seclore file secure introduction brief

51
Introduction and presentation to CEVA Logistics &

Upload: novaccent

Post on 28-May-2015

795 views

Category:

Documents


2 download

DESCRIPTION

Basis presentatie van Seclore filesecure

TRANSCRIPT

Page 1: Seclore File Secure Introduction   Brief

Introduction and presentation to CEVA Logistics

&

Page 2: Seclore File Secure Introduction   Brief

About …About …

Seclore is a high growth information security product company focused on providing Security without compromising collaboration

Seclore’s flagship product Seclore FileSecure is used by More than 1.5 million users & some of the largest enterprises

Page 3: Seclore File Secure Introduction   Brief

TELEMARKETER

Information exchange in the collaborative world

Information is exchanged between Employees of the organisation

Enterprise

CUSTOMERS

VENDORS

Information is exchanged between employees & vendors & employees & customers

Competitors

What happens if an employee with privileged access leaves to join a competitor ?What happens if information shared with a vendor is lost by the vendor ?

VPN

SSL

UTM

Firewall

Firewalls

Page 4: Seclore File Secure Introduction   Brief

Underlying Issues

Share it = It becomes his (also)Ownership and usage cannot be separated

Shared once = Shared foreverImpossible to “recall” information

Out of the enterprise = Free for allTechnology & processes are only applicable within

Page 5: Seclore File Secure Introduction   Brief

Options for securing unstructured information

Option 1 : Control Distribution

. . .

Security Collaboration

Page 6: Seclore File Secure Introduction   Brief

Options for securing unstructured information

Option 2 : Control Usage

. . .

Security Collaboration

RightLocation

RightTime

RightAction

RightPerson

Page 7: Seclore File Secure Introduction   Brief

• WHO can use the information

People & groups within and outside of the organization can be defined as rightful users of the information

• WHAT can each person doIndividual actions like reading, editing, printing,

distributing, copy-pasting, screen grabbing etc. can be controlled

• WHEN can he use itInformation usage can be time based e.g. can

only be used by Mr. A till 28th Sept OR only for the 2 days

• WHERE can he use it fromInformation can be linked to locations e.g. only

3rd floor office by private/public IP addresses

Seclore FileSecure allow enterprises to define, implement & audit information usage “policies”. A “policy” defines :

Seclore FileSecure

Page 8: Seclore File Secure Introduction   Brief

Information Rights Management

Policies are• Persistent : Policies are implemented on information and all

its copies wherever they are transmitted or stored• Dynamic : Policies can be changed without having access to

or redistributing the information• Monitored : Policy changes can be monitored

User actions are• Monitored : Individual actions ( authorized AND

unauthorized ) like viewing, editing, printing etc. are monitored and centrally available in a reporting tool

Page 9: Seclore File Secure Introduction   Brief

Maya’sComputer

Information creation

Page 10: Seclore File Secure Introduction   Brief

Maya’sComputer

Manual policy assignment

Page 11: Seclore File Secure Introduction   Brief

Policy definition – WHO, WHAT

Page 12: Seclore File Secure Introduction   Brief

Policy definition – WHEN, WHERE

Page 13: Seclore File Secure Introduction   Brief

Owner of Document protects the file

Maya’sComputer

Manual protection

Page 14: Seclore File Secure Introduction   Brief

Maya’sComputer

Manual policy assignment

Page 15: Seclore File Secure Introduction   Brief

Hot Folder protection

Page 16: Seclore File Secure Introduction   Brief

Sharepoint upload

Page 17: Seclore File Secure Introduction   Brief

FileNet upload

Page 18: Seclore File Secure Introduction   Brief

Email send

Page 19: Seclore File Secure Introduction   Brief

Email send

Page 20: Seclore File Secure Introduction   Brief

Other options of applying policies

• Download of reports from transactional systems like ERP systems

• Extraction from business intelligence and reporting tools

• “Discovery” by E-discovery and content aware DLP systems– Pattern recognition– Owner and format recognition

• ...

