Clearswift Endpoint Data Loss Prevention - Security Boulevard

Clearswift Endpoint Data Loss Prevention

<a href='/blog?tag=Data Loss Prevention'>Data Loss Prevention</a> <a href='/blog?tag=Information Governance'>Information Governance</a> <a href='/blog?tag=Internal Threats'>Internal Threats</a> <a href='/blog?tag=Technology'>Technology</a>
Clearswift Endpoint Data Loss Prevention

There are multiple places within your IT infrastructure where critical information is stored. These include email Inboxes, file servers, collaboration servers (some of which might be ‘in the cloud’) and endpoint devices.  All Clearswift solutions are designed to protect critical information from falling into unauthorized hands across all these different locations and channels.  Clearswift’s Endpoint Data Loss Prevention (DLP) solution is specifically designed to address the loss of critical information at the endpoint.

There are three key components of Clearswift Endpoint DLP.  The first is the ability to regulate what devices can be connected to a company network.  The second is the ability to control the copying of data (or files) to removable media, e.g. a personal device or USB stick and encrypt it if necessary. The third is to gain visibility of what critical information is stored on a company’s various endpoints that could create an issue should it fall into unauthorized hands and move it to a more secure location. 

Device Control

Clearswift has embedded its Deep Content Inspection (DCI) into a leading endpoint protection solution, enabling enhanced security in the two primary cases. Removable media, including personal devices and USB sticks, has become a key risk to organizations as it is so easy to transport large quantities of information onto a very small form. Furthermore, some devices can carry malware risks with them. Clearswift Endpoint DLP has enhanced device control functionality enabling an organization to define exactly what devices are allowed to be used and/or connected to the company network. The granularity can be used to regain control, so devices can be limited by device type, device manufacturer or all the way through to specific devices. Within the defense industry, this is becoming common practice with a very restricted number of devices allowed to be used within the department or organization.

Content Transfer Control & Encryption

So, while Clearswift Endpoint DLP enables devices to be restricted, so too can the files that are allowed to be copied to them. This is where the Clearswift DCI engine comes in play.  The DCI can ensure that no company files are copied to devices which would break company policy. By using the same DCI engine on the endpoint as is used in the other Clearswift solutions, it ensures consistency across the information it finds and acts upon.

Even when the content is approved to be copied or transferred, there is still one more step which is carried out. Encryption. Encrypting the removable media ensures that if the device is lost or stolen, then the data can’t be accessed and the organization remains compliant. When GDPR came into enforcement in May 2018, several organizations locked out all USB key access to the company network. While this is practical from a compliance perspective, it is not helpful day-to-day, where information frequently does need to be transferred via USB. With its triple layer of protection: device control, content control and encryption, Clearswift Endpoint DLP is there to keep you and your organization safe.

Discovering critical information ‘at rest’

The final piece that Clearswift Endpoint DLP enables is the ability to understand what information is on the device which could be a future issue. This could be made up of tens or hundreds of thousands of files stretching back over time. Some of these files may contain sensitive information and so need additional protection. Clearswift Endpoint DLP uses the same DCI engine to examine all the files on a company network to ‘discover’ where critical information is stored (data-at-rest) which will provide information security managers with visibility if there’s a breach of company policy.  If there is, action can be taken, for example moving critical files to a more secure location such as a restricted access file server.

Furthermore, Clearswift Endpoint DLP is not just for laptops.  It can be deployed to trawl through on-premise file servers or cloud-based file storage to check the content stored there, moving files with critical information to more secure locations if necessary.  It will leave behind a ‘breadcrumb’, to say the file was there – but has now moved, so as to reduce the IT support call “Help, my files have disappeared”.

In today’s world of digital collaboration, the need to understand where information is located as well as enhancing data protection processes is more critical than ever. Clearswift Endpoint DLP has been designed to reduce the challenges of today’s IT environment and improve working practices to protect critical information wherever it is stored and however it is used.


*** This is a Security Bloggers Network syndicated blog from Clearswift Blog authored by Bianca.du.Plessis. Read the original post at: