Data Leak Prevention

A Unique Context-Based Network Data Leak Prevention

The Data Leak Prevention Solution is an integral part of the Data Security Firewall and acts as a core solution that helps prevent data leak through various platforms. The Data Leak Prevention Solution integrated within the Data Security Firewall identifies, monitors, logs and prevents misuse and exploitation of the data when transferred from your organizational network through deep content inspection and a contextual security analysis of transactions, DLP systems act as enforcers of data security policies. They provide a centralized management framework designed to detect and prevent the unauthorized use and transmission of your confidential information. DLP protects against mistakes that lead to data leaks and intentional misuse by insiders, as well as external attacks on your information infrastructure.

 

Features of GajShield Gateway DLP:

  • Protect Business-Critical Data.
  • Protects Data in Motion.
  • Protect from Intentional and unintentional Data Leak.
  • Prevent IT Shadow
  • Agentless solution

Prevent Sensitive Data Leak

Advantages:

  • Deep inspection of application data:

Deep dive a layer into applications by using deep inspection and contextual intelligence engine to create data context, beyond just the application contexts. For better, deeper information visibility and better security. It can prevent data leak based on contextual parameter on both application and data level like restricting ‘From’, ‘To’, ‘Subject’, ‘Email Data’, ‘Attachments’ etc. in email applications and other parameters for various other SaaS Applications.

  • Control Data inflow and outflow:

Gain complete control over what goes and comes into your network. Now set policies to allow or block certain content to be sent out or downloaded of the network to control the inflow and outflow of the data.

  • Context-sensitive data leak prevention

Using contextual intelligence, now you can define data leak prevention policies based on textual content inside the file. The DLP can block file based on textual content it carries. For example, If in an organization, keywords like “tenders”, “Quotation” are blocked, the users will be restricted to send emails or documents and attachments consisting of these keywords words. The Deep Packet Inspection inspects the file content attached to a mail, being uploaded to a file-sharing application, file sharing application, social media etc.

  • Block Allow Data type, file extension, file content and more.

Explore the possibilities of blocking and allowing file type that can be downloaded or uploaded using the Data Leak Prevention solution that has the capability to identify the file type and its extension.

  • Prevent Data Leak on SaaS Applications.

GajShield’s CASB (Cloud Access Security Broker) works on a proactive detection model to ensures that all the communication between the on-premise device and cloud application provider complies with the organization’s security policies. It uses information from the Contextual Intelligence Engine, check for compliance with Data Leak Prevention Policies to detect and take necessary action against an unsanctioned use.

  • Control and Secured Entry Point for advanced security

A Roaming user, once out of the office environment is a major source for a data leak when not under the organization's network. Combining enterprise cloud, the organization can now enforce all communication to be routed through the HO firewall so as to protect from any intentional or unintentional data leak.

  • Restrict Personal Use:

Now monitor and control the use of all non-business application and increase productivity. The Data Leak Prevention allows setting of policies to restrict the use of personal email and social media ID and allow only corporate logins. This looks beyond the traditional approach of blocking website and allows the use of useful applications and social media while controlling the use of it with complete visibility.

 

UPLOAD LOGS

 

MAIL LOGS

 

SOCIAL MEDIA LOGS

 

Why is Data Leak a Concern? This is what customers are telling us about Data Leaks.

  • Loss of Sensitive Information - "I don’t know how we can control data from being sent in email or uploaded to the Web."
  • Inadvertent Misuse - “Most of our policy violations and information breaches are accidental!"
  • Collaboration Risk - "I think some of my employees are posting and sharing confidential information on Social Networking Site like Facebook."
  • Context-Sensitive - “My current Data Leak Prevention System causes a lot of false-positive and block data as it is unable to understand the Web application.”
  • In-depth Visibility - "Need in-depth visibility on the sensitive data that my employees are uploading. Would be wonderful, if it could give this information in a readable format."
  • Data Leak outside Network Perimeter - "What happens when my employees carry their laptop while travelling. Need to control and prevent leaks even when they are out of office.”

