Seclore - menaisc.com
Transcript of Seclore - menaisc.com
Seclore
Overview
6 April 2014
• High-growth Information Rights Management (IRM) software
product company
• Global Headquarters – Mumbai, India
• Customers in India, Middle East, Europe, South-East Asia
Who We Are
• Incubated and promoted by IIT Bombay (2006-08)
o Technology commercialization program “SINE” (www.sineiitb.org)
• >100 employees
• >250 clients, >3 millions users
• Geographic coverage
o Direct – South Asia, Europe, North America, Middle East
o Indirect – Africa, South America, North Asia
Awards & Recognition
2012 Seclore was named as the Gartner Cool Vendor for 2012
2009Seclore was among the top 25 in the Marico Innovation for India 2010
Awards
Seclore was in 2010 global list of "Hidden Gems" in Identity and Access
Management2010
Seclore was among the top 10 finalists in the Innovations Ideas in
Practice 2010 by IIT, Bombay Alumni Association, Pune 2010
The TR35 award is for innovators, whose inventions and research,
Massachusetts Institute of Technology (MIT) finds exciting2009
2012 Seclore was named in the Deloitte Technology Fast 50 for 2012, and
again in 20132013
Global Presence• Partnerships with leading SI companies like IBM, Wipro, HCL etc. for global
implementation, integration and support
• Customers and partners spread across timezones, languages and cultures
Private and Confidential
4
THE PROBLEM…Seclore FileSecure
Enterprise Information Universe
Structured Databases
DigitalInformation
Transaction Applications
Files, Documents, Folders, Emails…
Unstructured InformationInfo
Secure the…
… Endpoints
… Servers
… Network
… Sharing method
Perimeter Security works within the Enterprise…
Traditional information security approach
Create a boundary around the information and
Control who can access it
…but what about information going outside?
Very often, information needs to travel outside the enterprise boundary to:
Every enterprise needs External Collaboration
Outsourcing Vendors
Auditors Customers Mergers
Partners
There isNO
perimeter!!!
Today’s Reality
Information sent outside the enterprise boundary
is impossible to control
So, can I secure my information?
Controls are limited to
NDAs???
THE SOLUTION…Seclore FileSecure
What Seclore FileSecure controls
TOP SECRET
CONFIDENTIAL
INTERNAL
PUBLIC
PROTECTOR
POLICY 1
POLICY 2
POLICY 4
POLICY 3
PermanenceProtection will always persist with the file
Remote-ControlChange your protection policy,sitting anywhere in the world
Audit TrailAll activities on file tracked: Users, Activity type, Date/Time, Location
Policy Attributes
The dream … is reality!
The Past…and the Future
Secure YOUR information regardless of how it is shared or distributed
Device restrictionsBYOD, CD’s, Pen drives, etc.
Seclore FileSecure removes the need for
these restrictions
Service restrictionsEmail, Internet access, File transfers, etc.
• WHO accessed the file, WHAT did the user do, WHEN & WHERE, is all captured from
distributed usage environments and reported centrally
• These audit reports can be sliced and diced using a report builder, and can be used in
compliance reporting for frameworks like ISO 27001, Sarbanes-Oxley, GLBA, PCI-DSS,
HIPAA, etc.
Audit the Usage of Information
DATA CLASSIFICATIONSeclore FileSecure
Holistic information loss prevention
Data Classification
Content Inspection(aka Data Leakage Prevention, DLP)
DC
CIRM
Rights Management
Data Classification
• Identifies sensitivity of information
• Provides a convention for information labels
• Educates the users on how to use information
Private and Confidential
19
Classification Description
SecretInformation to be strictly used within the organization. Unauthorized
disclosure of such information can have serious business impact E.g.
Business plans, strategy, financials, trade secrets…etc.
ConfidentialInformation to be shared on a ‘need to know’ basis only. Unauthorized
disclosure can impact some part of the business. E.g. Customer data,
Employee data, partner agreements…etc.
InternalInformation that may be shared with any employee.
Unauthorized disclosure cannot significantly impact the business. E.g.
Operation procedures, product documents, internal reports…etc.
PublicInformation that may be shared with anyone. Unauthorized disclosure
does not have any business impact. E.g. Product features, published
pricing, published reports…etc.
