Data Leak Prevention

Introduction

Nowadays, when data has become a resource on which the success of every company depends, data leak prevention is a tool that every C-level manager should think about. Data leakage brings multiple problems to the company: loss of trust, legal penalties in accordance with GDPR, non-compliance among employees, material losses, delays in work and development, loss of competitive advantage… By choosing an adequate data leak prevention solution, managers prevent adverse events, fully control the work processes and behavior of employees during working hours and avoid the possibility of punishment for non-compliance with the GDPR and loss of trust among their clients.

Why SecureTower 

Falcongaze partner

The program tools control e-mail, messengers, social networks, cloud storages, USB, etc. SecureTower gives ability to not only investigate incidents without any delay, but also immediately prevent them to occur. Having blocked the sensitive data transfer or launch of undesirable processes, SecureTower will not allow personal data and other critical business information to leak.

SecureTower builds an inextricable system of operations with all data. The information about all security violations is also available at any time. That allows you to restore the chronology of events led to data leakage or other violations. With retrospective incident investigation you can find and fix the weak link in the chain of information handlers.

Fusion of concepts. Monitor, Control and Investigate any time

User Monitoring, Data Leakage Prevention and Secure Backup of all communications and data transfers. Initially developed as integral parts of one common system, these components are highly interconnected and enforce each other to provide full transparency of information flows and corporate activity on human, social, web, application and endpoint levels.

Reverse philosophy. Productivity-friendly Security

Unlike most legacy information security systems, which are widely based on limitations and restrictions, SecureTower introduces an innovative concept of controlled freedom to security practices. Modern businesses want agile infrastructure and flexible use of various channels to achieve top performance in our hyperconnected society. Security vs Convenience has always been a challenge since the inception of networks. Falcongaze SecureTower comes with an answer: let your staff use whatever applications and services they want but be able to have visibility and control on everything.

C-level-ready reporting

Reporting is the key factor when it comes to ROI evaluation. Those who have experience in explaining the C-executives what these columns with numbers mean and how this diagram is different from the previous one will definitely like SecureTower reporting system. We at Falcongaze understand the value of time and devote special attention to robust and informative reporting. Save time on interpreting the reports and get into the core immediately.

Secure Tower functions

Data leak prevention

SecureTower is a complex software product for ensuring internal information security through network traffic interception and analysis. This solution enables enterprises to control the leak and undesired disclosure of confidential information over the Internet by intercepting such information as incoming and outgoing email, chat in instant messengers, transmitted documents, files, viewed web pages, etc. The system supports blocking of outgoing network traffic transmitted via HTTP, SMTP, MAPI and their encrypted counterparts, as well as the ability to control access and use of external devices, cloud storages, local network resources and applications.. The product consists of several components, each of them is responsible for a certain task, which provides a possibility of an interception system scaling and ensures its reliable operating even in the environment of a heavily loaded network. The product has client-server architecture. The server-based part is used for data processing and system management. It consists of the following components: Data Processing Server, Agents Control Server, Mail Processing Server, ICAP Server, OCR Server, Voice Recognition Server, Investigations Server, Risk Analysis Server, Network Traffic Server. The client-based part of the product includes Administrator Console and Client Console (security officer console) that serve as the product’s GUI.

Monitoring of employees

With the help of SecureTower software solution, top management and heads of structural units can get a detailed picture of everyday staff’ performance and adjust an appropriate tasks distribution, terms, build effective project teams. Monitoring of work processes with the help of SecureTower, amongst all other things, allows to monitor employees’ communication with customers and partners, carry out analysis and work on mistakes. Apart from this, our solution helps to identify the most efficient and dedicated employees and promote them – so that none of achievement would be unnoticed.

Archive of Business Communication

SecureTower helps to avoid losses of important information – all transferred and received data are saved. Even if they are deleted from a particular workstation, they will be available and restored, if necessary. SecureTower builds an inextricable system of operation with all data, both at the present moment and in the past. Retrospective incident investigation? The information about all security violations is also available at any time, which allows to restore the chronology of events which led to data leakage or other violations.

Modules and server components

SecureTower is a complex software product for ensuring internal information security through network traffic interception and analysis.

The software enables the employer to organize the work from remote locations in a way that measures the efficiency of each employee by monitoring their work.

At the same time the requirement that company resources are accessed by authorized persons is fulfilled as well as that communication inside and outside the company network environment is supervised by the technical staff in charge for safety and security.

The product consists of several components, each of them is responsible for a certain task, which provides a possibility of an interception system scaling and ensures its reliable operating even in the environment of a heavily loaded network.

