/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsTurning employees into security assets
A majority of data leaks happen from within, either by accident or on purpose by valid users who have access to the data within a corporate network. A company's greatest asset – their employees – can also be their greatest security liability.
The new interactive endpoint alerts of Trend Micro LeakProof 3.0 enable IT managers to define content-sensitive dialog boxes that appear directly onto an employee's computer screen. These alert boxes educate employees on the appropriate handling of confidential information, raise awareness of security issues and enlist their support in preventing data from “walking out of the door.”
The endpoint “danger alert “dialog box provides a framework for administrators to define and customise security warnings to employees and the steps they can take when a potential security violation occurs. LeakProof 3.0 also includes new enhancements such as encryption support and a redesigned management console for easier monitoring and administration of security policies.
Administrators can define policies for education, justification and encryption to ensure that employees play an active role in protecting sensitive information whether they are on a company's network, in a remote office, or outside the network with a mobile device.
"Companies need to have an offensive strategy when it comes to preventing security threats and data leaks. Security products are effective, but companies need to get their employees involved on a daily basis,” said Glen Kosaka, director of marketing for Trend Micro’s data leak prevention business unit. “People need to know how they might be compromising their company's data by the actions they take such as transferring files onto a USB drive to take out of the office.
With LeakProof 3.0, enterprises can make data security a part of the company culture and get employees on their side in the battle to protect sensitive data."
"Trend Micro is a known leader in blocking and mitigating external threats,” said John Racioppi, general manager of Trend Micro’s data leak prevention business unit. “Now, we're delivering solutions that protect our customers from insider threats. It's inside-out security and it's part of Trend Micro's goal to always be thinking ahead for our customers."
Giving IT administrators control
Administrators can customise the alert dialog box, which pops up on the employee’s screen when a violation occurs, to explain what type of action is occurring, why it is occurring and where to go (using a URL link) for more detailed information. LeakProof 3.0 also gives administrators the option to require authorised employees to encrypt data first (before taking it out of the network) by using LeakProof’s built-in encryption facility. The product is compatible with other enterprise encryption solutions.
Or, they can require employees to justify their actions, before allowing them to perform certain actions with sensitive data. This challenge/response feature provides an additional level of awareness about the proper handling of sensitive data, and provides a way to cancel such an action if it was unintended.
“With these violation alerts, Trend Micro is giving administrators greater control over what employees see and what they are allowed to do through interactive dialogs that are informative and helpful in providing ways to resolve security issues,” said Martin Hodgett, CIO of Orchard Supply Hardware (OSH.) “Because Trend Micro LeakProof is interactive, it can become an integral part of our overall efforts to maintain and enforce compliance with industry regulations.”
Other significant Trend Micro LeakProof 3.0 enhancements include:
· Enhanced management console workflow – A new dashboard summarises critical real-time events and provides real-time insight into enterprise-wide activity; the administrative workflow for data classification, policy management, monitoring and reporting has also been optimised.
· Discovery of data-at-rest – A new scan-only version of the LeakProof Anti-Leak Agent enables enterprises to quickly scan endpoints, including servers, for sensitive information. It also assesses the risk of data leaks before deployment of full data-in-use or data-in-motion real-time enforcement.
· Additional platform and application support – Full support for Windows Vista, Office 2007 and Yahoo Messenger, enabling protection of sensitive content and filtering of these systems and applications.
· Enhanced offline policies – More flexible and granular policies enable mobile and disconnected systems to have different policy actions taken when a violation is detected while the employee is offline.
· Print-Screen (PrtSc) blocking – Prevents capturing and disseminating unauthorised screen shots of sensitive diagrams and other data.
· Configurable PC/LAN boundary filtering – Policies can now define a more restrictive filtering of sensitive data at the endpoint boundary, enabling any sensitive information leaving the PC, not just the LAN, to be filtered.