You are on page 1of 123

Endpoint Data Protection and

Leakage Prevention

Protecting Corporate Data Name


Title
te

A
d
Agenda
Who is Safend?
Endpoint Security
An imperative for all organizations

Regaining Control of Endpoints and Data:


Data Protection and Leakage Prevention with Safend Data
Protection Suite
Safend Auditor
Safend Discoverer
Safend Inspector
S f d Encyptor
E
Safend
Safend Protector
Safend Reporter

Summary
Securing your Endpoints

- Proprietary & Confidential -

Ab t S
f d
About
Safend
Company facts
Established in 2003
Headquartered
q
in Israel with fully
y owned
subsidiary in the US
65 employees in Israel and the US and Europe
Products
P
d t available
il bl th
through
h channels
h
l and
d
partners
Visionaryy senior management
g
with extensive
experience in enterprise security
Strong VC backing

- Proprietary & Confidential -

y
FISMA
Compliance

Protector 3.3
Safend Reporter
Safend Encryptor: Full
Hard Disk Encryption

Hardware
Management;
Network DLP
g
;
integration;

1200 Customers

2010

2011+

DRM Integration
Remote Stun
SaaS

2009

2008
Protector 3.1
Anti-Network
Anti
Network Bridging,
Bridging
PS/2 Keylogger Protection

2006
First release of
Safend Protector

2004

2005

Safend Protector
available through
resellers internationally

2003
Company founded

Safend Data Protection Suite

2007

Protector 3.2
File Type Control,
Media & Content
Monitoring and Tracking
Offline File Transfers
700 Customers

Transparent SSO for Encryption


Safend Discoverer
Safend Inspector
1800 Customers

y
FISMA
Compliance

Protector 3.3
Safend Reporter
Safend Encryptor: Full
Hard Disk Encryption

Hardware
Management;
Network DLP
g
;
integration;

1200 Customers

2010

2011+

DRM Integration
Remote Stun
SaaS

2009

2008
Protector 3.1
Anti-Network
Anti
Network Bridging,
Bridging
PS/2 Keylogger Protection

2006
First release of
Safend Protector

2004

2005

Safend Protector
available through
resellers internationally

2003
Company founded

Safend Data Protection Suite

2007

Protector 3.2
File Type Control,
Media & Content
Monitoring and Tracking
Offline File Transfers
700 Customers

Transparent SSO for Encryption


Safend Discoverer
Safend Inspector
1800 Customers

Why Safend?
Advanced Technology
Control all your data protection measures with a single management server,
single management console and a single lightweight agent
Partnership with leading hardware encrypted device vendors
Operational friendly deployment and management
Best of breed port and device control
Hard disk encryption is completely transparent and does not change end user
experience and common IT procedures
Comprehensive and enforceable removable media encryption
Full control over sensitive data both inside and outside organizational network
Track file transfers from encrypted devices even on non-corporate computers

- Proprietary & Confidential -

Why Safend ?
Sa
e d Data
ata Protection
otect o Su
te features
eatu es a
d be
e ts
Safend
Suite
and
benefits:
Internal hard disk and external storage encryption
Robust port and device control

protector

encryptor

inspector

discoverer

Hardware keylogger protection


Content Inspection and control on endpoint
ports and network interface
Sensitive Data at Rest discovery
Enterprise grade management, providing full
visibility and control over organization security status
Application level content awareness allowing control of iTunes, Skype and
other notoriously hard to control applications

All functionality is provided by a single management server, single


management console and a single,
single lightweight agent

Why Safend?
Strong partnerships
Enterprise Resellers
Partnership with leading hardware
encrypted
t d device
d i vendors
d
Complementing Enterprise DLP Vendors
Fidelis Security

Major Partnerships
Lenovo
Utimaco
Credant
Fujitsu
Websense
Workshare
RSA
- Proprietary & Confidential -

Why Safend?
Advanced technology
World class leadership team
Strong partnerships
Analysts endorsements
Industry recognition
In 2010Info Security Excellence Award
In 2009
Received five stars and Best Buy
y
in SC Magazines 2009 Group Test
Recipient of the Frost and Sullivan
Technology Innovation Award
Recipient
R i i t off the
th Info
I f Security
S
it
Products Guides Tomorrows
Technology Today Award

- -Proprietary
Proprietary & Confidential
Confidential - -

Company Mission
To become the market leader for endpoint Data
Protection and Leakage Prevention solutions for
enterprise protection and regulatory compliance.
Gil Sever, CEO
Industry analysts report that up to 70% of a companys confidential data
resides on corporate endpoints. Protecting that data is a prime concern
f
for
our customers. Safends
S f d endpoint
d i
D
Data
P
Protection
i
and
d Leakage
L k
Prevention solutions provide the tools our customers need to protect their
corporate assets without sacrificing their productivity - Steve Petracca,
VP and
d General
G
l Manager
M
f Lenovos
for
L
Software
S ft
& Peripherals
P i h
l Business
B i
Unit

- Proprietary & Confidential -

Did You Know


More than one third (36%) of US companies surveyed say their business
was impacted by the exposure of sensitive or embarrassing information in
the last 12 months. Osterman Research 2010
52% of N.A. large enterprises had lost confidential data through
removable media such as USB Drives in the past 2 years
(Forrester)
Over 70% of security breaches originate from within (Vista Research)
Over 60% of confidential data resides at the Endpoint (IDC)
Business travelers in the U.S., Europe and United Arab Emirates
lose or misplace more than 16,000 laptops per week.(Ponemon
Institute).
An organization
g
of 1,500
,
users will g
generate traffic of 64.9 million
emails in just one year. (March 2010 Osterman Research survey)

- Proprietary & Confidential -

You Need to Focus on What Leaves Your Organization


Security Survey
EMAIL IS STILL THE PRIMARY MEANS OF COMMUNICATION

Source:
The Case for Outbound Content Management, 2010 Osterman Research, Inc. 2010

- Proprietary & Confidential -

.BUT OTHER TOOLS ARE BEING ADDED TO THE MIX

Source:
Th Case
The
C
for
f Outbound
O tb
d Content
C t t Management,
M
t 2010 Osterman
O t
Research,
R
h Inc.
I
2010

- Proprietary & Confidential -

M
Mac,
iP
iPads
d and
d iPhones
iPh
Enterprise Desktop Alliance conducted a survey of IT administrators, which
revealed that:

Macs will be the fastest growing systems in the enterprise


through 2011.
Enterprise adoption of Apple Mac, iPad, and iPhone accelerating
Mac: 79% said they are "more likely to allow more users to deploy Macintoshes as
th i enterprise
their
t
i desktops"
d kt
" iin 2010-2011,
2010 2011 up from
f
68% iin ITIC'
ITIC's 2009 survey. 7% off
respondents said they have more than 250 Macs in their enterprise. In the 2008
survey, only 2% had more than 250 Macs.
iPad: 23% said they have "already
already purchased"
purchased or "already
already ordered"
ordered an iPad.
iPad 18%
more say they "plan to purchase an iPad" within one year.
iPhone: 82% said they "," up from 49% in the will increase integration with
existing Apple consumer products such as the iPhone"
iPhone to allow access to
corporate email and other applications 2009 survey. 24%, who did not currently
own an iPhone, said they "have already decided" or are "very likely to switch"
with an additional 35% saying "it's possible we'll switch when the current contract
expires."
i
"
2010 Apple Consumer and Enterprise Survey
- Proprietary & Confidential -

S
Security
it Survey
S
Common Risks and Mistakes Employees Make
Misuse of corporate computers:
44 % of employees share work devices with others without supervision.
Unauthorized physical and network access:
39 % of IT professionals said they have dealt with an employee accessing
unauthorized parts of a company's network or facility. Average number of
devices in use: 7
Remote worker security:
46 % of employees admitted to transferring files between work and personal
computers when working from home.