The product has client-server architecture.

Falcongaze LLC does not have access to any data collected and processed by SecureTower

Minimal number of licences you can buy for each module is 25.

You can buy one module or combine several modules of our full SecureTower solution.

How to buy – Modules 

E-mail

Provides control of all messages of most popular mailbox servers, according to POP3, SMTP and IMAP protocols, as well as capture and lock-up of messages using MAPI protocol

Web

HTTP(S) (forums and social network messages, visited web-sites, sent files, posts);
Web-communication (gmail.com, rambler.ru, yahoo.ru, yandex.ru, mail.ru, etc.)

Messengers

Interception and archiving of attached files, text message and voice calls via Skype, SIP, Telegram, Viber;
Interception of voice and text messages in Microsoft Lync;
Interception of text messages in ICQ, AIM, Mail.Ru Agent, Windows Messenger, Miranda, Google Talk, QIP Infium, PSI, Yahoo! Messenger, and others, including those, which use encryption;

Audit

Device
USB storages
Files transferred to network shares
Cloud

FTP(S)

Intercepting and viewing files both downloaded from and uploaded to an FTP-server

Activity

Personnel network activity control and audio/video monitoring: taking of screenshots
Keylogger
Copying to clipboard
Control over application start and time spent by user in any application
Control over work time and idle time of computers
Control over time spent on websites
Audio/video monitoring
Processes and applications blocking
File transmission blocking

Workstation indexing

Scanning of endpoints and file servers and provides control and prevention of file transfer to external media

Printers

Interception of documents sent to local or network printers and to XPS format

MS Exchange control

Interception mail messages transmitted through third-party mail servers

Contact us for more details.

Characheristics

SecureTower

 

  1. E-mail
  2. Messengers
  3. Social networks
  4. Web activity
  5. Cloud storage
  6. Applications
  7. Personnel control
  8. Workstation control
  9. Workstation indexing
  10. Personnel interactions
  11. Reports

1. E-mail

SecureTower provides control of all messages of most popular mailbox servers, according to POP3, SMTP and IMAP protocols, as well as capture and lock-up of messages using MAPI protocol. Besides, the system supports capture of messages from external mail services in free mail services, such as Gmail, Mail.ru or Yandex.Mail.

2. Messengers

To control these channels, the option of message and transferred file capture for practically all popular messengers is implemented in SecureTower.

3. Social Networks

The DLP system controls communication of the staff in blogs, online chats, forums, etc.

4. Web activity

SecureTower allows to build a complete picture of the employee web activity throughout the working day. The DLP system helps to get information about the websites, visited by the employee, the time, spent on these websites or any messages sent.

5. Cloud storage

SecureTower tracks all files, downloaded by the user into the Internet through a browser, besides, file capture in desktop applications for such cloud services as Dropbox, OneDrive and Yandex.

6. Applications

The DLP system tracks the applications, used by the employees throughout the working day. On the basis of the results, obtained by this option, you can check what applications were used by the employee more frequently and what period of time was devoted to the labour activities. Besides, the system can lock up particular applications, determined by the administrator.

7. Personnel control

An option of working time control which allows to see the actual time spent on fulfillment of any task by the employee is implemented in SecureTower. Moreover, you can get the broad picture of the employee’s working day by means of the key logger, audio and video monitoring and desktop screenshots.

8. Workstation control

SecureTower provides control and prevention of file transfer to external media. The system performs automatic scanning of the documents, sent for printing or USB drive, for confidential information, and in case of detection of this information, notifies the administrator and allows to take preventive measures to remediate the incident.

Besides, SecureTower tracks connection and disconnection of devices from the workstations, controls information copying and carries out the computer access audit.

9. Workstation indexing

To ensure checks for presence or absence of confidential documents on the workstation, SecureTower is provided with quick search on all computers in the local network, which includes the manual mode.

10. Personnel interactions

To detect the personnel interactions, SecureTower uses a graph analyzer, in which profiles, automatically linked to Active Directory, are created for every employee, and displays the employee’s communication with other people. This profile shows the employee e-mail addresses, names in messengers, accounts in social networks an on other websites.

To detect outside ill-wishers, SecureTower registers the addresses of the external abonents and also creates profiles for them.

11. Reports

Completely settable reports on security incidents and daily activities of the staff are available for security department employees and managers of structural units. You can also set up automatically scheduled reporting and report sending to e-mails.

