Many organizations are concerned of implementation of blocking DLP policies. Incorrectly blocked emails, file copying or document printing leads to disruption of business processes and losses. An accurate DLP policy requires thorough analysis of data flows and data classification, which takes a lot of resources and time.
So many organizations start from non-blocking, audit-only DLP policy. As a result they left with hundred thousand audit log entries with a little idea what to do with them.
To solve this problem GentleSecurity has invented a unique Active Profiling technology. The Active Profiler instantly analyzes audit trails and routinely creates behavior profiles relating to sensitive data operations. It automatically detects potential data leaks and sends detailed warning to a system administrator.
The Profiler is fully transparent control that prevents data leaks and does not require change of user behavior. This innovative approach turns DLP into a new commodity class, such as anti-virus solutions, breaking application barriers for many organizations.
How it operates
As illustrated on the figure Active Profiler has observed 312 users sending sensitive data and marked five of them with a high risk of causing data leak. An administrator then investigates suspicious user’s behavior by verifying how much data sent over various channels and examining the list of specific operations in order to take incident response actions.
The Active Profiler also analyzes applications and program component activities with the aim of spotting malware as illustrated on the figure below.
The dashboard contains number of critical metrics helping to evaluate current status and trends of data security.
XML Feeds