seclore file secure introduction brief

Introduction and presentation to CEVA Logistics

&

About …About …

Seclore is a high growth information security product company focused on providing Security without compromising collaboration

Seclore’s flagship product Seclore FileSecure is used by More than 1.5 million users & some of the largest enterprises

TELEMARKETER

Information exchange in the collaborative world

Information is exchanged between Employees of the organisation

Enterprise

CUSTOMERS

VENDORS

Information is exchanged between employees & vendors & employees & customers

Competitors

What happens if an employee with privileged access leaves to join a competitor ?What happens if information shared with a vendor is lost by the vendor ?

VPN

SSL

UTM

Firewall

…

Firewalls

Underlying Issues

Share it = It becomes his (also)Ownership and usage cannot be separated

Shared once = Shared foreverImpossible to “recall” information

Out of the enterprise = Free for allTechnology & processes are only applicable within

Options for securing unstructured information

Option 1 : Control Distribution

. . .

Security Collaboration

Options for securing unstructured information

Option 2 : Control Usage

. . .

Security Collaboration

RightLocation

RightTime

RightAction

RightPerson

• WHO can use the information

People & groups within and outside of the organization can be defined as rightful users of the information

• WHAT can each person doIndividual actions like reading, editing, printing,

distributing, copy-pasting, screen grabbing etc. can be controlled

• WHEN can he use itInformation usage can be time based e.g. can

only be used by Mr. A till 28th Sept OR only for the 2 days

• WHERE can he use it fromInformation can be linked to locations e.g. only

3rd floor office by private/public IP addresses

Seclore FileSecure allow enterprises to define, implement & audit information usage “policies”. A “policy” defines :

Seclore FileSecure

Information Rights Management

Policies are• Persistent : Policies are implemented on information and all

its copies wherever they are transmitted or stored• Dynamic : Policies can be changed without having access to

or redistributing the information• Monitored : Policy changes can be monitored

User actions are• Monitored : Individual actions ( authorized AND

unauthorized ) like viewing, editing, printing etc. are monitored and centrally available in a reporting tool

Maya’sComputer

Information creation

Maya’sComputer

Manual policy assignment

Policy definition – WHO, WHAT

Policy definition – WHEN, WHERE

Owner of Document protects the file

Maya’sComputer

Manual protection

Maya’sComputer

Manual policy assignment

Hot Folder protection

Sharepoint upload

FileNet upload

Email send

Email send

Other options of applying policies

• Download of reports from transactional systems like ERP systems

• Extraction from business intelligence and reporting tools

• “Discovery” by E-discovery and content aware DLP systems– Pattern recognition– Owner and format recognition

• ...

Policy controlled information

organization

Collaboration

RightLocation

RightTime

RightAction

RightPerson

Research Dept.Research Dept.

Maya Research Associate

NealResearch Associate

Head Research

Collaboration - within

Neal’sComputer

Recipient – within the enterprise

Neal’sComputer

Rights display

After a user “accepts” the policy is when the actual content is shown to him/her

Neal’sComputer

Unauthorized print

Neal’sComputer

Unauthorized print

Neal’sComputer

Unauthorized copy

Neal’sComputer

Unauthorized copy

Neal’sComputer

Unauthorized screen grab

One more users receives File

Head ResearchComputer

Recipient – within the enterprise

This user has full control of document

Head ResearchComputer

Rights display

Policy admin

Research Dept.Research Dept.

Maya Research Associate

NealResearch Associate

Head Research

Head - Marketing

Head - Finance

Head - Legal

External reviewer

Head Research Distributes files to other Internal Employees and External Users

Collaboration - outside

External user identity management

External Reviewer's Computer

Recipient - outside

External Reviewer's Computer

Explicit authentication

External Reviewer's Computer

Unauthorized save

External Reviewer's Computer

Unauthorized save

Maya's Computer

Information audit

Maya's Computer

Information audit

Maya's Computer

Forensics

Owner (Maya) Redistributes the File with New Policy

Maya’sComputer

Old Policy Definition

Maya's Computer

Old policy

Old Policy Definition

Internal Users

External Users

Old policy

New Policy definition

Maya's Computer

New policy

Internal Users

New policy

External Reviewer Still has a file on his desktop

External Reviewer's Computer

Orphaned copies of information

External Reviewer's Computer

Policy control message

External Reviewer's Computer

The default disclaimer

Key criteria in evaluating IRM for Ceva

Format and application support

Integration-friendliness around existing IT infrastructureIdentity systemsTransactions systemsReporting and BI toolsECM systems

Auditing capabilities

External user identity management

Mature policy management and consulting services

Licensing modelUser based / Protector based

Thank You

Website : www.seclore.com

Blog : blog.seclore.com Phone : +91-22-4015-

5252