1. Data Leakage Prevention
Use Cases
This slide deck describes the ability of GTB’s DLP Suite solution to address
high level use cases based on Customer Requirements
2. Requirement:
1. Is End-User concerned with confidential information leakage outside their network?
2. Does End-User need to monitor sensitive content as it is being sent across the network
to external drop box websites, public blogs, wikis, FTP sites and web chat rooms,etc?
3. Does End-User need a solution that must monitor data as it is being sent in real-time?
4. Does End-User need a solution to block these transmissions when a certain
predefined criteria are met?
GTB DLP:
A. The GTB Inspector is designed to inspect all ports on all protocols.
B. GTB Inspector inspects any data format (file format agnostic)
C. GTB Inspector comes with built in SSL Proxy to inspect secure transmissions.
D. This enables organizations to become content & context aware to data transfers over the
internet.
USE CASE 1
Data-in-Motion to the Internet
3. Requirement:
1. Does End-User needs to identify their content based on an automated classification
process?
Example: Once classified, efficient content management of big data streaming through their
environment is required including to easily un-classify data if deemed non-confidential. A tool
must be provided to complete such requirements with pre-defined measures of enforcement.
This must be done with no performance degradation or interference of the network.
GTB DLP:
The very first step and the most important is what to protect!
GTB Technologies has a unique vision to classifying data. We developed our own content-fingerprinting engines
for structured and unstructured data. The data classification technology is called the GTB Security Manager.
Within this tool, customers have the options to classify their data as “mission critical”, “high severity”,
“medium severity”, and “low severity” The Security Manager is also the tool to create specific company
policies. General mandates already come out-of-the-box such as Singapore PDP Act, PCI, HIPAA, GLBA, SOX
etc.
* Refer to next slide on pre-defined and customized ability to define policy within the GTB system.
USE CASE 2
Data Classification & Management
4. The GTB system comes with built-in
Expressions for:
@@@CCN - Credit Card Number
@@@EMAIL - Email from a
common domain
Example of
Pre-Built Policies
5. Requirement:
1. Given the architecture for corporate email and the desire to protect email data, What DLP
capabilities are available within your solution to inspect and take action
(Log,Block,Quarantine) on email transmissions?
GTB DLP:
a) Having a full built in Mail Transfer Agent and Smart Host, the GTB Inspector may be deployed on premise
with the full DLP capability.
b) The GTB MTA supports the following Enforcement Actions: “Pass” “Log” “Quarantine” “Block” “Severity
Block” and “Encrypt.”
c) Options are available to alert the user violator, the boss, and/or special security responders. The system
supports thresholds for Severity Levels.
d) An Enterprise may decide to allow users handle/remediate a low severity violation improving education
on PDPA,PCI, GLBA, HIPAA, SOX etc mandates and overall education on security.
e) There are no sign ups or logins to the console being easy to use. These alerts are fully customizable and
may or may not include the actual content violated (sensitive data masking).
USE CASE 4
Email Protection
6.
7. Requirement:
1. Accidental mode of data leakage due to user error can cause a major data leakage
incident. Does End User need a solution that can monitor such incidents and secure
such transmission with automated encryption?
Example: A user correctly emails a zip file that contains a PDF document having a large number
of tax IDs to a Tax client email address etc. However, the user forgot to encrypt the email. The
DLP solution is expected to examine the file, determine it contains sensitive content and
automatically encrypt to the expected destination. An email shall then be sent to the sender
informing to next time encrypt.
GTB DLP:
The GTB Inspector automatically routes emails being sent out the Encryption Gateway and alert the user
(optional) a reminder that communication should be done via an encrypted email message.
USE CASE 6
Encryption Automation
8. Requirement:
1. Does EU require a DLP system that must be able to control any type of removable devices at
the endpoint level with the ability to track, alert and/or block when confidential data being
copied from laptops when users are off the network?
2. Does EU require a system that must then be able to audit any removable media inserted to
any machine and record Device Name, Device ID and Device and Volume Number?
GTB DLP:
The GTB Endpoint Protector offers organizations the ability to control what content can be transferred between
the network, applications & removable media devices. All data sent to removable media is intercepted and
inspected by the GTB inspection engines. GTB Endpoint Protector has four main functions:
1. Controlling removable media devices connecting to the network both in-line or wireless
2. Providing detailed removable media auditing of hardware and file transactions
3. Protecting data by selective encryption of specific file types or protected content
4. Ability to monitor and control data before it is transferred to removable media
5. Application Control for Skype, Gtalk, QQ, Evernote,etc.
USE CASE 7
Endpoint Control & Protection
9. Requirement:
1. Does Users often connect to network file shares and/or other repositories to store files within
your organization?
Example: Organization X would like to scan these file shares and repositories (some public
and others requiring authentication) to identify sensitive content as well as their owners.
The solution must facilitate this type of discovery and report back key data attributes that
would aid in determining ownership of data.
GTB DLP:
The GTB eDiscovery tool detects potential violations of data security and compliance before it
becomes a security incident. This mitigates the impending consequences of laptop
loss, intrusions, and potential malware. GTB's technology is unique as it not only exposes sensitive
content but also positively establishes its absence.
The GTB Data at Rest Scanner is designed to scan Network File-Shares as well as many other file
systems over the Network (agentless)
USE CASE 8
Ownership of Data