rd party collaboration

Covers all data movement and usage use cases (Consider that the controls you have on your internal network are not necessarily in use or available everywhere your data is used) including email (Outlook)

POLICY DRIVEN

Covertix – Feature Overview


Industry Standard & Phrases (where we stand)


Covertix offers complete control and protection of files when shared with internal and external parties.

Covertix offers monitoring & tracking of files at any location including within the cloud.

Covertix offers automatic classification and protection of files based on defined policies.

Covertix runs without affecting business continuity or user behavior.

IRM: Information rights management - is a subset of digital rights management (DRM) technologies that protect sensitive information from unauthorized access. It is sometimes referred to as E-DRM or Enterprise Digital Rights Management.

DLP: Data loss prevention - is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network. The term is also used to describe software products that enable a network administrator to control what data end users can transfer.

Data-centric security: is an approach to security that emphasizes the security of the data itself rather than the security of networks, servers, or applications.

Transparent File Encryption: is a method to protect a file, but allows the file to appear normal to users and applications that have the access rights to interact with the file.

Covertix controls and protects files by encapsulating a file with encryption and attaching a pre-defined policy into a single entity.

We will refer to the “encapsulated file and policy”, as a protected file.

Each protected file is encrypted with AES256 standard encryption in order to prevent unauthorized access to the file, or its policy.

Violations (unauthorized actions) can occur when a user tries to perform an action on a file to which they do not have rights.

Violations and controls are recorded in the database.

Control and Protection


Examples of violations include:

An unauthorized user attempts to open a protected file.

A user attempts to send a file to an external parties which is prevented by a policy.

An user opens a protected file to which they have read rights, but then attempts to perform an unauthorized action like print, copy, save as, etc.

Authorized actions are also recorded in the database, in order to control the files and user actions.

Example of controls:

A user opens a protected file to which he has rights

A user, with send rights to a protected file, sends the file to an external party

A user, with appropriate rights, opens a protected file and performs authorized actions like print, copy, save as, etc.

Block operations such as cut & paste

Notify and block unauthorized attachments and body content in email

Scan specified types of documents for certain types of content such as PII, PCI, PHI, etc. and then notify the user notify and block the operation, or notify the user and allow an exception. (BIG DEAL)

Control and Protection


Covertix applies policies based on a number of factors, including but not limited to, AD security groups, users, authors, content, location, etc. Policies can be associated with classifications and are applied as follows:

Crawler tasks discover, classify and protect existing terabytes of unstructured data that exist within the enterprise.

Enterprise enforced polices are applied whenever a threshold is met or an action is taken on the file. This applies the classification and polies without the user’s interaction or request. It is performed automatically.

User interaction allows the user to apply a classification and policy to the file manually.

The Covertix classification feature allows an enterprise to organize their data into categories, and then encrypt and report on the data based on those categories. Classification allows for an easy and efficient use of storage and retrieval of the data. This can be of particular importance for risk management, legal discovery and compliance personnel within the organization

Policies and Classification


Three Modes of Operation/Protection


Discovery File operations are monitored and

reported.

All actions performed on the file will display in the Reports window.

Files are not encrypted or protected in this mode.

Simulate File operations are monitored and

reported.

All actions performed on the file will display in the Reports window.

Files are not encrypted or protected in this mode.

Any violation of a policy by a user is displayed in the Alerts window and is reported but not blocked. This mode allows you to simulate new policies without interfering with normal workflow.

Active File operations are monitored and

reported.

All actions performed on a file displays in the Reports window.

Files are encrypted and protected.

Any violation of the policy is displayed in the Alerts window and is reported.

The user is blocked from performing activities on the file as defined by the appropriate rules.

Covertix supports content policies - I.e. a policy which is triggered (or not) according to the content within a file. Supported content file types include files created within Microsoft Office, PDFs, and any 3rd party application with an Ifilter*.

Content rules are based on dictionaries and/or regular expressions. Existing dictionaries can be edited or new ones can be created.

Combining content policies with a crawler allows customers to automatically discover sensitive data on the network and perform security actions on that data.

Support for Content Policies – Discovering Sensitive Data


* IFilter is a plugin that allows Microsoft's search engines to index various file formats (such as documents, email attachments, database records, audio metadata, etc.) so that files are searchable.