Page 21: Seclore File Secure Introduction   Brief

Policy controlled information

Page 22: Seclore File Secure Introduction   Brief

organization

Collaboration

RightLocation

RightTime

RightAction

RightPerson

Page 23: Seclore File Secure Introduction   Brief

Research Dept.Research Dept.

Maya Research Associate

NealResearch Associate

Head Research

Collaboration - within

Page 24: Seclore File Secure Introduction   Brief

Neal’sComputer

Recipient – within the enterprise

Page 25: Seclore File Secure Introduction   Brief

Neal’sComputer

Rights display

Page 26: Seclore File Secure Introduction   Brief

After a user “accepts” the policy is when the actual content is shown to him/her

Neal’sComputer

Unauthorized print

Page 27: Seclore File Secure Introduction   Brief

Neal’sComputer

Unauthorized print

Page 28: Seclore File Secure Introduction   Brief

Neal’sComputer

Unauthorized copy

Page 29: Seclore File Secure Introduction   Brief

Neal’sComputer

Unauthorized copy

Page 30: Seclore File Secure Introduction   Brief

Neal’sComputer

Unauthorized screen grab

Page 31: Seclore File Secure Introduction   Brief

One more users receives File

Head ResearchComputer

Recipient – within the enterprise

Page 32: Seclore File Secure Introduction   Brief

This user has full control of document

Head ResearchComputer

Rights display

Page 33: Seclore File Secure Introduction   Brief

Policy admin

Research Dept.Research Dept.

Maya Research Associate

NealResearch Associate

Head Research

Head - Marketing

Head - Finance

Head - Legal

External reviewer

Head Research Distributes files to other Internal Employees and External Users

Collaboration - outside

Page 34: Seclore File Secure Introduction   Brief

External user identity management

Page 35: Seclore File Secure Introduction   Brief

External Reviewer's Computer

Recipient - outside

Page 36: Seclore File Secure Introduction   Brief

External Reviewer's Computer

Explicit authentication

Page 37: Seclore File Secure Introduction   Brief

External Reviewer's Computer

Unauthorized save

Page 38: Seclore File Secure Introduction   Brief

External Reviewer's Computer

Unauthorized save

Page 39: Seclore File Secure Introduction   Brief

Maya's Computer

Information audit

Page 40: Seclore File Secure Introduction   Brief

Maya's Computer

Information audit

Page 41: Seclore File Secure Introduction   Brief

Maya's Computer

Forensics

Page 42: Seclore File Secure Introduction   Brief

Owner (Maya) Redistributes the File with New Policy

Maya’sComputer

Page 43: Seclore File Secure Introduction   Brief

Old Policy Definition

Maya's Computer

Old policy

Page 44: Seclore File Secure Introduction   Brief

Old Policy Definition

Internal Users

External Users

Old policy

Page 45: Seclore File Secure Introduction   Brief

New Policy definition

Maya's Computer

New policy

Page 46: Seclore File Secure Introduction   Brief

Internal Users

New policy

Page 47: Seclore File Secure Introduction   Brief

External Reviewer Still has a file on his desktop

External Reviewer's Computer

Orphaned copies of information

Page 48: Seclore File Secure Introduction   Brief

External Reviewer's Computer

Policy control message

Page 49: Seclore File Secure Introduction   Brief

External Reviewer's Computer

The default disclaimer

Page 50: Seclore File Secure Introduction   Brief

Key criteria in evaluating IRM for Ceva

Format and application support

Integration-friendliness around existing IT infrastructureIdentity systemsTransactions systemsReporting and BI toolsECM systems

Auditing capabilities

External user identity management

Mature policy management and consulting services

Licensing modelUser based / Protector based

Page 51: Seclore File Secure Introduction   Brief

Thank You

Website : www.seclore.com

Blog : blog.seclore.com Phone : +91-22-4015-

5252