Industry statistics consistently show that the most significant security threat to the organization comes from within.  With over 60% of corporate data residing on endpoints, gateway solutions and written security policies alone can not mitigate the risk.

Sensitive data can exit organizational boundaries through multiple channels; it can be carried away on a USB flash drive, burned to a CD, sent via email or posted on the web.  While some data transfer channels can be partially disabled to minimize the risk, few organizations can completely disable outbound data traffic without dramatically affecting productivity.  To properly balance security and compliance demands with business objectives, enforcement measures must be carefully adjusted to control only the specific data restricted by company policy, without interrupting legitimate user actions.

 

Safend Discoverer maps and locates sensitive data stored on organizational endpoints and network shares.  Running in the background with minimal impact on productivity, Discoverer save valuable time and improves efficiency by expertly mapping data and providing insight to unsecured data and faulty business processes.  Armed with this information, administrators can improve security and compliance initiatives.

 

Safend Inspector enforces a data-centric security policy across multiple channels, including email, web (HTTP, HTTPS), FTP, external storage devices, CD/DVD burners, PDA devices, file repositories, print screen, local printers, and network printers, without disrupting legitimate business processes or harming end user productivity.

 

User actions can be stopped, generate an "are you sure?" message, monitored, or generate an alert for the security administrator, based on the actual content of the transferred data as well as the action context and meta data.  This protection is fully active regardless if the machine is connected to the organization's network, a home network or used offline.

 

Security policies are high granular, and can apply different protection measures according to channel specific context information.  For example, a security policy can prevent users from downloading confidential data to external storage devices other than company issued hardware-encrypted devices.