A risk-based, data-centric security approach to protecting information is a paradigm shift away from traditional "network or system" -centric data loss prevention (DLP). It is instead a combination of process and technology that focuses on information flow across business processes and human interactions. Its goal is to create and sustain a flexible, ongoing and continually improving security process that recognizes and reacts to changes in the internal and external environment and enables, not disables, business processes. While traditional network or system-based approach to security continues to fail to protect sensitive data, the companies that want to substantially reduce the risk of information loss, need to take a risk-based, data-centric approach. In other words, it's about the data and understanding:
With Digital Guardian, this holistic data-centric "visibility," enables organizations to define and apply data security policies to users who interact with sensitive data including "privileged users", contractors, outsourcers and partners and significantly reduce the risk of data loss. Digital Guardian enables companies to follow a comprehensive security protocol that covers all the generations of DLP risk and threats.
Discover Risk: Capture and aggregate all data events including data content and transaction context to gain a unified view of data discovery and risk and apply appropriate classification tags.
Control Access: Apply data level access controls based on risk level balanced against user role and privilege. These controls include application white listing and file encryption.
Authorize Usage: Apply data level usage controls based on transaction risk balanced against user role, privilege. These controls include prompting, alerting, encrypting and blocking.
Audit: Capture all relevant data event and user activities for risk compliance, forensic management and any required legal action.
The Digital Guardian platform is the foundation of enabling business agility by unlocking your sensitive business information and putting it to work. Digital Guardian enables visibility and control over:
Employees, contractors, partners and outsourcers are alerted proactively and in real-time to high risk behavior, trained to understand compliance and corporate policy violations and offered alternative and preferred processes to complete their tasks. With the Digital Guardian Platform deployed, companies can implement uniform and meaningful protection for intellectual property, privacy information and company secrets through our data protection software.
As companies mature their data security process and implement risk mitigating controls across the extended enterprise, line of business and operations managers are able to share previously "locked down" data in more collaborative environments enabling increased business agility through not only improved customer service, product research, design and manufacturing but also improved cost management as they confidently and in provable compliance share privacy data with lost cost off-shore outsourcers.