Digital Guardian Software from Verdasys

Overview:

You need visibility into your information and how it is handled in order to protect sensitive data on endpoints against loss and unauthorized access. Digital Guardian software from Verdasys provides a comprehensive solution designed to automatically discover and classify sensitive data on desktops and servers, and monitor the data as it is used and exchanged. The solution helps enforce corporate security policies in realtime and reduces the risk of data loss or misuse. IBM combines technology, service expertise and world-class professional services in a flexible, integrated platform for endpoint data loss prevention that provides immediate returns and facilitates expanded coverage in the future.

Highlights:

• Identifies and manages information risk to help secure data on the endpoint against loss
• Helps prevent unauthorized use of data by monitoring, controlling, and, if necessary, blocking activities
• Reduces the need for in-house data loss prevention experts during initial planning, implementation, and ongoing operations
• Enforces corporate security policies at the endpoint while enabling users to alter their behavior without interrupting business processes
• Masks sensitive data in application interfaces for only authorized viewing

Protecting sensitive data while enabling collaboration
IBM understands these concerns and now delivers a best-in-class data loss prevention solution for the endpoint that combines the Verdasys Digital Guardian Integrated Data Security Platform from Verdasys, Inc., with purpose-built IBM Data Security Services. Digital Guardian software from Verdasys provides a comprehensive solution designed to automatically discover and classify sensitive data on desktops and servers and monitor the data as it is exchanged and used, applying automated security controls as necessary to secure it. The solution helps enforce corporate security policies in real time and reduce the risk of data loss.

Verdasys Digital Guardian Integrated Data Security Platform

Features and Benefits:

Consistently enforce corporate and regulatory security policy
For companies to prevent the loss of sensitive data, they need a strategic, risk-based approach to endpoint data loss prevention (DLP) and an integrate solution that enables:

• Data discovery and classification
• Central policy management
• Risk-appropriate responses to policy violations
• Automated controls
• Actionable alerting and reporting
• Global visibility of information use and location

Implementing a data-centric approach to information protection
The IBM endpoint DLP solution helps track and secure the flow of critical data across the enterprise. Digital Guardian software acts at the point of use to make real-time decisions about data protection. With IBM, you can implement a data-centric endpoint security platform that business and IT managers can use to:

• Discover and classify sensitive data by context and content with visibility of employees, contractors, partners and outsourcers
• Assess the risk of sharing sensitive data to inform business decisions and policy design
• Apply policy-driven endpoint data protection to drive accountability to the end user and increase voluntary compliance and risk-aware behavior
• Help prevent damaging data loss without impeding business collaboration and information exchange

Whether on PCs, laptops, or servers (inside or outside of the organization), the IBM endpoint DLP solution can monitor, log, warn, encrypt and, if necessary, block prohibited actions by trusted end users.

Governing and controlling the use of sensitive information
Verdasys Digital Guardian software enables access to sensitive information while governing, controlling and auditing its use. The solution provides:

• Comprehensive information protection coverage, fully functional on or off the corporate network
• Enterprise-wide visibility into sensitive data location and usage with actionable decision support
• Centralized policy definition and enforcement that leverages not only identity and activity, but also data classification, context and con-tent analysis
• Risk-appropriate responses to user activities including policy-driven warnings, blocking and alerting, as well as automated file and e-mail encryption

Protecting data at the point of use
Together, IBM and Verdasys Digital Guardian software protect against the misuse, compromise or loss of data across the enterprise with:

• Actionable Data Discovery and Classification—Data classification polices are created and enforced by hardened and invisible endpoint agents using a combination of context and content-based classification.
• Monitoring Data Movement and User Activity—Agents utilize integrated context and content monitoring to record all user activity related to system operations that interact with the file, networking, clipboard, printing, and CD subsystems.
• Apply automated risk appropriate controls—Agents, based on classification and data activity will apply risk-appropriate controls including warning, prompting, required justification, automated encryption and outright blocking before the end user completes the data transaction and puts sensitive information at risk.
• File Encryption—Delivers automatic, policy-driven encryption of sensitive files located on or copied to local drives on laptops, desktops, or external devices and CD/DVD.
• E-mail Encryption—Provides patented, policy-driven encryption of e-mail content and attachments; operates transparently and includes automatic key management. Integrated e-mail encryption enforces security policy on network and Web mail systems both on or offline.
• Application Logging and Masking—Enforces field-level access control through data masking and meets regulatory requirements through audit logging for legacy(3270 terminal emulators), client server and Web-based applications.
• Reporting for Audit and Decision Support—Provides comprehensive reporting capabilities that include aggregated views of enterprise data usage, trend reporting, group or individual reporting, data-at-rest reports, compliance reports and operational reports.
• eDiscovery and Forensic Reporting—Generates aggregated case reports that include data usage from across the enterprise including offline, con-tractor and partner activities. Efficiently moves through aggregated log and audit information to focus on meaningful data, reducing the cost and time of analyzing information and creating effective forensic reports.

Realizing the full value of an endpoint DLP investment
IBM services can help you realize the full value of an endpoint DLP investment. We address the challenges associated with deploying a comprehensive solution by managing cost and scope, accelerating implementation, and reducing the need for additional head-count. Our services include:

• Requirements and Planning Workshop to identify sensitive data and risky applications, and determine business impact when data is lost or exposed
• Discovery Assessment to define your data loss prevention policies and deployment priorities for implementation and testing
• Implementation and Policy Design Services to provide project planning, architecture and design, policy design, component testing, pre-production testing, deployment assistance, help desk enablement and skills transfer during project deployment phase

Documentation:

Download the IBM Digital Guardian Software from Verdasys Datasheet (PDF).