Safend has unveiled several enhancements to its Data Protection Suite, including a new content inspection and filtering tool called Safend Inspector.

Safend Inspector builds on the existing port, device and file control available in Safend Protector, but adds another layer of granularity on top.

Rather than just blocking specific data file types or channels, Safend Inspector is designed to enhance data loss prevention by analysing the content of files being sent outside the corporate network.

This approach gives IT security personnel a greater level of control, the firm said, while allowing users to freely send content that does not need to be protected.

The system can be configured to block the transfer or notify the end user or administrator when potentially sensitive data is being transferred to an external device such as a USB drive, printers, network shared drives, or over email, web or other TCP protocols. All transactions are logged, creating an audit trail to help ensure regulatory compliance and detect anomalous behaviour over time.

Safend Inspector can identify and distinguish different types of numbers in context, such as UK National Insurance numbers, US Social Security numbers and credit card numbers, to avoid incidences of false positives.

To help speed up deployments, Safend also creates policy templates for specific industries adhering to Payment Card Industry standards, such as healthcare or retailers, which will include all the most important requirements for these verticals and can be fine-tuned to the organisation's individual requirements.

The solution can also accommodate granular levels of a data leakage prev ention policy, so that rules can be set on the use of individual devices, providing organisations with greater control over the information that leaves their premises. The company claims that this will allow users to work transparently while still meeting internal governance and legislative compliance requirements.

"We understand that end users need solutions which combine ease of use with granular policy setting," said Edy Almer, vice president of product marketing at Safend.

"We also understand that endpoint software deployment is not an easy task, so we make sure we deploy a single agent, single management console and single server to cater for all the organisation's data protection needs. This reduces training, deployment and direct financial costs, lowering total cost of ownership."

Safend also unveiled a new version of Encryptor, its file-based hard disk encryption product, adding a series of user experience improvements.

Almer said that, although pre-boot authentication and encryption systems can help protect end user devices at rest, they can also create a major headache for IT managers trying to maintain and control these devices, as remote management becomes almost impossible. Similarly, other routine tasks such as password resets become more complicated.

He believes that, by integrating the protection into the standard Windows log-in, the same level of protection can be offered, but making it completely transparent to end users, helpdesk operators and administrators as it requires no changes to work processes. Furthermore, by encrypting only user files, these can be protected while leaving programs and operating systems untouched and accessible by support staff for routine maintenance, patching and upgrading.

Safend is enrolling beta customers for Safend Inspector, and will be d emonstrating its enhanced Data Protection Suite at Infosecurity Europe 2009 in London later this month.