Firewall with Context based Data Leak Prevention and Cloud Application Security

DLP

 

Security Challenges of Businesses - Data Leak a major concern

Data volume has been growing exponentially, dramatically increasing opportunities for theft and accidental disclosure of sensitive information. By 2020 the digital universe — the data we create and copy annually — will reach 44 zettabytes, or 44 trillion gigabytes. This reality, along with increases in the portability of data, employee mobility and penalties for failing to comply with strict data protection regulations such as the EU GDPR and New York Cybersecurity Requirements raise the question: “What more can organizations do to protect themselves and their stakeholders?” An integral part of the answer is data leak prevention (DLP).

DLP identifies, monitors and protects the data in motion on your network through deep content inspection and a contextual security analysis of transactions, DLP systems act as enforcers of data security policies. They provide a centralized management framework designed to detect and prevent the unauthorized use and transmission of your confidential information. DLP protects against mistakes that lead to data leaks and intentional misuse by insiders, as well as external attacks on your information infrastructure.

GajShield gives you 10 concrete reasons on why DLP is extremely important for your Business-

  • Your company has a plan for protecting data from external intruders, but no protection against theft and accidental disclosure of sensitive information by employees and partners. 
    Since not all data loss is the result of external, malicious attacks. The inadvertent disclosure or mishandling of confidential data by internal employees is a significant factor. DLP can detect files that contains confidential information and prevent them from leaving via the network.
  • You are concerned about the liability, negative exposure, fines and lost revenue associated with data breaches.
    Data breaches have been making headlines with alarming frequency. They can wreak havoc on an organization’s bottom line through fines, bad publicity, loss of strategic customers and legal action. Verizon's 2016 Data Breach Investigations Report found that in 93 percent of cases where data was stolen, systems were compromised in minutes or less. Organizations, meanwhile, took weeks or more to discover that a breach had even occurred — and it was typically customers or law enforcement that sounded the alarm, not their own security measures.
  • You are concerned about your next audit and want to maintain compliance with complex regulations.
    More than 60 countries have enacted data protection laws that require organizations in both the public and private sectors to safeguard sensitive information. Technology controls are becoming necessary to achieve compliance in certain areas. DLP provides these controls, as well as policy templates and maps that address specific requirements, automate compliance, and enable the collection and reporting of metrics.
  • You need to protect proprietary information against security threats caused by enhanced employee mobility and new communication channels.
    Many employees are turning to social networking, IMs and other Web 2.0 applications to keep up with consumer trends. DLP helps to prevent the accidental exposure of confidential information across these unsecure lines of communication while at the same time keeping them open for appropriate uses. With the proliferation of mobile devices and employees working remotely, corporate data increasingly resides both in and outside of the organization. Wherever data is in transit, DLP can monitor it and significantly reduce the risk of data loss.
  • You would like to monitor your organization for inappropriate employee conduct and maintain forensic data of security events as evidence.
    Insiders represent a significant risk to data security. An employee who emails a work-related document to his personal account in order to work over the weekend may have good intentions. However, he/ she poses a tremendous threat to the organization when there is confidential data involved. DLP technology offers 360-degree monitoring that includes email (both corporate accounts and webmail), instant messages and software applications used. It also allows you to capture and archive evidence of incidents for forensic analysis. For example, by setting up simple policies, we can block a certain keywords. If in an organization, keywords like “tenders”, “Quotation” are blocked, then users won’t be allowed to send mails or documents and attachments consisting of these words.
  • You are uncertain of your organization’s level of protection for confidential data in cloud applications and storage.
    Large amounts of data have been moved to applications in the cloud. Protecting sensitive information in virtual and cloud models is critical. Cloud Applications or SaaS carries a unique challenge to an organisation. These applications are often managed by different corporate staff. Lack of control over these applications can prove fatal. As cloud models evolve, business units must master a succession of new processes and products. Focus and attention need to now shift to practices in cloud control which will help an organisation to achieve security even on applications which are not under their control. Data Leak Prevention and Cloud Security Broker Architecture (CASB) provide a significant tool allowing organisations to control and secure SaaS applications. 
  • You would like to gain a competitive advantage, in both brand value and reputation.
    When organizations fail to take the necessary steps to identify sensitive data and protect it from loss or misuse, they are risking their ability to compete. Whether it’s a targeted attack or an inadvertent mistake, confidential data loss can diminish a company’s brand, reduce shareholder value, and irreparably damage the company’s reputation. DLP facilitates the protection of valuable trade secrets and other vital intelligence, and helps to prevent the negative publicity and loss of customers that inevitably follow data breaches.

Why is Data Leak a Concern? This is what customers are telling us about Data Leaks.

  • Loss of Sensitive Information - "I don’t know how we can control data from being sent in email or uploaded to the Web."
  • Inadvertent Misuse -  "Most of our policy violations and information breaches are accidental!"
  • Collaboration Risk - "I think some of my employees are posting and sharing confidential information on Social Networking Site like Facebook."
  • Context Sensitive - “My current Data Leak Prevention System causes a lots of false positive and block data as it is unable to understand the Web application.”
  • In-depth Visibility - "Need in-depth visibility on the sensitive data that my employees are uploading. Would be wonderful, if it could give this information in a readable format."
  • Data Leak outside Network Perimeter - "What happens when my employees carry their laptop while travelling. Need to control and prevent leaks even when they are out of office.”

