Data Leakage Prevention Use Cases

This slide deck describes the ability of GTB’s DLP Suite solution to address high level use cases based on Customer Requirements

Requirement:1. Is End-User concerned with confidential information leakage outside their network? 2. Does End-User need to monitor sensitive content as it is being sent across the network

to external drop box websites, public blogs, wikis, FTP sites and web chat rooms,etc?3. Does End-User need a solution that must monitor data as it is being sent in real-time? 4. Does End-User need a solution to block these transmissions when a certain

predefined criteria are met?

GTB DLP: A. The GTB Inspector is designed to inspect all ports on all protocols. B. GTB Inspector inspects any data format (file format agnostic)C. GTB Inspector comes with built in SSL Proxy to inspect secure transmissions.D. This enables organizations to become content & context aware to data transfers over the

internet.

USE CASE 1Data-in-Motion to the Internet

Requirement:1. Does End-User needs to identify their content based on an automated classification

process? Example: Once classified, efficient content management of big data streaming through their environment is required including to easily un-classify data if deemed non-confidential. A tool must be provided to complete such requirements with pre-defined measures of enforcement. This must be done with no performance degradation or interference of the network.

GTB DLP: The very first step and the most important is what to protect! GTB Technologies has a unique vision to classifying data. We developed our own content-fingerprinting engines for structured and unstructured data. The data classification technology is called the GTB Security Manager. Within this tool, customers have the options to classify their data as “mission critical”, “high severity”, “medium severity”, and “low severity” The Security Manager is also the tool to create specific company policies. General mandates already come out-of-the-box such as Singapore PDP Act, PCI, HIPAA, GLBA, SOX etc. * Refer to next slide on pre-defined and customized ability to define policy within the GTB system.

USE CASE 2Data Classification & Management

The GTB system comes with built-in Expressions for: @@@CCN - Credit Card Number @@@EMAIL - Email from a common domain

Example ofPre-Built Policies

Requirement:1. Given the architecture for corporate email and the desire to protect email data, What DLP

capabilities are available within your solution to inspect and take action (Log,Block,Quarantine) on email transmissions?

GTB DLP:a) Having a full built in Mail Transfer Agent and Smart Host, the GTB Inspector may be deployed on premise

with the full DLP capability. b) The GTB MTA supports the following Enforcement Actions: “Pass” “Log” “Quarantine” “Block” “Severity

Block” and “Encrypt.” c) Options are available to alert the user violator, the boss, and/or special security responders. The system

supports thresholds for Severity Levels. d) An Enterprise may decide to allow users handle/remediate a low severity violation improving education

on PDPA,PCI, GLBA, HIPAA, SOX etc mandates and overall education on security. e) There are no sign ups or logins to the console being easy to use. These alerts are fully customizable and

may or may not include the actual content violated (sensitive data masking).

USE CASE 4Email Protection

Requirement:1. Accidental mode of data leakage due to user error can cause a major data leakage

incident. Does End User need a solution that can monitor such incidents and secure such transmission with automated encryption?

Example: A user correctly emails a zip file that contains a PDF document having a large number of tax IDs to a Tax client email address etc. However, the user forgot to encrypt the email. The DLP solution is expected to examine the file, determine it contains sensitive content and automatically encrypt to the expected destination. An email shall then be sent to the sender informing to next time encrypt.

GTB DLP:The GTB Inspector automatically routes emails being sent out the Encryption Gateway and alert the user (optional) a reminder that communication should be done via an encrypted email message.

USE CASE 6Encryption Automation

Requirement:1. Does EU require a DLP system that must be able to control any type of removable devices at

the endpoint level with the ability to track, alert and/or block when confidential data being copied from laptops when users are off the network?

2. Does EU require a system that must then be able to audit any removable media inserted to any machine and record Device Name, Device ID and Device and Volume Number?

GTB DLP:The GTB Endpoint Protector offers organizations the ability to control what content can be transferred between the network, applications & removable media devices. All data sent to removable media is intercepted and inspected by the GTB inspection engines. GTB Endpoint Protector has four main functions:

1. Controlling removable media devices connecting to the network both in-line or wireless2. Providing detailed removable media auditing of hardware and file transactions3. Protecting data by selective encryption of specific file types or protected content 4. Ability to monitor and control data before it is transferred to removable media5. Application Control for Skype, Gtalk, QQ, Evernote,etc.

USE CASE 7Endpoint Control & Protection

Requirement: 1. Does Users often connect to network file shares and/or other repositories to store files within

your organization? Example: Organization X would like to scan these file shares and repositories (some public and others requiring authentication) to identify sensitive content as well as their owners. The solution must facilitate this type of discovery and report back key data attributes that would aid in determining ownership of data.

GTB DLP:The GTB eDiscovery tool detects potential violations of data security and compliance before it becomes a security incident. This mitigates the impending consequences of laptop loss, intrusions, and potential malware. GTB's technology is unique as it not only exposes sensitive content but also positively establishes its absence.

The GTB Data at Rest Scanner is designed to scan Network File-Shares as well as many other file systems over the Network (agentless)

USE CASE 8Ownership of Data