Source:
Cisco Systems,
y
, Inc. 2008,, Data Leakage
g Worldwide: Common Risks and Mistakes Employees
p y
Make
http://www.cisco.com/en/US/solutions/collateral/ns170/ns896/ns895/white_paper_c11-499060.pdf

- Proprietary & Confidential -

Cost of Data Breaches


Recovery Cost Averages
A
Average
IIncident
id t Cost:
C t

Average Incident Cost


per compromised record:

$6.75 million

$204

Customer Costs
Brand damage
Loss of existing
customers
Recruiting new
customers

Incremental Costs

30%
54%
16%

Among the incidents reported, the


most expensive data breach cost
nearly $31 million to resolve, and the
least expensive cost $750,000.

Unbudgeted legal, audit


and accounting fees
Notification to customers
Free or discounted
service to customers
C ll center
Call
t expenses
Public and investor
relations
Internal investigations

Productivity Costs

Source: 5th annual "Cost of a Data Breach" study by the Ponemon Institute

- Proprietary & Confidential -

Lost employee
p y
productivity

E t di Security
S
it to
t the
th Endpoints
E d i t
Extending
With increased mobility,
y, connectivity
y and p
productivity
y comes increased
vulnerability and risk
Perimeter Security technologies such as web security, firewalls and DLP Gateways do
not apply
pp y to multiple
p channels that are used outside the organization,
g
, including
g email,,
web (HTTP, HTTPS), FTP, external storage devices, CD/DVD burners, PDA devices,
file repositories, print screen, local and network printers, and many other channels that
need to be monitored and controlled to avoid leakage of sensitive data.
USB,
S WiFi, FireWire, Bluetooth and other protocols make it easy to connect
unauthorized external devices, leaving endpoints wide open to:
Data Leakage & Theft
E t
i P
t ti
Enterprise
Penetration
Introduction of Malware
Removable media with sensitive information can also easily
be lost or misplaced by company employees
employees, exposing organizations to irreparable data
loss and tight legal scrutiny
The loss and theft of laptop is a common occurrence.

- Proprietary & Confidential -

C
Compliance
li
Requirements
R
i
t

States that currently


have data protection
laws
States that do not
currently have data
protection laws

- Proprietary & Confidential -

Data Leakage and Targeted Attacks


A Clear and Present Danger

- Proprietary & Confidential -

Safend Data Protection Suite


Safend Data Protection Suite features and benefits:
Transparent
p
Encryption
yp
Internal hard disk encryption
External storage encryption for removable storage
devices CD/DVD and external hard drives
devices,

protector

encryptor

inspector

discoverer

Robust port and device control


Wireless control
Hardware keylogger protection
Enterprise grade management, providing full
visibility and control over organization security status

All functionality is provided by a single management server,


g management
g
g , lightweight
g
g agent
g
single
console and a single,
Certifications
Common Criteria EAL2 certified
140 2 Validated
FIPS 140-2

Port & Device Control

Detachable Storage Control


R
Removable
bl Storage
St
Encryption
CD/DVD Encryption
Wireless Control
Hardware Keylogger
Protection

Hard Disk Encryption

Centrally Managed and


Enforced
Transparent SSO
Seamless
authentication support
Easy Recovery
Strong Security and
Tamper Resistant

Content Based DLP

Content Aware
Application Control
Data Leakage Prevention
Through:

Email, IM and Web


External Storage
g
Printers
Any
Application/Protocol

Single Lightweight Agent


Agent Includes Multi-tiered Anti-tampering Capabilities
Simple and Reliable Installation Process

safenddiscoverer safendreporter

Sensitive Data Location and Mapping

Security and Compliance Analysis

safendauditor

Endpoint security status audit

- Proprietary & Confidential -

Hard Disk Encryption

Port & Device Control

Detachable Storage Control


Removable Storage
Encryption
CD/DVD Encryption
Wireless Control
Hardware Keylogger
Protection

Centrally Managed and


Enforced
Transparent SSO
Seamless
authentication support
Easy Recovery
Strong Security and
Tamper Resistant

Content Based DLP

Data Classification

Data Content and Origin


g

Data Fingerprinting

Data Leakage Prevention


Through:

Email, IM and Web


External Storage
Printers

Single Lightweight Agent


Agent Includes Multi-tiered Anti-tampering Capabilities
Simple and Reliable Installation Process

safenddiscoverer
f ddi
safendreporter

Data discovery and Mapping


Endpoint security reports

safendauditor

Port and device audit

- Proprietary & Confidential -

Safend Data Protection Suite


Enterprise Grade Management
Tamper Resistant
The agent includes multi-tiered anti-tampering capabilities to guarantee permanent
control over enterprise endpoints

Automatic directory integration


Active Directory & Novell eDirectory
Apply policies to the appropriate
organizational units, down to a specific machine

R l b
d managementt
Role
based
By administrative action or by Organizational Unit

Scalable architecture
A single management server can manage more than 75,000 endpoints
Built-in support for N+1 server clustering

Safend Data Protection Suite


Architecture

- Proprietary & Confidential -

Safend Data Protection Suite


Single Management Server & Single Management Console

S f d Data
Safend
D t Protection
P t ti Suite
S it Full
F ll Audit
A dit Trail
T il
Provides full visibility into:
Device connection and data transfer
events

protector

encryptor

inspector

discoverer

Organizational encryption status


Administrative actions performed

Graphical and non-graphical reports


Real Time Alerts
Sent by email
Windows event logs / Syslog
SNMP systems
Custom alert destination

S f d Data
Safend
D t Protection
P t ti Suite
S it What
Wh t is
i New
N
?
Removable Storage anti
Malware
Smartphone and iPad Selective
Synchronization Control
Mac OS/X Port Device Control
Manage hardware encrypted
devices from Kingston and
SafeStick

protector

encryptor

inspector

discoverer

M
l
C
l-R
bl Storage
S
D i
Malware
Control
Removable
Devices
File Type Control Inbound File Protection
Prevent Stuxnet,
Stuxnet Conficker like attacks and other removable storage execution zero day
attacks

U3 Smart Drive and Autorun Control


allow smart storage devices to be used as simple storage devices and block only their
smart functionality which may be unsafe.

