InfoWatch, a corporate data protection leader, has announced a new version of its flagship internal threat protection solution, InfoWatch Traffic Monitor 6.1.
Here are some features of the new release.
Now, corporate data is stored on mobile devices as securely as on servers and desktops.
InfoWatch Traffic Monitor 6.1 uses mobile agent to analyze pictures taken by phone camera. For instance, if an employee takes a photo of a confidential document then the system will immediately respond. Moreover, technology detects such pictures in smartphone memory even if they are not transferred externally.
«Mobile devices used to be a shadow zone in a corporate security perimeter. To avoid data leaks, many companies simply prohibited their employees from bringing gadgets to work. However, we have always believed that any ban adversely affects business. Tablets and smartphones, including personal ones, help employees boost their performance. So it is better to control such gadgets rather than to prohibit them,» - emphasizes Alexander Klevtsov, Lead Product Development Manager, InfoWatch.
Mobile agent can be installed on both corporate and personal devices only upon employee’s consent in order to help the company dramatically mitigate risks inherent to the use of mobile (personal) devices in corporate communications.
Ever increasing corporate customer databases require more productive information security solutions.
Counterparty data kept in various databases is one of the most valuable assets for any company. Counterparties’ full names or legal names, addresses and other details kept in databases relate to a special data type that cannot be formalized at all.
To detect such data, a reference database fingerprint is created using multiple sources, such as CRM, ERP, Excel files, etc. Afterwards, InfoWatch Traffic Monitor analyzes each message (emails, web posts, files transferred to and from cloud storage, etc.) and compares detected text fragments with those in the reference database fingerprint. In case of a match, the system alerts security officer to the incident.
Called a Database Export Detector, the above technology prevents counterparty data leakage due to errors or employee’s malicious actions, whether the entire customer base or its fragment is transferred. However, performance of this technology directly depends on the amount of customer and counterparty data accumulated by the company.
Having improved search and comparison mathematical algorithms being a backbone of the Database Export Detector, we managed to boost the technology performance by 20 times. In a customer database containing five million lines (entries) messages are analyzed at the speed of up to 54 million characters per second.
InfoWatch Traffic Monitor 6.1 directly connects to secured data sources (ERP and CRM), thus keeping the reference database fingerprint up-to-date.
Filled Form Detector technology is used to reveal leakage of personal data or other formalized information (e.g., questionnaires). With the new release, the performance of this technology improved by 28 times and allowed for the monitoring of up to 150 questionnaires simultaneously.
Combination of the above technologies provides even higher efficiency. In this case, the system looks for matches of both formalized (credit card numbers, individual taxpayer identification numbers, and other text objects) and non-formalized (counterparty data) objects, thus significantly reducing the number of false positives and ensuring faster traffic processing and more accurate detection.
New release creates a basis for partner ecosystem.
InfoWatch Traffic Monitor uses SDK programming interface to accumulate data from both own sniffers and third-party business and security systems, and apply to them the entire range of analytical technologies and policies. Thanks to its open-source nature, SDK programming interface provides ample expansion opportunities for InfoWatch developers, other vendors, integrators, or customers themselves.
«For external partners, SDK is a pass to enter InfoWatch ecosystem. We hope that collaboration with other security developers will help us drastically expand our product functionality and offer customers the best solution for their information security tasks,» - says Marina Batalova, Lead Integration Solution Development Manager, InfoWatch.
InfoWatch supports domestic IT import substitution strategy.
InfoWatch Traffic Monitor now supports open-source DBMS, PostgreSQL. Instead of previously used Oracle Text search technology, the product now employs Sphinx search engine developed in Russia. In addition, PostgreSQL is more popular among small and medium size businesses than Oracle DBMS—a fact that will help InfoWatch boost sales in SMB segment.