MODES OF PROTECTING INFORMATIONSeclore FileSecure
1. Manual Protection
A document on user desktops/laptops can be manually protected by using mouse
right click option or as soon as the document is created on a user driven prompt
or predefined settings…
2. Folder Based Protection
A document gets protected as soon as the document is placed in a certain
location: E.g. Folder / File Server.
3. Email Protection
A document gets protected along with the email content by using FileSecure’s
email protection functionality.
A document gets protected via integration with content management systems
such as MS Sharepoint, IBM FileNet, EMC Documentum, Omnidocs etc.
4. Document Management System Protection
Seclore FileSecure
Policy Server
View only access
View + Edit access
Unauthorized
USB/CD/DVD
Stored
data
Instant
Message
FTP
SharePoint /
Lotus Notes /
Exchange
Databases
File
Servers
Print/Fax
DLP Policy
Monitoring & Prevention
Discovery & Protection
Webmail
Web
servers
Untrusted
networks
All DLP processes monitoring Endpoint, Network and Storage can invoke FileSecure API to protect file-based content
5. Content Discovery (DLP)A document gets protected as soon as it is “discovered” or “tagged” by a DLP system
Integration Offerings
Content / Document Management:IBM FileNet MS SharepointNewgen Omnidocs EMC Documentum
Data Loss Prevention:Websense DLP McAfee DLPSymantec DLP GTB DLPMyDLP
Mail & Messaging:IBM Lotus Notes MS ExchangeOracle CollabSuite
INDUSTRY USE SCENARIOSSeclore FileSecure
Outsourced Printing – Protected by Seclore
Data file generatedProtected using
Seclore FileSecure
1
Data file sent to outsourced printing vendor
Protected data file downloaded and saved Processed in Printing Application; Protected print-ready output file generated
Protected print-ready files printing using a Windows spooler
5
These policy documents / account statements are now ready to be dispatched
2
43
Secure Outsourcing - Use Case Scenario
BPO /
KPO /
LPO
Seclore FileSecure
Policy Server
View only access
View + Edit access
Unauthorized
Document is then
distributed internally
Client$$
Private and Confidential
Selected Industries’ Use Cases
Manufacturing Knowledge Process Outsourcing
An existing plant was being decommissioned and shipped to another location for reconstruction
Plan Specifications
The new plant to be constructed involved external consultants and vendors who would work on the designs and specifications
Plant Commissioning
Operational strategy, budgets and strategic focus areas
Operational Plans
Periodic reports on operational metrics like output quality wastage, equipment utilization machinery break-down chart
Operational Reports
The liability of the client’s confidential information is passed on to the outsourcing firm through contracts of agreements
Client Liability
The data processing and operations include freelancers who enter into temporary relationships for short periods only
Freelancers
The information distribution medium was difficult to secure due to constraints on infrastructure
Information Distribution
Due to nature of the industry the manpower turnover is quite high, which increases the potential for data leakage
Manpower Turnover
FileSecure helped to ensure information can be restricted to the group of people who require information
AutoCAD drawings are being widely used with the standard AutoCAD software and AutoCAD viewers
Solution:
FileSecure helped to ensure collaboration without compromising on security given the constraints on infrastructure and involvement of external parties
The customer liability was significantly reduced
It was possible to securely scale the operations and work with freelancers
Solution:
Several research related documents that contain the organization’s primary intellectual property
Research IP
A product dossier contains the complete information for a drug molecule. Loss of this information can cause serious financial impact
Product Dossiers
Information usage was required to be restricted to a certain location only. It should not be available anywhere else
Location Restriction
Manpower turnover is a serious threat to the information security. Key people could leave the organization with its IP
Manpower Turnover
Pharmaceutical
Solution:
Product dossiers and research reports could be freely shared with external parties and still be controlled from within the organization
Sharing of the most confidential IP related information did not compromise the information security controls
The KM portal is made accessible to everyone within the organization. This is a huge archive of intellectual property
Knowledge Management
Each project tender contains very sensitive information relating to pricing structure, materials costing and rate contracts
Tendering Process
The final deliverable is a set of recommendations that are delivered as a document- This is intellectual property
Consulting Services
Design specifications are shared with vendors and fabricators - data should not be accessible after the project is completed
Design Specifications
Engineering Services
Solution:
FileSecure implemented across multiple firms within the group including EPC and manufacturing units
FileSecure capabilities to restrict printing, copying and screen capture are being used extensively. External parties have access to this data but cannot misuse it
Thank You! And Questions…
Seclore Technology Pvt Ltd
website:
email:
www.seclore.com