 

Data Leak Statistics

 More than 68% of data leak happens through Web and Email and GajShield unique ‘Context Sensitive Data Leak Prevention’ help prevent data leak through these channels.

GajShield’s Data Security Firewall Context based Data Leak Prevention enables to control and mitigate leak of information:

GajShield’s context-based Data Leak Prevention system understands web application/cloud applications by creating context which helps an enterprise to set up policies based on the web application instead of IPs, Usernames which have no relevance to the above application. GajShield firewalls provides visibility to the cloud applications used by an enterprise and also by managing and controlling these applications

 

 

GajShield Firewall's Data Leak Prevention and CASB features:

  • Detection and Prevention of data leaks
  • visibility on the applications used and not just the ports or protocols.
  • Monitor and block files being uploaded on the internet with details of the application used and the user who used to upload this file.
  • Set policies to monitor/block data leaks via Email, File upload and Chats.
  • Set policies to allow read only access to corporate email/social networking.
  • Monitor IM & Web chats and block content.
  • Set policies based on users, groups.
  • Set policies based on application context.
  • Schedule DLP policies, for example, you may want to allow certain files after a particular time when this information becomes public.
  • Get detailed information of outgoing data on internet from your network.
  • Detailed Data Upload/Download Logs, File sharing, email and social media logs
  • Complete visibility of data going through encrypted HTTPS traffic.
  • Powerful DLP Engine sense data on filters set in DLP polices for a granular analysis.
  • Economical cost of ownership.
  • Monitor & Block unwanted applications like P2P, Open proxies.
  • Easy to configure and integrated into single firewall policy window.
  • Standard data leak templates provided to quick setup your DLP feature on GajShield firewall.
  • Inspects and helps monitor and control applications like G-Suite, Gmail, Yahoo, Rediff, Office 365, Sify, Google Drive, 4shared, Sky drive, one drive, drop box, media fire, box, facebook wall-message-forum post-comment-note-event, WebChat: msn, yahoo, gmail, facebook, IM-chat: yahoo, jabber, msn, gadu-chat and others.

FAQs

Question: Can I block personal email logins and allow only corporate login using DLP in my organization?
Answer: Yes, using GajShield’s DLP, you can set policies wherein a user is allowed only corporate logins and personal login attempts will be blocked

Question: I want to provide just read only access for the web mail where users should not be able to send any mails out. Can DLP do that?
Answer: DLP enables security managers to set policies to allow read only access to corporate emails/social networking.

Question: I want to block all the mails that are not “cc”ed to Head of the department. Can DLP do that?
Answer: You can setup policies based on “From”, “to”, “cc”, “bcc”, subject of gmail and other such Cloud applications. GajShield also provides BYOD (device) and UserSense(user) information.

Question: Can I restrict the file format to allow only document files to be sent?
Answer: Using DLP, one can easily set restrictions on the type of file that should be allowed to be sent. If any restricted file is sent, a notification is sent to the administrator with complete visibility of the file being sent.

Question: Can I monitor my employees Facebook chats and comments?
Answer: Not just Facebook chats or comments but DLP also provides a global visibility through comprehensive and flexible reporting.

Question: Can I set a limit on the size of attachments that are sent out from my network?
Answer: Yes, DLP does very much allow you to set a cap on the size of attachments that are attached or are been sent out.

Question: Does GajShield DLP inspect SSL traffic for Web and Email traffic?
Answer: Yes, GajShield inspects the SSL traffic for both Web and Email (SMTP SSL/TLS & STARTTLS)

Question: Can GajShield DLP block file uploads to DropBox/GDrive?
Answer: Yes, using policies, GajShield’s DLP can effectively block file uploads to DropBox/GDrive and other such applications.

 Download Brochure

 

Get In Touch With Us

Subscribe to our Newsletter

Stay Connected

2020 © GajShield Infotech (I) Pvt. Ltd. All rights reserved.