By problem solved

  1. Control of confidential information
  2. Control of mobile workstations
  3. Data Leak Prevention Software for GDPR Compliance
  4. Detection of internal threats
  5. Incident investigation
  6. Business processes optimization
  7. Economic security
  8. Provision of transparency of all business processes
SecureTower control

 

 

1. Control of confidential information

SecureTower provides a full control of the documentation flow and timely prevention of the confidential information leakage. The system monitors all information channels, from e-mails to messengers and USB devices. The information control and leakage prevention are the main tasks of the DLP system.

Along with other instruments of security provision, SecureTower uses the technology of detection of the confidential information transfer on the basis of digital fingerprints. For this purpose, the documents which must be controlled are analyzed, and after that matches with these documents (even fragmental ones) are found in the information flow.

2. Control of mobile workstations

Work machines outside the corporate network pose the higher risk than the stationary devices, therefore, implementation of information protection for these devices is a separate task of the security departments.

To control the mobile workstations, SecureTower employs the remote-control method. The agent takes off the same data that in the desktop computers in an autonomous mode, and, after the device is connected to the corporate network, it sends the collected archive to the server.

Besides, the SecureTower system is a perfect choice for the companies with the territorially-distributed network.

3. Data Leak Prevention

Today the key threats to comply are:

  • Lack of knowledge about where personal data is stored
  • Inability to identify “sensitive” data, old data and useless data
  • Lack of opportunity to respond timely for data requests

SecureTower brings an opportunity to deal with main tasks facing companies:

  • Audit where data is located and who interact with sensitive information
  • Restrain and control data transmission
  • Identify personal data by checking regular expressions and content & context methods of analysis

The SecureTower program functionality has the ability to rank access rights based on a user’s position within a company hierarchy and shares access to certain modules of the system to security CSO, DPO and other specialists depending on their duties. SecureTower is able to delete data from the archive of intercepted information.

 

SecureTower ensures the protection of the data transmitted between DLP agent and Data Server as well as other security measures that prevent unauthorized access to personal data.

4. Detection of internal threats

Detection of internal threats

 

One of the main functions of the DLP system is struggle with internal treats. Insider activities are often underestimated; however, the vast majority of information leakage is caused by such activities.

The privileged insiders are often not controlled by the security department or use their employment status to go beyond the regulations, established in the organization. The DLP system is not susceptible to the human factor and successfully detects the high rank insiders, as the ordinary employees.

5. Incident investigation

Apart from the security incident prevention, the DLP is also frequently used as means of investigation of the data leakage reasons and circumstances.

The leakage investigation without the delay helps to detect the persons, guilty for the leakage, determine the purpose of leakage, as well as further actions of the management staff. 

Owing to the fact that the system stores all employees’ communications in the archive – SecureTower ensures identification of the guilty persons in case of legal proceedings. It is also very important that the data, gathered by means of the DLP, can be accepted by courts as evidences.

6. Business process optimization

The business process optimization is a main factor of a company’s development. Therefore, apart from the instruments, intended for the data leakage detection, SecureTower has the functionality of the work flow optimization.

The SecureTower system ensures an automatic control of the employees’ working hours; the system registers the workstation switching on and off, and also collects statistics of the staff activities throughout the working day.

Working hours monitoring

 

Moreover, thanks to SecureTower, managers of the company departments have the instruments for control of the staff performance quality, can detect leaders and underperformer among the employees, can carry out reorganizing and improve business processes in the department.

7. Economic security

SecureTower allows detection of the degree of use of various corporate resources by the employees. It includes the number of documents, sent for printing, and the Internet trafficconsumption, and labour and non-labour activities throughout the working day.

On the basis of data, provided by the system, you can make a conclusion about the level of demand for various resources and subsequently adjust the expenses – for example, purchase the expensive licensed software only for those employees that actually use it for their work, as well as regulate the used of different office equipment.

Economic security

 

SecureTower also provides the opportunity of the human resource optimization. The data, collected by the system, can be used for analysis of the staff performance and further reorganizing for work improvement.

8. Provision of transparency of all business processes

The SecureTower options ensure full transparency of all company’s business processes. The department managers get an opportunity to control their subordinate employees and make necessary adjustments of the work process.

SecureTower registers all activities of the staff on the working computers, which enables tracking of communication of the employees with partners and clients.

Since business communication in the modern companies does not consist in e-mail correspondence only – to provide the broad picture of the document flow, SecureTower archives not only e-mails, but also messages in different messengers and social networks. The data on the personnel network activities and files, sent to external media, are also available.

 

2020 MD11 ict engineering & consulting