Force Read-Only access outside the organization


Block Malware from getting on removable storage devices

Automatic 3rd party Malware Scan for Removable Devices


allow all users to perform the re-introduction of encrypted devices that were used
outside the organization on protected machines, by running a virus scan, or limit reintroduction permissions to specific
introduction
specific, trusted users
users. Quicker and Safer than AV alone
alone.

- Proprietary & Confidential -

M A
Mac
Agentt
Port and Device Control
Selectively allow removable storage devices, log transfers.
Next steps
Removable Storage Encryption for Mac and Windows
Data Discovery
Content inspection

- Proprietary & Confidential -

M
H d
E
t d Devices
D i
Manage
Hardware
Encrypted
Associate Devices and Users
Using implicit information from users usage and explicit
administrator
d i i t t associations
i ti
tto di
display
l d
detailed
t il d user,
machine and device logs.
Remote Wipe lost devices
When user leaves organization or loses device

- Proprietary & Confidential -

S f d Inspector
I
t
Safend
Content Aware Application
Control
Data Leakage Prevention
Through:

protector

encryptor

Email, IM and Web


External Storage

discoverer

Printers

safendinspector
safend
inspector

Application (all protocols)

O t off the
th box
b predefined
d fi d
Out
classifications and Policies
Interactive Message
g Center for
user education

- Proprietary & Confidential -

C t tA
li ti C
t l
Content
Aware A
Application
Control
Allow all applications to run
while selectively blocking
access to sensitive content.
protector

Skype calls OK

encryptor

Skype chat OK
Skype file transfer OK

discoverer
safendinspector
safend
inspector

Skype transfer of sensitive


files BLOCKED !

- Proprietary & Confidential -

C t tA
li ti C
t l
Content
Aware A
Application
Control
Allow all applications to run
while selectively blocking
access to sensitive content.
protector

Connecting iPhone and


charging - OK
Transferring pictures and
music OK
O

encryptor

discoverer
safendinspector
safend
inspector

Backup and Restore of


machine OK
Email Sync - OK
Transfer of document
containing PII to iPad
BLOCKED !

- Proprietary & Confidential -

P d fi d Classifications
Cl
ifi ti
d Policies
P li i
Predefined
and
PHI - UK Health & HIPAA
PCI (CC#)
PII (SSN, NINO, 29 other
countries)
Acceptable Use (racial,
sexual violence - English)
sexual,

protector

encryptor

discoverer
safendinspector
safend
inspector

Software IP
Schematics IP
EU/US Export Regulations
SOX sensitive financial
data
Pre-classified data and
metadata
- Proprietary & Confidential -

Cl
ifi ti methods
th d
Classification
Data Content
Regular Expressions
Mathematical verifiers

protector

encryptor

Heuristic Verifiers
Predefined classifications reusable

discoverer
safendinspector
safend
inspector

Data Fingerprinting
Map set of files as sensitive
without pointing to specific
text using originating
application
Use partial match to file as
indication of sensitivity

- Proprietary & Confidential -

S f d Discoverer
Di
Safend
Endpoint Discovery
On all endpoints with
installed agent

Network Share Discovery

protector

encryptor

As a professional service
inspector
discoverer

- Proprietary & Confidential -

End User Interaction Design

- Proprietary & Confidential -

Policy Edit

- Proprietary & Confidential -

Safend Protector
Key Features
Prevents data leakage and penetration
via endpoints
Detects and restricts any devices
Enforces granular policies over physical,
wireless and removable storage devices via
real-time analysis of low-level port traffic
Tamper-resistant
Centrally
y managed
g & seamlessly
y integrates
g
with Active Directory
Ensures regulatory compliance
Easy to use and scalable

- Proprietary & Confidential -

safendprotector
safend
protector

encryptor

inspector

discoverer

Safend Protector
Security Features
Port Device & Storage Control
Port,
Allow, block or restrict the usage of any and all computer ports
Granular identification and approval of devices

Removable Media Encryption


Transparently encrypts data copied to removable devices, external hard
drives, & CD/DVD.
Automatically encrypts data when transferred to devices by authorized users
Offline access utility for authorized users

Granular WiFi Control


By MAC address, SSID, or the security level of the network

Block Hybrid Network Bridging


Allows admins to control/prevent simultaneous use of various networking
protocols

U3 & A
Autorun
t
Control
C t l
Turns U3 USB drives into regular USB drives while attached to endpoints

Block Hardware Keyloggers


Renders USB & PS/2 hardware keylogger devices useless
- Proprietary & Confidential -

Safend Protector
Track offline usage of Removable Storage
Extends visibility beyond the organization boundaries
Track file transfers from/to
corporate computers (offline)
Encrypted devices on non
non-corporate
Audit user actions for legitimate use of corporate date

Policyy
Global setting - Read/Write

Logs
Collected the next time the
device connects to the network
Available in File Logs
g

- Proprietary & Confidential -

Safend Protector
CD/DVD Media White Lists
Allows white-listing of CD/DVD
Software Installation CDs
Approved content
CDs scanned to be virus-free

Unique fingerprint of CD/DVD Media


Identifies the data on each medium
Any change to the data revokes fingerprint

Media Scanner Utilityy


Policy
Extends the Distinct Devices white lists
Automatically exempt from File Type Control

- Proprietary & Confidential -

S f d Protector
Safend
P t t in
i Action
A ti

- Proprietary & Confidential -

S f d Protector
Safend
P t t in
i Action
A ti

- Proprietary & Confidential -

S f d Protector
Safend
P t t in
i Action
A ti

- Proprietary & Confidential -

S f d Protector
Safend
P t t in
i Action
A ti

- Proprietary & Confidential -

S f d Protector
Safend
P t t in
i Action
A ti

- Proprietary & Confidential -

Safend Protector In Action


A permitted device
connected to the
endpoint

A non-permitted
d i connected
device
t d
to the endpoint

The device must


b encrypted
be
t d
before it is used

- Proprietary & Confidential -

S f d Reporter
R
t
Safend
Key
y Features
Report on Security incidents
by Users
by Organizational Units

Report on Security Incident


ypes
Types
Reports on the deployment
status

protector

encryptor

inspector

discoverer

Device Inventory Report


Export Reports
safendreporter
safend
reporter
p

Recurrence Reports

- Proprietary & Confidential -

Safend Reporter
What it is

Why is it Valuable

Graphical high-level view of the


protected organizational status

Advance tool for identifying


Security Vulnerabilities

Reports on irregular or
Suspicious behavior

Facilitates Regulatory Compliance


Reporting Requirements

Provides overview of system status

Platform for developing Security


Analytics and Dashboard Views

Report Scheduler and enables reports


to be viewed in multiple formats

Customizable to meet current and future


Security Reporting needs

- Proprietary & Confidential -

Safend Reporter
Displays
Security
incidents in a
clean easy
clean,
easy-toto
use dashboard
format
Allows
Customization
of incident types
yp
to report on
Allows Admins
to slice, dice,
drill across
information

