Data security is a never-ending challenge. On one hand, organizations are required to keep up with regulations and protect intellectual property from targeted attacks and accidental exposure. On the other, they must adapt to macro movements, such as the adoption of cloud applications, hybrid cloud environments and BYOD (Bring your own device trends), all of which increase the ways data can leave your organization.
This expanding attack surface poses the most significant challenge to protecting critical data. Data security teams take the seemingly logical approach to chase data: find it, catalogue it and control it. Yet this traditional approach to data loss prevention is no longer effective because it ignores the biggest variable in data security — your people.
The ‘human factor’ has been recognized as the weakest link in creating safe and secure digital environments – but human intuition may also be the solution to dealing with many cyber threats. The key is to gain visibility into user interactions with data and applications. Once this is achieved, you can apply a level of control based on the specific user’s risk and the sensitivity or value of the data.
DLP (Data Loss Prevention) solutions
Forcepoint DLP addresses human-centric risk with visibility and control everywhere your people work and everywhere your data resides. Security teams apply user-risk scoring to focus on the events that matter most and to accelerate compliance with global data regulations.
*How DLP is able to recognize the information?
Forcepoint DLP protects organizations from data loss by:
– Monitoring data as it travels inside or outside the organization
– Protecting data while it is being manipulated in office applications, with policy-based controls that align with business processes
– Identifying and ranking high-risk incidents to help prevent or remediate data loss and data theft
*Incident Risk Ranking
Forcepoint DLP has the following main components:
– The management server is a Windows- based machine that hosts the Forcepoint Security Manager and Forcepoint DLP software.
– The management server provides the core information loss technology, capturing fingerprints, applying policies, and storing incident forensics. A deployment can include multiple Forcepoint DLP servers to share the analysis load, but there is only one management server.
– A policy engine resides on all Forcepoint DLP servers, Web Content Gateway servers, and Forcepoint Email Security appliances. Policy engines are also integrated with Windows, Mac OS X, and Linux endpoints running Forcepoint DLP Endpoint.
– The policy engine is responsible for parsing data and using analytics to compare it to the rules in policies.
– The analytics engine resides on a 64-bit Linux machine. It is used to identify potentially risky incidents, rank them with similar activity, and assign them a risk score.
– The policy database is a repository for Forcepoint DLP policies. For optimal performance, it is stored locally on each server (like the fingerprint database).
Contact us for a presentation of Forcepoint DLP!