�ݺ�ߣ

1. Data Leakage Prevention

2. - Proprietary & Confidential - AgendaWho is Safend?Endpoint SecurityAn imperative for all organizationsRegaining Control of Endpoints and Data: Data Protection and Leakage Prevention with Safend Data Protection Suite Safend AuditorSafend DiscovererSafend InspectorSafend EncyptorSafend ProtectorSafend ReporterSummarySecuring your Endpoints

3. Company Timeline1200 CustomersHardware Encryption Management;Persistent Encryption;Network2010+Protector 3.3Safend ReporterSafend Encryptor: Full Hard Disk Encryption2009FISMA Compliance2008Protector 3.1 Anti-Network Bridging,PS/2 Keylogger ProtectionSafend Data Protection Suite Transparent SSO for EncryptionSafend DiscovererSafend Inspector20072006Protector 3.2File Type Control, Media & Content Monitoring and Tracking Offline File Transfers1800 CustomersFirst release of Safend Protector20052004Safend Protector available through resellers internationally2003700 CustomersCompany founded

4. - Proprietary & Confidential - Why Safend? Advanced Technology Control all your data protection measures with a single management server, single management console and a single lightweight agentPartnership with leading hardware encrypted device vendorsOperational friendly deployment and managementBest of breed port and device controlHard disk encryption is completely transparent and does not change end userexperience and common IT proceduresComprehensive and enforceable removable media encryptionFull control over sensitive data both inside and outside organizational networkTrack file transfers from encrypted devices even on non-corporate computers

5. - Proprietary & Confidential - Why Safend? Strong partnershipsEnterprise ResellersPartnership with leading hardware encrypted device vendorsComplementing Enterprise DLP VendorsFidelis SecurityMajor PartnershipsLenovo

6. Utimaco

7. Credant

8. Fujitsu

9. Websense

10. Workshare - Proprietary & Confidential - Why Safend?Advanced technologyWorld class leadership teamStrong partnershipsAnalysts endorsementsIndustry recognitionIn 2009 alone �C Received five stars and Best Buy in SC Magazine��s 2009 Group Test

11. Recipient of the Frost and Sullivan Technology Innovation Award

12. Recipient of the Info Security Products Guide��s Tomorrow��s Technology Today Award - Proprietary & Confidential -

13. - Proprietary & Confidential - Company Mission��To become the market leader for endpoint Data Protection and Leakage Prevention solutions for enterprise protection and regulatory compliance.�� Gil Sever, CEO��Industry analysts report that up to 70% of a company��s confidential data resides on corporate endpoints. Protecting that data is a prime concern for our customers. Safend��s endpoint ILP solutions provide the tools our customers need to protect their corporate assets without sacrificing their productivity�� - Steve Petracca, VP and General Manager for Lenovo��s Software & Peripherals Business Unit

14. - Proprietary & Confidential - Did You Know �� 52% of N.A. large enterprises had lost confidential data through removable media such as USB Drives in the past 2 years (Forrester)Over 70% of security breaches originate from within (Vista Research)Over 60% of confidential data resides at the Endpoint (IDC)Business travelers in the U.S., Europe and United Arab Emirates lose or misplace more than 16,000 laptops per week.(Ponemon Institute).The average cost per data breach was $6.6M and the cost per record was $202 in 2008 (Ponemon Institute).Information breaches trigger an average 5% drop in company share prices. Recovery takes nearly a year.(EMA Research)

15. Security SurveyHow many devices are people using?Usage of USB sticks: 96%Usage of Memory Cards: 69% More than one device: 72% Average number of devices in use: 7 Source: Utimaco Removable Media SurveyWorldwide, March 2007, Total number of respondents: 1.117 - Proprietary & Confidential -

16. - Proprietary & Confidential - Security SurveyData Protected?At a Glance55% of data is not protected 19% is protected18% partially protectedBut ��4% don��t think it��s necessary89% see a need to protect this dataSource: Utimaco Removable Media SurveyWorldwide, March 2007, Total number of respondents: 1.117

