Personal Data Protection
Secure Outsourcing
Privileged User Monitoring
Intellectual Property Protection
Regulatory Compliance
Mobile Data Protection
eDiscovery & Forensics
 
PRODUCTS
Digital Guardian Overview
Data-Centric Security
Architecture
Reporting
Discovery & Classification
Digital Guardian Modules
Content Inspection
eMail Encryption
File Encryption
Application Logging & Masking
QUICKLINKS
Contact Verdasys
Resources
 
Home > Products > Content Inspection
Digital Guardian Adaptive Content Inspection (ACI)
To effectively protect sensitive data including difficult to define unstructured or “free form” data and to more easily understand structured information; companies should look to solutions that combine different data analysis technologies. A “defense in depth” strategy works equally as well within a solution as it does by combining different types of solutions. In the case of data analysis three layers should always be applied.

Context Based Analysis
Context analysis is best used when sensitive information comes from a known source e.g. software code from a “version control solution.”

Identity Based Analysis
Identity should always be used to apply “need to know and need to act” analysis e.g. does the employee have rights to view the data, rights to edit the data.

Content Based Analysis
Content is best used for information that is formatted in a way that is recognized by key word or dictionary analysis technology e.g. social security numbers, credit card numbers and other PII and PHI data.

The type of content analysis technology utilized and how it is deployed are critical for success. First; content analysis technology is continually improving with new types of ever more intelligent analysis. Simple dictionary or key word search capabilities have been supplemented by more intelligent and effective similarity and pattern matching. This constantly improving field of technology quickly leaves “proprietary and custom built” technologies behind. For this reason Verdasys decided to partner with Autonomy and fully integrate the industry leading IDOL content analysis engine into Digital Guardian.

The Digital Guardian Difference
With the advanced capabilities of Autonomy fully integrated into the Digital Guardian Agent, Verdasys provides the most comprehensive content monitoring, filtering and analysis capability available on a host based architecture. Digital Guardian Adaptive Content Inspection (ACI) protects sensitive data through content monitoring and filtering of data "at rest", "in use" and "in motion."  Digital Guardian ACI supports over 300 file formats and 90 languages.

Digital Guardian’s host based architecture enables content scanning capabilities to be distributed across the organization to all protected laptops, desktops, mobile devices and servers. At all of these points, content scanning and policy enforcement occur before the potentially damaging activity is completed by the user.

This means data is monitored and protected before it:
  • Is encrypted
  • Moves into a tunneled messaging format
  • Is cut, copied, pasted printed, screen or captured at the end point

The ACI module scans data-at-rest, data in use or data in motion and adds a level of data protection that exceeds all network based content monitoring and filtering appliances. With the added capabilities of contextual and identity based analysis, Digital Guardian offers the most complete data loss prevention (DLP) solution available.

 

The Issue of Network Content Monitoring
Network content monitoring and filtering is an appliance based technology often used to protect information from escaping over a companies network. These solutions are often deployed as part of a defense in depth strategy, but do not offer the completeness of protection that is often expected. Network content monitoring and filtering systems are unable to:

  • Protect most data that is encrypted
  • Protect data that moves through networks using tunneling like Microsoft's PPTP technology
  • Protect data that is on mobile devices
  • Protect data that is copied from an endpoint to an external device

Implementing this technology alone is an incomplete DLP solution that protects only a small portion of data in use or in motion.
 

 


 


  
About Us | Products | Solutions | Alliances | News & Events | Training | Contact Us | Customer Support
© 2008 Verdasys. All rights reserved. Terms of Use and Privacy Policy