- Proprietary & Confidential -

Reports
p

- Proprietary & Confidential -

Safend Encryptor:
Key Features
Encrypts all data on laptops and
desktops Total Data Encryption
True SSO (Single Sign On) technology

protector

safendencryptor

Transparent to end users & help-desk


personnel
inspector

Centrally managed and enforced


Full visibility of organizations
Encryption status
Stable and fault tolerant encryption
Total Data Encryption, maintains performance
and
d minimizes
i i i
the
th risk
i k off OS failure
f il

discoverer

Hard Disk Encryption: Advantages

Completely Transparent Encryption


Endpoint Performance Maintained
Easy to Manage Deploy and Use
Highly Stable and Fault Tolerant
Simple and Reliable Recovery Mechanism

Safend Encryptor:
Completely Transparent
True SSO Technology:
to end users

protector

safendencryptor

p
pp
to help-desk
/ support
to user authentication
to patch management
to software distribution systems

- Proprietary & Confidential -

inspector

discoverer

Safend Encryptor: Highly Secure


Total Data Encryption
yp
- Encrypts
yp all data
on endpoints Including all data files, page file
and windows password store (SAM and domain
cache)

Strong encryption algorithm


Each file is encrypted using a different random
key for increased security (AES-256)

Tamper
p Resistant
The agent includes multi-tiered anti-tampering
capabilities to guarantee permanent control over
enterprise endpoints

Certifications:
Common Criteria EAL2 certified
FIPS 140
2 certified
ifi d
140-2

protector

encryptor

inspector

discoverer

Safend Encryptor: Centrally Enforced


Encryption enforced by policy
Zero end user interaction
Encryption process does not interfere
with ongoing user activities

protector

encryptor

End users cannot interfere with the


encryption process

inspector

discoverer

Safend Encryptor: Full Audit Trail


Detailed Client & Server Log Records
Cli t status
Clients
t t displayed
di l
d in
i the
th Clients
Cli t World:
W ld

Client Logs displayed in the Logs World:

Server Logs displayed in the Logs World:

Safend Encryptor Full Audit Trail


Detailed Server Log Records

Examples of
Encryptor specific
ser er logs
server

- Proprietary & Confidential -

Safend Encryptor: Full Audit Trail


Encryption Status Report

drill-down
d
ill d
reports
t
display specific
endpoints

- Proprietary & Confidential -

Displays endpoint
encryption complete
on time and date
Can be set to display
only
l active
ti
endpoints

Safend Encryptor: in Action


Security administrator
sets an encryption policy

End user authenticates


using native Windows
logon

Encryption process
takes place transparently
y
in background

Detailed
D t il d endpoint
d i t
status is displayed
in the Clients World

- Proprietary & Confidential -

Our Future Plans


Safend intends to further extend the leadership of its Data Protection
S it in
Suite
i the
th coming
i years. S
Some hi
highlights
hli ht off ffunctionality
ti
lit considered
id d
in our future plans include:
DLP Gateway
y Integration
g
Having a common GW/Endpoint classification policy is an important
consideration. Integrations with leading email, web and DLP gateway vendors
will ensure adequate coverage both inside and outside the organization
Hardware Management
Safend can showcase remote stunning of Kingston devices, and intends to add
additional vendor interfaces for both external storage, internal storage and other
mobile devices
DRM Integration
Safend will allow management of and integration with 3rd party DRM systems including
Microsoft 2008 R2 file IRM and others
others.

Thank You!
www safend com
www.safend.com
Name
Title
E il Address
Email
Add
Telephone #
- Proprietary & Confidential -

Additional Slides

- Proprietary & Confidential -

Certifications
RSA Secured

Safend joined the RSA Secured Partner Program to certify interoperability


between Safend Protector and the RSA enVision platform from RSA, the
S
Security
it Division
Di i i off EMC (NYSE:EMC).
(NYSE EMC) Thi
This certification
tifi ti signifies
i ifi th
thatt an
interoperable partnership has been established to increase security for joint
customers looking to protect the loss of data across enterprise endpoints.
For more information visit EMC Solutions Gallery
Cisco Systems - NAC Partner
Safend solutions are compatible with Cisco Network Admission Control (NAC) infrastructure.
Founded in 1986, Cisco is a leading manufacturer of networking equipment whose operating
systems and routing protocols have become de facto standards.
Network Admission Control (NAC) is an architecture-based framework solution designed to
take advantage of both Cisco network technologies and existing deployments of security
and management solutions from other manufacturers.
Through the NAC Program for third-party vendor integration, Cisco shares technology
features with participants, who design and sell client and server applications as well as
services that incorporate features compatible with the NAC infrastructure.
For more information on Cisco Systems
Systems, visit: http://www.cisco.com/.
http://www cisco com/
Microsoft Gold Certified Partner
The Microsoft Gold Certified Partner Program recognizes partner commitment and expertise
in one or more specialized areas when delivering Microsoft technologies. Microsoft Gold
Certified Partners are required to meet demanding criteria, including enhanced certification
and
d a portfolio
tf li off real-world
l
ld customer
t
references,
f
and
d are th
thus id
identified
tifi d as th
the mostt skilled
kill d
partners in specific solution areas. Safend has attained competencies in "Security Solutions"
and "Advanced Infrastructure Solutions", demonstrating expertise with Microsoft
technologies and proven ability to meet customers needs. For more information on the
Microsoft Gold Certified Partner Program, visit https://partner.microsoft.com.

Certifications
Microsoft WHQL Certification
Microsofts Windows Hardware Quality Labs testing process (WHQL) submits third-party products to
analysis which assesses the products for compatibility with Windows operating systems. By
completing this process
process, Safend solutions are designated as Windows compatible - offering a reliable
and consistent interoperability with the Windows operating systems. Microsoft requires all products
earning the Windows logo to maintain the following characteristics: all components must install and
uninstall properly and not interfere with other system components, each component must interoperate
well with other system components, and all components must function normally after the operating
system is upgraded to Windows XP or any later version of the operating systems for which the system
or component carries the logo
logo.
The compatibility with Windows operating systems insures a secure and hassle-free user experience
for Safend Protector customers.
For more information on Microsoft WHQL, visit: http://www.microsoft.com/whdc/whql/default.mspx
Check Point OPSEC Certification
OPSEC (Open Platform for Security) is the industry's open, multi-vendor security framework recognized worldwide as the standard for interoperability. Safend's solutions have successfully fulfilled
the stringent interoperability and lab testing required to achieve OPSEC certification, guaranteeing
integration and interoperability with Check Point's Secure Virtual Network Architecture.
For more information on Check Point OPSEC, visit:
http://www opsec com/solutions/partners/safend html
http://www.opsec.com/solutions/partners/safend.html
Ready for IBM Tivoli
software Tivoli software from IBM is a world-class leader in IBM Service Management software,
enables an IT organization to reduce the total cost of ownership and improve service levels of the IT
infrastructure. Tivoli systems management software helps traditional enterprises and e-businesses
worldwide
ld id manage security,
it storage,
t
performance
f
and
d availability,
il bilit and
d configuration
fi
ti and
d operations.
ti
The Safend Protector Tivoli Configuration Manager SPD File enables to you to distribute Safend
Protector Client v3.X to Tivoli endpoints using Tivoli Configuration Manager 4.2.3, both products are
now validated to work together improving the productivity of the IT staff and the overall compliance
posture of the organization. Read More