17. Cost of Data BreachesRecovery Cost AveragesAverage Incident Cost:$6.75 millionAverage Incident Costper compromised record: $204Customer CostsIncremental CostsUnbudgeted legal, audit and accounting feesNotification to customersFree or discounted service to customersCall center expensesPublic and investor relationsInternal investigationsBrand damageLoss of existingcustomersRecruiting newcustomers30%54%16%Among the incidents reported, the most expensive data breach cost nearly $31 million to resolve, and the least expensive cost $750,000. Productivity CostsLost employee productivitySource: 5th annual "Cost of a Data Breach" study by the Ponemon Institute - Proprietary & Confidential -

18. - Proprietary & Confidential - Extending Security to the EndpointsWith increased mobility, connectivity and productivity comes increased vulnerability and risk��USB, WiFi, FireWire, Bluetooth and other protocols make it easy to connect unauthorized external devices, leaving endpoints wide open to:Data Leakage & TheftEnterprise PenetrationIntroduction of Malware Removable media with sensitive information can also easilybe lost or misplaced by company employees, exposing organizations to irreparable data loss and tight legal scrutiny The loss and theft of laptop is a common occurrence.

19. - Proprietary & Confidential - Compliance RequirementsStates that currently have data protection laws States that do not currently have data protection laws

20. - Proprietary & Confidential - safendauditorSafend Data Protection Suitesafendprotectorsafendencryptorsafendinspectorsafendreporter

21. Safend Data Protection SuiteSafend's Data Protection Suite protects enterprises against endpoint data loss, misuse and theft through its single server, single console, single agent architecture. Its modular components can transparently encrypt internal hard drives (Encryptor), granularly control ports and devices and encrypt external media (Protector), Inspect, classify and block leakage of sensitive content through email, IM, Web, external storage, printers (Inspector), Map, classify and locate data stored on organizational endpoints and network shares (Discoverer), Generate detailed graphical reports for compliance assessment (Reporter) and quickly and non intrusively audit an endpoint for past and present connected devices and Wi-Fi networks.(Auditor). - Proprietary & Confidential -

22. Safend Data Protection Suitecomplete visibility, control, and protection of enterprise endpoints. Safend��s comprehensive solution has a single agent, single server and single management console for all data protection needs. The award winning suite includes:Safend Auditor Shows who��s connecting which devices and wireless networks to every enterprise endpointSafend DiscovererControls the use of wireless ports and removable devices by file/device typeEncrypts removable media and CD/DVDSafend InspectorPrevents sensitive data leakage through e-mail, web, removable storage, and additional data transfer channelsSafend EncryptorEnforces hard disk encryption of all data stored on laptops and PCsEasy recovery of machine and filesSafend ProtectorControls the use of wireless ports and removable devices by file/device typeEncrypts removable media and CD/DVDSafend ReporterProvides graphical security reports and analysis of your safend protected environment - Proprietary & Confidential -

23. Safend Data Protection SuiteSafend Data Protection Suite features and benefits: Transparent EncryptionInternal hard disk encryptionExternal storage encryption for removable storage devices, CD/DVD and external hard drives Robust port and device control Wireless controlHardware keylogger protectionEnterprise grade management, providing full visibility and control over organization security statusAll functionality is provided by a single management server, single management console and a single, lightweight agentCertificationsCommon Criteria EAL2 certified FIPS 140-2 Validatedprotectorencryptorreporterinspector

24. - Proprietary & Confidential - Single Lightweight Agent

25. Agent Includes Multi-tiered Anti-tampering Capabilities

26. Simple and Reliable Installation ProcessHard Disk EncryptionCentrally Managed and Enforced

27. Transparent SSO

28. Seamless authentication support

29. Easy Recovery

30. Strong Security and Tamper ResistantContent Based DLPData Classification

31. Data Content and Origin

32. Data Fingerprinting

33. Data Leakage Prevention Through:

34. Email, IM and Web

35. External Storage

36. PrintersPort & Device Control Detachable Storage Control

37. Removable Storage Encryption

38. CD/DVD Encryption

39. Wireless Control

40. Hardware Keylogger ProtectionSafenddiscoverer - Sensitive Data Location and MappingSafendreporter �C Security and Compliance AnalysisSafendauditor �C Endpoint security status audit