Covertix’s SmartCipher Solution has the unique ability to crawl, identify and protect gigabytes and terabytes of data stored on dozens of file servers, network-attached storage devices, and Cloud service providers such as Dropbox, OneDrive and Google Drive.

SmartCipher’s Crawler is an agent-based task that uses ifilters to open documents stored in any shared file storage location.

SmartCipher’s rules are robust and granular, and can use regular expressions and/or dictionary words, and/or can search by author, department, location.

Within the rules, thresholds can be set. Once a threshold is met, the engine will apply a classification and policy to the data, thereby protecting what matters most to an organization.

Crawler


SMTP (email) alerts – Covertix alerts users and admins when any defined violation occurs. For example, an alert can be created to notify a CFO of an high-tech company by email when anyone opens a highly sensitive pre-IPO file. Or, a doctor can be notified when anyone opens a sensitive patient file.

Syslog alerts – (a collection log from 3rd party loggers)Many companies use a logging server to collect logs from numerous applications and send alerts when a specified threshold is reached. Covertix supports syslog alerts by generating and sending a log file to a specified external 3rd party server. This log can then be modified by the admin user according to his syslog application. In further support of this, deeper integration with ArcSight is under consideration.

Alert Capabilities


Monitoring and TrackingMonitor and track files based on 22 different OS and application actions


Start Drag

Print Screen

File Copy

File Delete

File Move

File Rename

File Save

File Save As

Outlook Task Send

Outlook Task Received

Drop from Outlook

Drop

Open

Print

Copy/Cut Content

Paste Content

Email Send

Email Received

Outlook Meeting Request Send

Outlook Meeting Request Received

Covertix has an extensive report generator which simplifies analysis of user data in order to obtain a secure and monitored environment.

Reports are customizable and can be configured to meet any needs, regulatory or otherwise.

The Covertix Dashboard allows an administrator to keep a hand on the pulse and react to any violation or trend in real time.

Reporting and Dashboard


CyberArk integration allows a bank to share documents through CyberArk vault, but ensures that the consumption of these documents outside of the organization (outside CyberArk Vault) is audited and controlled via the Covertix solution.

Dropbox integration allow customers who use Dropbox file sharing to protect automatically uploaded files and manage file uses whenever the file travel outside the premises.

Varonis integration with Covertix provides customers the following feature to add to their solution:

Protection of sensitive data in motion and at rest inside and external to the organization

IRM (Information Rights Management) control on sensitive data

Audit trail for data after it’s left the organization

Secured view of files and documents by external parties

3rd Party Integration


Thank You.



Expanding Secure Communication Beyond Your Network using SecureMail

July 2018

Anthony Knight, Global Product Manager

© 2018 Micro Focus Private | Confidential | Internal Use OnlyMicro Focus Confidential

Enables the user to read and send encrypted email

Download from the App Store and Google Play

SecureMail Mobile


Enables the user to read and send encrypted email

Download from the App Store and Google Play

SecureMail Mobile

Micro Focus ConfidentialMicro Focus Confidential

Removed app passcode – now uses device passcode

Improved internationalization – incl. language support

Preview Microsoft files – within the app

iPhone 10 support – incl. UI enhancements

Improved attachment support – for any file format

Extended support for attachments – incl. files from cloud storage including iCloud, OneDrive, Google Drive, Dropbox etc.

SecureMail Mobile iOS App – Feature Overview


Preview attachment – while composing a secure message

New instruction tutorial – to improve usability for 1st time users

External file support – from file app, tap sharing icon to add as an attachment with Voltage SecureMail

Face ID/Touch ID authentication – add’l layer of security, can be toggled on or off as needed

SecureMail Mobile iOS App – Feature Overview


Add attachments from camera

Designate recipients

Attach additional file types – incl. .pdf, .doc, .xml, .html from Google drive, Dropbox etc.

Open and add files from cloud apps – to Voltage SecureMail(from external and cloud storage)

SecureMail Mobile Android App – Feature Overview


DEMO – SecureMail Mobile

End User DLP – on device

Covertix integration

Simplified user onboarding

Push notifications – to iWatch, etc.

Apple Watch integration

OWA

SecureMail Mobile App – Future Plans




Thank You.


micro focus presentation template · 2018-10-08 · phase 1: aws (sda 6.4) aws ami aws kms...

Documents