D t L
Data
Leakage
k
and
dT
Targeted
t d Attacks
Att k
A Clear and Present Danger

Personal data on more than 26 million U.S.


veterans had fallen into the hands
of thieves The data were on a laptop and
external drive stolen in an apparent
random burglary.
--CNN

An investigation is under way into


the disappearance of a
computer hard drive which
could contain the details of
about 100,000 [[UK MoD]] Armed
Forces personnel
--BBC

The Transportation Security Administration is warning 1,195 of its


former employees that a contractor may have mailed their Social Security
numbers and birth dates to the wrong addresses and left them open to identity
fraud
--USA Today

- Proprietary & Confidential -

D t L
Data
Leakage
k
and
dT
Targeted
t d Attacks
Att k
A Clear and Present Danger

Average cost per data breach incident


was $6.6M and the cost per record
was $202 in 2008
--Ponemon Institute

Information breaches trigger an


average 5% drop in company share
prices. Recovery to pre-incident
levels takes nearly a year
--EMA Research

- Proprietary & Confidential -

The Transportation Security


Administration is warning
g 1,195
,
of its
former employees that a contractor
may have mailed their Social Security
numbers and birth dates to the wrong
addresses and left them open to
identity fraud
--USA Today

S f d Competitive
Safend
C
titi Overview
O
i
- Suite
S it

Unified DLP
Management

Yes

No

Partial

Partial

Partial

NO

Partial

No

No

Single DLP
Client

Yes

No

No

No

No

No

No

No

No

Port and Device


Control

Yes

Basic

Basic

No

Yes

Basic

Media
Encryption

Yes

Yes

No

Yes

Basic

Hard Disk
Encryption

Yes

Yes

No

No

Basic

Content
p
Inspection

Yes

No

Yes

No

No

Basic

- Proprietary & Confidential -

Safend Competitive Overview - Encryptor

Unified DLP Management

Yes

No

Partial

Partial

Partial

NO

No

Yes

No

No

No

No

No

No

Yes

Partial

Partial

Yes

Yes

No

No

No

No

Basic

No

Transparent PKI\Biometric
token support

Yes

No

No

No

No

Partial

No

Easy Data Recovery

Yes

Hard

Hard

Hard

Hard

Low

Hard

Partial

Yes

Basic

Basic

Yes

No

Single
g DLP Client
Enforce Encryption on any
Type of External storage
Device(HD, CD\DVD, Flash)
Fully Transparent Single
Sign On Authentication

Encryption Status Reports

Yes

- Proprietary & Confidential -

No

Selected Safend Government Customers


US

Equal Employment
Opportunity Commission

US Navy

CA Mental Health

White House
Communications
Agency

State Department

CA Housing & Community


Development

- -Proprietary
Proprietary & Confidential
Confidential - -

CA Sonoma County

Joint Chiefs of Staff

LA County Probation
Department

Selected Safend Government Customers


EMEA

North Atlantic Treaty


y
Organization

APAC

Ministry of Home
Affairs Singapore

Australian Department of
V t
Veterans
Affairs
Aff i

Ministry of justice UK
The Swiss Army
The Norwegian Army

Australian Attorney
Generals Department
European Office
of Aerospace R & D

Ministere De
L'Interieur

Israeli Defense Forces

Australian
Federal
P li
Police
Reserve Bank of New
Zealand
Australian Department of
Prime Minister and Cabinet

N
New
Z
Zealand
l d Department
D
t
t off Internal
I t
l Affairs
Aff i

- Proprietary & Confidential -

S l t dS
Selected
Safend
f d Healthcare
H lth
Customers
C t

- Proprietary & Confidential -

S l t dS
Selected
Safend
f d Financial
Fi
i l Sector
S t Customers
C t

(Japan)

(Spain)

United Nations Federal Credit Union

- -Proprietary
Proprietary & Confidential
Confidential - -

Selected Safend Enterprise Customers

- -Proprietary
Proprietary & Confidential
Confidential - -

Selected Safend Consulting


g Media& Advertising
g
Customers

- -Proprietary
Proprietary & Confidential
Confidential - -

Case Study
Healthcare: Firmley Hospital NHS
The Company
Frimley Park Hospital is a 720 bed NHS Foundation Trust employing
approximately 3,500 staff and serving a catchment population of over
400,000.

The Challenge:
incorporate differing requirements across different areas of the business
where unusual or complex medical devices are in use.
The organization required a solution, which could be deployed within the
short
h t ti
timeframes
f
required
i db
by th
the new mandates,
d t
which
hi h was easy tto
manage and deploy and would not impact on the productivity of medical
staff and administrators.

Safends
Safend
s Solution:
flexibility and granularity of the Safend solution, with a phased roll-out of
the policies on a by department basis. This ensured that a consistent
machine-based policy could be implemented on most PCs with the
y for unusual medical equipment
q p
occasional custom machine-based p
policy
and custom user-based policies layered on top to address individual
needs.
The end result is that the Trust has an endpoint and mobile data security
system that is largely invisible to the user but which provides full
assurance that it has satisfied
f
its obligations in securing mobile data.
- Proprietary & Confidential -

Having evaluated a number of


solutions, including one from
McAfee/SafeBoot, (which at the
time was centrally procured by the
NHS) the
th Trust
T t decided
d id d th
th
NHS),
thatt the
Safend solution was the best fit in
terms of manageability and
performance.
Safend was chosen because of
its
it comprehensive
h
i integrated
i t
t d
suite of endpoint security tools,
including reporting, port control
and disk and media
encryption. The other major
criterion for the selection was
the need for a centralised
solution with minimal
management overheads and the
need for a system that was
largely transparent to the
user.
- Firmley Park Hospital NHS, Head
of IT

Case Study
Government: Caerphilly County Borough Council
The Company
Caerphilly County Borough Council is the 4th largest
Local Authority in Wales and employs around 9,000
people.
p
p The Council delivers a wide range
g of services to
the 171,000 people living in the Caerphilly County

The Challenge:
Following many high profile cases regarding data
loss of USB devices throughout UK, and Caerphilly
CBC wanted to minimize these risks to the Authority
and ensure that their staff and the public were
protected from similar incidents
incidents.
To be able to identify the unique serial number held
within the removable device media.

Safends
Safend
s Solution:
In September 2008 the Authority implemented a full
lock down policy, allowing only encrypted, unique
serial numbered, Caerphilly CBC branded USB pen
di
drives
to b
be accessed
db
by approved
d staff
ff.
- Proprietary & Confidential -

Safend Protectors extremely


granular policies have allowed us
the flexibility to enforce our
corporate policies for a range of
removable storage devices in
confidence enabling us to protect
confidence,
the confidentiality of the Authorities
data held on these types of
devices.

- The Caerphilly County

Borough Council s Wayne


Turner, Network Development
Officer

Case Study
Government: Navy Mine Warfare Training Center
The Company
The only training center that trains sailors for
shipboard mine counter measures.

