All the latest UK technology news, reviews and analysis
|
|
|
13 Apr 2010
Network security firm Check Point has launched a new data loss prevention (DLP) tool designed to boost user education by giving administrators the option of asking employees to remediate potential breach incidents themselves.
Check Point DLP features a MultiSpect content classification engine which can classify and detect whether sensitive data, including intellectual property, personally identifiable customer information and compliance related data, is about to leave the company network.
An optional UserCheck feature can then alert employees with a pop-up window or email if data is at risk, prompting them to remediate before a breach and helping to educate the end user, according to Check Point chief operating officer Amnon Bar-Lev.
"Everyone is leaking information. It's happening every day, but we've gone for a different approach to the leading vendors," he said.
"Our DLP is not just a technology platform. It's very simple and non-intrusive, and UserCheck means you have a more meaningful log and you can really educate the user."
The product comes with over 250 pre-defined best practice policies which can be managed from a single user-friendly interface, the firm said.
Check Point DLP can be bought as an appliance or a software blade, and can be "plugged into any Check Point gateway so no other investment is needed", said Bar-Lev.
Check Point also launched the SmartEvent Software Blade, a security management solution designed to collect data from Check Point and other devices including firewalls, intrusion prevention systems, DLP and endpoints, and display them in a single interface.
The product is aimed at providing administrators with a clear view of the most critical incidents in real time.
Latest stories from Security
Related articles
Related jobs
Poll
Are you confident that the UK's IT infrastructure is secure from attack in the wake of the Flame malware revelations?
TFL director of Games transport Mark Evers discusses how the public transport network is preparing for this summer's event
Connect with V3.co.uk
The wrong printers, for the wrong tasks on the wrong contracts
Who leads the BI pack and who should we be watching out for?
THIS ROLE IS LOOKING AT IMMEDIATE STARTERS AND WITH MULTI...
Sales Consultant - Data Centre, Colocation, Hosting...
Senior Interaction Designer (User Experience, UCD, Interactive...
Information Architecture / IA / User Experience / UX...
Keep up to date with the latest products, services and technologies from the world's leading IT companies. IThound.com brings you over 2,000 white papers, case studies and analyst reports.
Do you agree?
Promises, promises - does Check Point have the 5 essential DLP functions?
1. Comprehensive channels coverage. It is impossible to predict which outbound channel the next data leak will occur. Some expected avenues are: corporate email, private email, webmail, blog, instant messenger, P2P application, internal web or FTP server etc. Therefore, the DLP system must cover ALL the relevant channels. The majority of ?DLP? systems do not even try to cover all network channels. Typically, they cover SMTP, FTP, HTTP (client side), sometimes HTTPS and instant messaging. This coverage is further handicapped. For example, scanning SMTP, these systems require integration with the corporate email server and inspect only emails sent through it. Emails sent through an external ISP are overlooked. Emails accessed from outside the perimeter through POP3 or HTTP (server side) are ignored by such solutions. The dangers of file sharing applications and exposure of the internal web servers are disregarded. 2. Enforcement Data Leak Prevention, by its definition, requires electronic enforcement of the data security policy ? i.e. the product must be able to effectively block transmission of protected data. Many ?DLP? products being sold are actually DLD ? Data Leak Detection products. They are designed to report what data breaches have occurred, instead of stopping them in real time. 3. Content Inspection The true DLP solution must inspect content. Making decisions based on the form (file type, file attributes etc.) or meta-data (author, language, size of attachment etc.) is not enough. 4. Accuracy The DLP solution must be sufficiently accurate. Among two types of errors (false positives and undetected leaks) the more dangerous error is a false positive. In the enforcement mode, even a small amount (0.1%-0.2%) of false positives can wreak havoc in the organization. Therefore, a DLP solution has to employ detection technology with virtually zero false positives. Another aspect of accuracy is that the DLP system must protect data and not a specific form of its representation. Therefore, the DLP system must be resilient to typical modifications of the data, such as excerpting, embedding, changing file format, re-ordering, re-typing, text re-formatting etc. 5. Non-duplicating protected data. The DLP solution must not duplicate the protected data in any form! If it does, then DLP becomes Data Leak Provoking. But many vendors still sell products, copying the data they are supposed to protect into their internal database. Encrypting such data, or keeping it in the form of the search index is not enough to satisfy this requirement! Wendy - GTB Technologies (DLP Vendor)
Posted by: Wendy - GTB Technologies 13 Apr 2010