41. - Proprietary & Confidential - Single Lightweight Agent

42. Agent Includes Multi-tiered Anti-tampering Capabilities

43. Simple and Reliable Installation ProcessHard Disk EncryptionCentrally Managed and Enforced

44. Transparent SSO

45. Seamless authentication support

46. Easy Recovery

47. Strong Security and Tamper ResistantContent Based DLPData Classification

48. Data Content and Origin

49. Data Fingerprinting

50. Data Leakage Prevention Through:

51. Email, IM and Web

52. External Storage

53. PrintersPort & Device Control Detachable Storage Control

54. Removable Storage Encryption

55. CD/DVD Encryption

56. Wireless Control

57. Hardware Keylogger ProtectionSafenddiscoverer - Data discovery and MappingSafendreporter �C Endpoint security reportsSafendauditor �C Port and device audit

58. Safend Data Protection SuiteSingle Management Server & Single Management Console

59. Safend Data Protection Suite Enterprise Grade ManagementTamper Resistant The agent includes multi-tiered anti-tampering capabilities to guarantee permanent control over enterprise endpointsAutomatic directory integrationActive Directory & Novell eDirectoryApply policies to the appropriate organizational units, down to a specific machineRole based managementBy administrative action or by Organizational UnitScalable architecture A single management server can manage more than 75,000 endpointsBuilt-in support for N+1 server clustering

60. Safend Data Protection Suite Architecture - Proprietary & Confidential -

61. Safend Data Protection Suite Full Audit TrailprotectorProvides full visibility into: Device connection and data transfer events Organizational encryption statusAdministrative actions performedGraphical and non-graphical reportsReal Time Alerts Sent by emailWindows event logs / SyslogSNMP systemsCustom alert destinationencryptorreporterinspector

62. - Proprietary & Confidential - auditorSafend AuditorprotectorKey FeaturesFind out who��s connecting what devices and WiFi networks to every endpointIdentify and manage endpoint vulnerabilitiesIdentifies all USB, FireWire, PCMCIA devices and WiFi network ports Views results in minutes via simple and powerful reportingCompatible with existing network management or admin toolsIntuitive, clientless and easy to useencryptorreporterinspector

63. Step 1: Select Ports and Computers to AuditComputers to Audit Audit Filters by Port Type - Proprietary & Confidential -

64. Step 1a: Optionally Refine your SearchDevices to detect - Proprietary & Confidential -

65. Step 2: Run Scan to Generate ReportConnection SummaryDetailed Device Report - Proprietary & Confidential -

66. Step 3: Detailed Audit report By User: Historic & Real-time�� White list �� - Proprietary & Confidential -

67. Safend ProtectorKey FeaturesPrevents data leakage and penetration via endpointsDetects and restricts any devices Enforces granular policies over physical, wireless and removable storage devices via real-time analysis of low-level port traffic Tamper-resistant Centrally managed & seamlessly integrates with Active DirectoryEnsures regulatory complianceEasy to use and scalablesafendprotectorencryptorinspectorreporter - Proprietary & Confidential -

68. Safend ProtectorSecurity FeaturesPort, Device & Storage ControlAllow, block or restrict the usage of any and all computer portsGranular identification and approval of devicesRemovable Media EncryptionTransparently encrypts data copied to removable devices, external hard drives, & CD/DVD. Automatically encrypts data when transferred to devices by authorized usersOffline access utility for authorized usersGranular WiFi ControlBy MAC address, SSID, or the security level of the networkBlock Hybrid Network BridgingAllows admins to control/prevent simultaneous use of various networking protocols U3 & Autorun ControlTurns U3 USB drives into regular USB drives while attached to endpointsBlock Hardware KeyloggersRenders USB & PS/2 hardware keylogger devices useless - Proprietary & Confidential -