The Challenge:
To ensure the integrity and security of the sensitive
data used for instruction
Seamlessly control data access via portable devices
without impeding on instructors abilities to access
data for teaching purposes.

Safends
Safend
s Solution:
Deploying 350 licenses of Safend Protector to guard
against data leakage on nearly 850 ports throughout
the Navy Mine Warfare Training Center
C
Comprehensive
h
i S
Security
it off WiFi
WiFi, Fi
FireWire
Wi and
d
game ports

Safend was the no-brainer choice to


meet the Navy Mine Warfare Training
Centers needs. Of the 17 p
products we
tested, it was the only one that could not
be bypassed because it is loaded at the
kernel and since it is not loaded as a
service,, users cant shut the software off
and circumvent the protection. The
product was also very granular, making it
easy to control access based on
everything
y
g from device type
yp to serial
number. We found that its impossible to
beat from our testing you know you
have found the right solution when no
matter how hard y
you bang
g on it, it wont
break.

- The Navy Mine Warfare Training

Centers Director of Information


Technology Herb Armstrong
- Proprietary & Confidential -

Case Study
Healthcare: LA County Department of Mental Health
The Company
The Los Angeles County Department of Mental
Health (DMH) serves approximately one-quarter of a
million residents each yyear, making
g it the largest
g
mental health service system in the nation.

The Challenge:
Protection from leakage
g of the Department of Mental
Health sensitive and personal client data for
thousands of residents.
Appropriately allow the safe use of USB memory
sticks while blocking dangerous file types
types.

Safends Solution:
Seamless deployment of Safend Auditor and
Protector to over 4,000
4 000 machines at its 130 locations
across LA County
Enforce protection policies to ensure that the data
being saved was authorized, encrypted and
approved
d tto access our corporate
t ports
t
- Proprietary & Confidential -

Safend
Safend was the clear choice to
manage DMHs thousands of
endpoints. We chose Safend
because its auditing and alerting
capabilities
biliti were superior
i to
t
other products we tested.
Additionally, Safend offers a
tamper proof agent that is
unbeatable,
- DMHs Departmental Security
Officer Jeff Zito

Case Study
Financial Ombudsman Service
The Company
A leading UK-based professional services company

The Challenge:
Protection from leakage of client bank account,
insurance policy, personal health information.
A solution that blocks input/output devices as a
security defense against system outages
outages.
Appropriately allow the safe use of USB memory
sticks while blocking dangerous file types.

Safends
Safend
s Solution:
Seamless deployment of Safend Auditor and
Protector to over 1,000 machines
Transparent
p
encryption
yp
of data transferred to
removable media devices
Protection of data from the threat of hardware
keylogger devices.

- Proprietary & Confidential -

Safend
Safend Protector
Protectors
s interface is
straight-forward and well
presented Those benefits
combined with the fact that we
h
have
nott experienced
i
d any
security breaches since the
deployment means the project
can be considered a complete
success.
- William Knock, Infrastructure
Developer
att Financial
Fi
i l Ombudsman
O b d
Service

Case Study
Healthcare: Baptist Memorial Hospital
The Company
C
A leading private healthcare provider

The Challenge:
Establish company-wide data storage
policies to protect against data leakage
Achieve compliance with HIPAA
Eliminate the use of unauthorized USB
devices

Safends Solution:

With HIPAA compliance necessitating


data accountability, Safends ease-ofuse,, audit capabilities,
p
, and integration
g
with Active Directory simplifies
requirements.
- Lenny Goodman, IT Director for
Desktop Management at Baptist
Memorial Health Care

Define and enforce granular security


policies to control how ports and devices
are accessed.
Gain visibility to vulnerabilities at the
endpoints

- Proprietary & Confidential -

C
Case
St
Study
d
Technology: Roke
The Company
A leading technology research and
development center

The Challenge:
Lack of visibility and control of data loss
via removable devices.
Threat of security breach from 1,200
unmonitored devices.
Enforcement of unique
q security
yp
policies
by device type.

Safends Solution:
Enhanced auditing and visibility into
user activity for regulatory compliance.
Real-time usage updates by device.
Policy control adjusted by domain
domain,
computer, or user.

In many ways, Safend Protector has


more than met our expectations this
h been
has
b
reinforced
i f
d by
b the
th dealings
d li
that I have had with their support
department, who are as good as any
IIve
ve encountered in the 18 years Ive
I ve
been working in IT.
- Rob Matthews, IT Security Officer, for
R k
Roke

- Proprietary & Confidential -

Case Study
Finance: Winterthur Swiss Life Insurance
p y
The Company
A leading Swiss insurance company

The Challenge:
g
Gain control over the numerous amount of storage
devices connecting to corporate endpoints (mobile
workforce)
Enable easy deployment and management
Provide localized end user interface for
Winterthur's Japanese office
Achieve compliance with strict Japanese data
privacy standards

Safends Solution:
Allows easy deployment of Safend Protector and
policies using Active Directory
Device control only whitelisted devices
Localized end-user messages (Japanese)
Achieves regulatory compliance
- Proprietary & Confidential -

Most of the current endpoint


security products dont include
the strong focus on device control
that Safend Protector provides...
Safend was able to provide us
with a unique and comprehensive
solution to a growing problem
problem.
- Kazunari Kurasaki, Group Head
of IT, Winterthur

Wh t is
What
i being
b i
said
id about
b t Safend
S f d
Safend was chosen because of its comprehensive integrated suite of endpoint
security tools
tools, including reporting
reporting, port control and disk and media
encryption. The other major criterion for the selection was the need for a
centralised solution with minimal management overheads and the need for a
system
that was largely
to the user.
y
g y transparent
p
- Jonathan Spinks, Head of IT, Firmley Park NHS,

Safend was the clear choice to manage DMHs thousands of endpoints. We


chose Safend because its auditing and alerting capabilities were superior to
other products we tested. Additionally, Safend offers a tamper proof agent that
is unbeatable
- Jeff Zito, DMHs Departmental Security Officer

To our surprise, we didn't find many competitors in this particular space that
would give us the flexible and granular control we desired "
- Gilbert Mendoza, network administrator for Pechanga Resort & Casino

- Proprietary & Confidential -

What is being said about Safend


In my opinion, Safend should be considered the industry standard for endpoint data leakage
prevention technology. As an information technology director, when you find a tool that you cant
break - no matter how hard you try - thats a tool you keep in your tool box indefinitely
- Herb Armstrong, Director of Information Technology, The Navy Mine Warfare Training Centers

To our surprise, we didn't find many competitors in this particular space that would
give us the flexible and granular control we desired "
- Gilbert Mendoza, network administrator for Pechanga Resort & Casino
Safends products actually accomplish more than we expected. The product is
robust, helping us in our proactive quest to identify potential problems.
- Gene Peters, Director of Information Services, Philadelphia Stock Exchange

Safend
Safend Protector allows us to encrypt our confidential data and securely transport it
within our corporate network as well as outside the enterprise.
- Lenny Goodman, Director of Desktop Management for Baptist Memorial Health Care

Corporation.