Data Leak Statistics

DLP graph 

  • More than 68% of data leak happens through Web and Email
  • GajShield unique patent pending ‘Context Sensitive Data Leak Prevention’ help prevent data leak
GajShield’s Next Generation Firewall Context based Data Leak Prevention enables to control and mitigate leak of information:

GajShield’s context based Data Leak Prevention system understand web application / cloud applications by creating context which helps an enterprise to setup policies based on the web application instead of IPs, Usernames which have no relevance to the above application. GajShield has been providing cloud security and data leak features on its range of security appliances since 2008. GajShield mature technology in its firewalls provides visibility to the cloud applications used by an enterprise and also by managing and controlling these applications.

For Example

  • You can create policies based on the ‘From’, ‘To’, ‘Subject’, ‘Email Data’, ‘Attachments’ of email applications.
  • Reduces false positives with greater control over data leaks.
  • Provides better data leak prevention than simple regex matching.

Limit access to Internet Web / Cloud Applications

Enterprise need access to Social Media applications like Facebook to grow their business as it provides a wonderful marketing tool to reach out to its existing or future customers. Providing access to Facebook can also lead to leaking information, intentionally or un-intentionally. Similarly, access to applications like Twitter, Gmail, Yahoo Mail is also required in this connected world.

With the help of GajShield Data Leak Prevention System along with its CASB (Cloud Access Security Broker) module, you can now setup policies to limit the access of these applications based on authorised users of these application who have been given access by your organization. For example, you can restrict your corporate yahoo id to login to yahoo. All other ids will be blocked. Personal usage, even if the user is allowed to access yahoo, will be blocked. Similar policies can be setup even on Social Media sites. 

GajShield Firewall's Data Leak Prevention allows enterprise user to access to rich Web application without compromising security. 

DLP mail

GajShield Firewall's Data Leak Prevention and CASB features

  • Giving visibility on the applications used and not just the ports or protocols.
  • Monitor and block files being uploaded on the internet with details of the application used and the user who used to upload this file.
  • Monitor IM & Web chats and block content, if data leak is suspected.
  • Policies can be set based on users, groups. Also based on the application context.
  • Schedule DLP policies, for example, you may want to allow certain files after a particular time when this information becomes public.
  • Get detailed information of outbound data going on internet.
  • In-depth reporting of data moving out of network.
  • No agent installation required for DLP on PC’s.
  • Easy to manage & monitor logs.
  • Complete visibility of data going through encrypted HTTPS traffic.
  • Generic web traffic can also be blocked, allowed & logged.
  • Powerful DLP Engine sense data on filters set in DLP polices for a granular analysis.
  • DLP & UTM on a single appliance, which makes it cost effective.
  • Identifies Who is accessing Which application and What content is being sent out.
  • Monitor & Block unwanted applications like P2P, Open proxies – to reduce the chance of information leak.
  • Easy to configure and integrated into single firewall policy window.
  • Standard data leak templates provided to quick setup your DLP feature on GajShield firewall.
  • Inspects and helps monitor and control applications like G-Suite, Gmail, Yahoo, Rediff, Office 365, Sify, Google Drive, 4shared, Sky drive, one drive, drop box, media fire, box, facebook wall-message-forumpost-comment-note-event, WebChat: msn, yahoo, gmail, orkut, facebook, IM-chat: yahoo, jabber, msn, gadu-chat and others

To summarize it all, GajShield’s DLP also incorporates key features likes setting policies to monitor/block data leaks via Email, File upload and chat, Context based detection and prevention of data leaks, monitoring and management of protocols of SaaS applications like Google, office 365, Yahoo, Rediff, Facebook, etc., split proofing, scan for data leaks, user based policy control, control over HTTP, HTTPS, SMTP, IMs, in-depth reporting of data moving out of network with real time alerts and monitoring, protection of company sensitive information like sales data, pricing information or intellectual property, increased regulatory compliance- HIPAA, GLBA, PCI or SOX and also provides global visibility through comprehensive and flexible reporting. 

FAQs

  • Can I block personal email logins and allow only corporate login using DLP in my organization?
    Answer: Yes, using GajShield’s DLP, you can set policies wherein a user is allowed only corporate logins and personal login attempts will be blocked
  • I want to provide just read only access for the web mail where users should not be able to send any mails out. Can DLP do that?
    Answer: DLP enables security managers to set policies to allow read only access to corporate emails/social networking.
  • I want to block all the mails that are not “cc”ed to Head of the department. Can DLP do that?
    Answer: You can setup policies based on “From”, “to”, “cc”, “bcc”, subject of gmail and other such Cloud applications. GajShield also provides BYOD(device) and UserSense(user) information.
  • Can I restrict the file format to allow only document files to be sent?
    Answer: Using DLP, one can easily set restrictions on the type of file that should be allowed to be sent. If any restricted file is sent, a notification is sent to the administrator with complete visibility of the file being sent.
  • Can I monitor my employees Facebook chats and comments?
    Answer: Not just Facebook chats or comments but DLP also provides a global visibility through comprehensive and flexible reporting.
  • Can I set a limit on the size of attachments that are sent out from my network?
    Answer: Yes, DLP does very much allow you to set a cap on the size of attachments that are attached or are been sent out.
  • Does GajShield DLP inspect SSL traffic for Web and Email traffic?
    Answer: Yes, GajShield inspects the SSL traffic for both Web and Email (SMTP SSL/TLS & STARTTLS)
  • Can GajShield DLP block file uploads to DropBox?
    Answer: Yes, using policies, GajShield’s DLP can effectively block file uploads to DropBox.