69. - Proprietary & Confidential - Safend ProtectorFile Type ControlPreventsData Leakage (Write)Virus/Malware (Read)Inappropriate Content (Read)File header based classificationNot by extension (Tamper resistant)Over 250 file extensions in 14 categoriesPolicy Flexible White/Black ListSeparate for Read/WriteLog/Alert per file type

70. - Proprietary & Confidential - Safend ProtectorFile Type Control

71. - Proprietary & Confidential - Safend ProtectorTrack offline usage of Removable StorageExtends visibility beyond the organization boundaries Track file transfers from/toEncrypted devices on non-corporate computers (offline)Audit user actions for legitimate use of corporate datePolicyGlobal setting - Read/WriteLogsCollected the next time the device connects to the networkAvailable in ��File Logs��

72. Safend ProtectorCD/DVD Media White ListsAllows white-listing of CD/DVDSoftware Installation CD��sApproved contentCD��s scanned to be virus-freeUnique fingerprint of CD/DVD MediaIdentifies the data on each mediumAny change to the data revokes fingerprintMedia Scanner Utility PolicyExtends the ��Distinct Devices�� white listsAutomatically exempt from File Type Control - Proprietary & Confidential -

73. - Proprietary & Confidential - Safend Protector in Action

78. A permitted device connected to the endpointA non-permitted device connected to the endpointSafend Protector In ActionThe device must be encrypted before it is used - Proprietary & Confidential -

79. - Proprietary & Confidential - Safend ReporterKey FeaturesReport on Security incidents by Users by Organizational UnitsReport on Security Incident TypesReports on the deployment statusDevice Inventory ReportExport ReportsRecurrence Reportsprotectorencryptorinspectorsafendreporter

80. - Proprietary & Confidential - Safend ReporterWhat it isWhy is it ValuableGraphical high-level view of the protected organizational statusAdvance tool for identifying Security VulnerabilitiesReports on irregular or Suspicious behaviorFacilitates Regulatory Compliance Reporting RequirementsProvides overview of system statusPlatform for developing Security Analytics and Dashboard ViewsReport Scheduler and enables reportsto be viewed in multiple formatsCustomizable to meet current and futureSecurity Reporting needs

81. - Proprietary & Confidential - Safend ReporterDisplays Security incidents in a clean, easy-to-use dashboard formatAllows Customization of incident types to report onAllows Admins to slice, dice, drill across information

82. Safend Encryptor:Key FeaturesEncrypts all data on laptops and desktops �C Total Data EncryptionTrue SSO (Single Sign On) technology Transparent to end users & help-desk personnelCentrally managed and enforcedFull visibility of organization��s Encryption status Stable and fault tolerant encryption Total Data Encryption, maintains performance and minimizes the risk of OS failuresafendencryptorprotectorreporterinspector

83. Total Data Encryption: AdvantagesCompletely Transparent EncryptionEndpoint Performance Maintained Easy to Manage Deploy and UseHighly Stable and Fault TolerantSimple and Reliable Recovery Mechanism

84. Safend Encryptor: Completely TransparentsafendencryptorTrue SSO Technology: to end users to help-desk / support to user authentication to patch management to software distribution systemsTransparentprotectorTransparentreporterinspectorTransparentTransparentTransparent - Proprietary & Confidential -

85. Safend Encryptor: Highly SecureprotectorTotal Data Encryption - Encrypts all data on endpoints Including all data files, page file and windows password store (SAM and domain cache)Strong encryption algorithm Each file is encrypted using a different random key for increased security (AES-256)Tamper Resistant The agent includes multi-tiered anti-tampering capabilities to guarantee permanent control over enterprise endpointsCertifications:Common Criteria EAL2 certified FIPS 140-2 certifiedencryptorreporterinspectorEnrolling Beta Customers

86. Safend Encryptor: Centrally EnforcedprotectorEncryption enforced by policy Zero end user interactionEncryption process does not interfere with ongoing user activitiesEnd users cannot interfere with the encryption process encryptorreporterinspector

87. Safend Encryptor: Full Audit Trail Detailed Client & Server Log RecordsClients status displayed in the Clients World: Client Logs displayed in the Logs World: Server Logs displayed in the Logs World:

88. - Proprietary & Confidential - Safend Encryptor Full Audit TrailDetailed Server Log RecordsExamples of Encryptor specific server logs

89. - Proprietary & Confidential - Safend Encryptor: Full Audit TrailEncryption Status ReportDisplays endpoint ��encryption complete on�� time and dateCan be set to display only ��active�� endpointsdrill-down reports display specific endpoints

90. Safend Encryptor: in Action Security administrator sets an encryption policy End user authenticatesusing native Windows logon Encryption process takes place transparently in backgroundDetailed endpoint status is displayed in the Clients World - Proprietary & Confidential -

91. - Proprietary & Confidential - Safend InspectorprotectorencryptorKey FeaturesControls sensitive data transferredvia approved data transfer channelsData ClassificationContent and meta-data Data fingerprinting Controlled ChannelsEmail, webExternal storage, CD/DVDLocal and network printersApplication (custom) channelsreporterinspector

92. - Proprietary & Confidential - discovererInspector-EP (Endpoint)protectorencryptorKey FeaturesData Leakage Prevention Through:USB, Firewire StorageLocal & Network PrinterCD/DVDNetwork SharesCopy/PasteApplication Data Access Controlreporterinspector

93. - Proprietary & Confidential - Safend InspectorprotectorencryptorData ClassificationData Content and Origin Data Fingerprinting Data Leakage Prevention Through:Email, IM and WebExternal StoragePrintersOut of the box predefined classifications and PoliciesInteractive Message Center for user educationinspectorreporter

94. - Proprietary & Confidential - Predefined Classifications and PoliciesprotectorencryptorPHI - HIPAA & UK HealthPCI (CC#)PII (SSN, NINO, 15 other countries)Acceptable Use (racial, sexual, violence - English)Software IPSchematics IP US Export RegulationsSOX �C sensitive financial data Preclassified data and metadatainspectorreporter

95. - Proprietary & Confidential - Inspector-NW (Network)protectorencryptorData Leakage Prevention Through:Email �C Outlook Plugin, SMTPWeb �C IE Plugin, HTTP, HTTPSApplication Data Access Control Limit access of any application to sensitive data File transfer through SkypeEncryption of sensitive data with unauthorized packageinspectorreporter

96. - Proprietary & Confidential - Classification methodsprotectorencryptorData ContentRegular ExpressionsMathematical verifiersHeuristic VerifiersPredefined classifications - reusableData FingerprintingMap set of files as sensitive without pointing to specific text �C using originating applicationUse partial match to file as indication of sensitivityinspectorreporter

97. - Proprietary & Confidential - discovererSafend DiscovererprotectorencryptorEndpoint DiscoveryOn all endpoints with installed agentNetwork Share DiscoveryAs a professional servicereporterinspector

98. Reports - Proprietary & Confidential -

99. End User Interaction Design - Proprietary & Confidential -

100. Policy Edit - Proprietary & Confidential -

101. Our Future PlansSafend intends to further extend the leadership of its Data Protection Suite in the coming years. Some highlights of functionality considered in our future plans include:Data at Rest content discovery, mapping and control.This product, planned for 2009 will allow an organization to map all its sensitive data, and in future releases automate measures taken to protect the detected data.Persistent Encryption.This extension of Safend Inspector and Safend Encryptor to selectively encrypt only sensitive content and keep it encrypted even when it goes off the corporate machines further improves the security of data, while remaining transparent to the end user.Extensive key management for software encryption and for internal and external hardware encrypted storage.Safend provides a comprehensive software encryption platform for both hard disks and removable storage, but some organizations may require or already have hardware encrypted devices. Safend aims to manage those devices as part of the Data Protection Suite and be able to provision them, recover passwords for them, and be able to remotely kill them

102. Contact us for more information or a demo(703) 815-8828 x101sales@e-convergencesolutions.com - Proprietary & Confidential -

�ݺ�ߣ

Safend General Presentation 2010

More Related Content

Safend General Presentation 2010

Editor's Notes