After testing several products, we chose Safend Protector because of its flexible,
intuitive policies and its ironclad control over the various protocols and devices in
today's
today
s market such as USB, wireless, and removable media.
media.
-Ilan Cohen, CSO at Bank Hapoalim
- Proprietary & Confidential -

S
Security
it B
Breaches
h
EMEA
memory stick was believed to have
been lost in Edinburgh around
Christmas at Lothian and Borders
Police's headquarters. The stick
contains 750 entries on vehicles of
interest' to police, along with other
intelligence
intelligence

The personal data of 3 million


U K drivers has been lost by a
U.K.
the Driving Standards Agency
contractor bbc.co.uk

-- SC Magazine

HSBC admits losing a CD


containing the details of 370,000
customers ZDnet.co.uk

A
A flash drive found in a library
computer center in Sweden contained
classified NATO information -theregister.co.uk

- Proprietary & Confidential -

S
Security
it B
Breaches
h
EMEA

- Proprietary & Confidential -

Security Breaches
US
A Kaiser Permanente hospital
located in a Los Angeles suburb has
fired 15 employees and reprimanded
eight others for improperly accessing
the personal medical records of
Nadya Suleman, the California
woman who gave birth to octuplets
in January.
-- Network World

University of Nevada professor loses


memory stick containing the personal
i f
information
ti off 16,000
16 000 currentt and
d
former students -- Reno GazetteJournal

Missing records on hundreds of


thousands of Arkansans could pose
a major security threat and now
state police are investigating
investigating. A
company the state hired to keep
records on criminal background
checks says it can't find a computer
tape used to store the information..
FOX16.com
The city of Chicago now says more than
60,000 people may be at risk of having
their identities stolen - after a laptop
computer was stolen from an employee
of a company that handles billing for
Chicago Fire Department ambulances
-- CHICAGO (WBBM)

- Proprietary & Confidential -

Security Breaches
US

- Proprietary & Confidential -

S
Security
it Breaches
B
h
APAC

9 memory sticks have been stolen from 5 Hong Kong hospitals. The devices
h ld th
hold
the personall iinformation
f
ti off 3,000
3 000 patients
ti t " -- thestandard.co.hk 2008

A former LG Electronics employee used a portable hard drive to transfer


technology from LG to a Chinese company. The theft could cost LG $1.35 billion."
-- the Sydney Morning Herald 2008

A
A former contract worker for Dai Nippon stole 9 million pieces of private data on
customers from 43 clients."

- Proprietary & Confidential -

S
Security
it Breaches
B
h
APAC

- Proprietary & Confidential -

S
Security
it B
Breaches
h
Government/Military

HM Revenue & Customs (HMRC)


lost two computer discs holding the
personal details of 25 Million people
-- bbc.co.uk

A New Zealand man who bought an


A
MP3 player from a thrift shop in
Oklahoma, USA, found it held 60 US
military files, including names and
t l h
telephone
numbers
b
off A
American
i
soldiers, a media report said on
Tuesday.
Fox News

"Iowa Department of Natural


Resources contractor loses flash drive
containing the PI of 7,000 people who
work on wastewater and drinking water
systems" -- kcrg.com

US Militaryy Contractor sold a thumb


drive containing the personal data of
17,000 military employees to an
Undercover Agent -- infoworld.com

- Proprietary & Confidential -

S
Security
it B
Breaches
h
Government/Military

- Proprietary & Confidential -

S
Security
it Breaches
B
h
Education

An external hard drive stolen from


Georgetown University contained
sensitive data of 38,000 current and
former students, faculty and staff -thehoya.com

Oregon Health & Science University is


contacting
g 1,000 p
patients after a
physician's laptop was stolen from a car
parked at the doctor's Washington
County home.
-http://www.kptv.com
http://www.kptv.com

A
A flash drive containing 7,000
student SSNs was stolen from
an employee at the University of
Cincinnati --Cincinnati Enquirer

A stolen Cornell Universityy computer


p
has compromised the personal
information of thousands of members
of the University community.
-- www.
www wvbr.com
wvbr com

- Proprietary & Confidential -

S
Security
it Breaches
B
h
Education

- Proprietary & Confidential -

Security
S
it Breaches
B
h
Finance

The Bank of New York Mellon says


sensitive data of more than 4 million
people owning shares in public
companies was exposed after a box of
back-up
p data storage
g tapes
p went
missing www.news.cnet.com

Talvest
T
l
t Mutual
M t l Funds
F d lost
l t a backup
b k
computer drive containing data of about
470,000 investors including names,
account numbers and SSNs
SSNs
--ITWorldCanada.com

A Deloitte & Touche employee


p y left an
unencrypted CD containing sensitive
information on thousands of McAfee
employees in the back of an airline
seat computer world
seat.

The FBI on Friday arrested a former


Countrywide Financial Corp. employee
and another man in an alleged scheme
to steal and sell sensitive personal
information including Social Security
information,
numbers, of as many as 2 million
mortgage applicants.

Los Angeles Times

- Proprietary & Confidential -

Security
S
it Breaches
B
h
Finance

- Proprietary & Confidential -

Security Breaches
Healthcare/Pharmaceuticals
The Georgia Department of
Community Health lost a CD
containing names, SSNs, and
addresses of 2.9
2 9 Million people on
Medicaid -- MSNBC

"AmeriChoice is reporting that an


unencrypted CD containing 67,000
members records was lost in transport."
p
-- wate.com

The confidential information of some


13,000 Pfizer employees is at risk for
exposure after a laptop and flash
d i were stolen
drive
t l theday.com

The Swedish Urology Group located in


The
Seattle WA is notifying hundreds of
patients and staff about 3 stolen external
computer hard drives that contained
personal information. komotv.com

The
The California Department of Health Care
Services has notified nearly 30,000
individuals of a breach stemming from the
loss of a compact disk that may not have
been encrypted. - Healthcare Information Security
- Proprietary & Confidential -

Security Breaches
Healthcare/Pharmaceuticals

- Proprietary & Confidential -

Security Breaches
Business

A former LG Electronics employee used


a portable hard drive to transfer
technology from LG to a Chinese
company.
p y The theft could cost LG $1.35
billion."
-- the Sydney Morning Herald 2008

A former Boeing quality insurance


inspector copied 300,000 pages of
internal Boeing documents to a
portable drive between September
2004 and April 2006. bbc.co.uk

Alcatel-Lucent notified employees that


a computer disk containing employee
names, addresses, SSNs, and salary
information was lost in transit. Canada
technology news

- Proprietary & Confidential -

Security Breaches
Business

- Proprietary & Confidential -

Security Breaches
Web, Email
Email systems
systems, file transfer systems,
systems instant messaging systems,
systems blogs,
blogs wikis,
wikis
Web tools, thumbdrives and other tools can be used to send confidential
information in violation of corporate policy, common sense and the law.
The result is that trade secrets
secrets, designs,
designs proprietary processes and other
knowledge assets can all be compromised if not adequately protected.
For example:
In 2008, Social Security numbers and names of 198 Marshall University
(Charleston, WV) students were posted to the Internet.
In 2008, an employee of Ivy Tech Community College (Bloomington, IN)
intended to send student information to a single employee, but inadvertently sent
an invitation to view the file to a much larger list.

