|
Most of today’s DLP solutions protect against potential leakage from multiple channels, devices, and exits, whether situated in the network or at endpoints. At this “catch at the exit” game, is it really feasible for organizations to control all the exits? This challenge seems even more daunting when we consider that every single exit point must be guarded by a “super-genius” gatekeeper who can effectively determine the information's authorized access entities and take the necessary steps to block unauthorized distribution! Even if we could combine all the necessary solutions together, the cost of deploying and administering them – over all locations and exit points – would be prohibitively expensive.
In order to avoid this ineffective chase after the data, Secure Islands developed an automated data-centric protection technology, which protects the data in a Nexus Point between the structured data arriving from data centers and applications, and the unstructured data that is used by the user. At this Nexus Point, before the data reaches users' control, Nexus Data Enforcer enforces protection into the actual data through E-DRM (such as Microsoft AD RMS) or encryption protections. The data which arrives in its structured form becomes protected automatically (based on pre-defined central policy) when transforming to its unstructured format with entitlements such as read, edit, extract, print, etc. This ensures that the entitlements defined to the data at the datacenter and applications are applied to the unstructured data in the hands of the user.
Now, rather than enforcement decisions at the exits, with Nexus Data Enforcer, organizations can:
- Reduce costs and simplify deployment and management efforts with an integrated solution addressing the three different aspects of IPC – data at rest, data in motion and data in use.
- Define policy based on pure business-relevant elements (users, data, and entitlements) without caring about the transform channels, exits, and devices.
- Enforce pre-emptive protection instead of being reactive to leakage events.
- Deploy End-to-End protection from datacenter, applications, and beyond.
|