2008 Osterman
O t
Research,
R
h Inc.
I
Why
Wh Your
Y
Organization
O
i ti Needs
N d to
t Implement
I l
t DLP

- Proprietary & Confidential -

Security Breaches
Web, Email
In Januaryy 2009,, an employee
p y of p
public relations firm Ketchum used Twitter to
post some very unflattering comments about the city of Memphis shortly before
presenting to the worldwide communications group at FedEx Memphis largest
employer. An employee of FedEx discovered the tweet, responded to the
tweeter,
and then copied FedExs senior managers, the management of FedExs
communication department and the powers that be at Ketchum.
During April 2010, a Microsoft Excel worksheet that contained the names of
10,006 individuals, their occupations and other information was emailed to a
j
journalist
li t b
by someone iin th
the G
Gwentt (W
(Wales)
l ) police
li d
department.
t
t N
Nearly
l 900 off the
th
individuals identified in the worksheet had a criminal record.
During March 2010,
2010 a gubernatorial candidate in Massachusetts sent a
fundraising email to members of the states Senate and House in violation of
Massachusetts campaign finance laws
2010 Osterman Research, Inc. The Case for Outbound Content Management

- Proprietary & Confidential -

Regulatory Fines

- Proprietary & Confidential -

A ti N
Anti
Network
t
kB
Bridging
id i

Blocks hybrid network bridging (such as WiFi and 3G card bridging)


while the PC is connected to the wired corporate
LAN
p
Prevents hackers access to confidential data residing in the
corporate
t network
t
k

- Proprietary & Confidential -

R
Removable
bl Device
D i and
d Media
M di Encryption
E
ti
AES with 256 bit key length
encryption

Backup/Restore Data maintain data when initializing


devices

Streamlined Wizard
E
t data
d t copied
i d tto removable
bl
Encrypts
storage devices, such as USB flash
drives, SD cards, external hard
drives, and CD/DVDs.
Encryption is transparent to users
within the corporate network
M d t the
th encryption
ti off data
d t
Mandates
transferred to external hard drives,
removable storage and media.

Portable, Agent-less Offline


Access Utility
The utility is automatically
created on encrypted drives
Users run the utility
y from
the device for accessing
encrypted data
Configurable
Password Policy
g
y
for the Safend Protector
Access Utility device password.

Data
D
t is
i iinaccessible
ibl outside
t id the
th
corporate network unless permitted
by the Safend Protector
administrator

- Proprietary & Confidential -

Parameters include minimal


password length and the types
off characters
it contains.
h
t
t i

Anti Hardware Keylogger


Renders PS/2 port hardware keyloggers useless
Provides endpoint immunization from password and identity theft.
The only solution to detect and block both USB and PS/2 hardware
keyloggers

Before

After

- Proprietary & Confidential -

- Proprietary & Confidential -

6 of Top 200 Global Developing World Banks


Selected Safend Customers

Bradesco - Brazil
Banco Davivenda -Colombia
Banco Banesco Panama
Banco Banesco Venezuela

Source: BankersAlmanac.com, except * Source: bank annual report, ** Source: bank data

- Proprietary & Confidential -

I
l Ports
P
Internal
Monitor and alert on changes to internal computer
configurations
P t t against
Protect
i t
Connecting additional hard disks to extract data
Connecting network cards and other hardware

Covers all internal ports


p
IDE, SCSI, ATA, S-ATA and more

Logs/Alerts
/
in Client
C
Logs
Connect/disconnect
Port = Internal
- Proprietary & Confidential -

Novell eDirectory Synchronization


S
Synchronize
h
i with
ith Novell
N
ll eDirectory
Di t
service
i
Import organizational tree structure and objects

Objects can be used while


Associating policies to groups/users/computers
Viewing and querying logs
Managing clients

Compatibility in clients
Novell user login

- Proprietary & Confidential -

External Database
Connect to existing Microsoft SQL database
Benefits
Re-use existing infrastructures
High performance
Scalabilityy (e.g.
( g database cluster))
Connect to reporting tools

Database
(Internal / External)
Logs

Policies/
Configuration

Setup
Connect to database during install

M i t
Maintenance
Key/Configuration backup supported
Log
g backup
p Administrator responsibility
p
y
- Proprietary & Confidential -

Management
Server

Safend Protector
File Type Control
Prevents
Data Leakage (Write)
Virus/Malware (Read)
I
i t Content
C t t (Read)
(R d)
Inappropriate

File header based classification


Not by extension (Tamper resistant)

Over 250 file extensions in 14


categories
Policy
Flexible White/Black List
Separate for Read/Write

Log/Alert per file type

Category

SampleExtensions

PublishedDocuments

PDF,PS

Images

JPG, JPES,GIF,BMP
JPG,JPES,GIF,BMP

WebPages
MicrosoftOffice
Text&ProgramCode
Multimedia
CompressedArchives
CD/DVDImageFiles
Executables
PGPEncryption
ComputerAidedDesign
(CAD)
MicrosoftOutlook
Databases
FrameMaker

- Proprietary & Confidential -

HTML,
HTM,MHT,HLP,CHM
DOC,DOCX,PPT,PPTX,
XLS
TXT,CPP,C,H,GCC,
JAVA
WAV,WMA,MP3,
MPG AVI
MPG,AVI
ZIP,ARJ,RAR,GZIP,JAR,
CAB
ISO,NRG
EXE DLL COM OCX
EXE,DLL,COM,OCX,
SYS
PGP
,
DWG,DXF
PST,DBX
MDB,ACCDB
MIF,BOOK,FM

Safend Protector
File Type Control

- Proprietary & Confidential -

I
Inspection
ti Policy
P li Data
D t Channel
Ch
l Safend
S f d

- Proprietary & Confidential -

Di
Discovery
Policy
P li

- Proprietary & Confidential -

Cl
Classification
ifi ti

- Proprietary & Confidential -

S f d Auditor
Safend
A dit
Key Features
Find out whos connecting what
devices and WiFi networks to
every endpoint
Identify and manage endpoint
vulnerabilities

protector

encryptor

inspector

discoverer

Identifies all USB, FireWire, PCMCIA


devices and WiFi network ports
Views results in minutes via simple and
powerful reporting

Compatible with existing network


management or admin tools
Intuitive, clientless and easy to
use

- Proprietary & Confidential -

auditor

Step 1: Select Ports and Computers to Audit

Computers to Audit

Audit Filters by Port Type

- Proprietary & Confidential -

St 1a:
Step
1 Optionally
O ti
ll Refine
R fi your Search
S
h

Devices to detect

- Proprietary & Confidential -

St 2:
Step
2 Run
R S
Scan tto G
Generate
t Report
R
t

Connection Summary

Detailed Device Report

- Proprietary & Confidential -

Step 3: Detailed Audit report


By User: Historic & Real-time
White
Whit li
listt

- Proprietary & Confidential -

You might also like