Security controls allowing companies to identify, classify and protect business information from theft and misuse are the next step in the development of information systems’ maturity. Digital Guardian is one of the leading tools in the area of enterprise information protection, giving companies visibility and control over business information and, if necessary, allowing their encryption.
The majority of traditional security controls is focused, in its largest part, on protecting technologies that store, process and/or handle business information and rarely deal with protecting information itself which actually is the largest value for companies. Although those controls have their proven business value, unfortunately they do not provide enough information about who and in what way has used certain business information and where it has been stored.
If we look at business information as one of the biggest values for a company, then we want answers to following questions:
Digital Guardian gives answers precisely to the previous questions. It is all about a programme solution installed to information system endpoints (desktops and laptops, servers, etc.) and monitoring users’ activities related to sensitive business information management. Actions to be followed and monitored can be precisely adjusted through tool configuration, by using simple policies and rules. Some of the basic functionalities of Digital Guardian tool are described as follows. The main architecture of Digital Guardian platform is shown on the following picture.
In order to allow for protection and control over business information, first it is necessary to correctly identify and classify or tag that information. Digital Guardian supports various ways to detect and classify business information and some of the basic ones are:
After business information has been detected and tagged by one of the previously described methods, Digital Guardian enables its monitoring or control and, if necessary, encryption too. The method of monitoring and control over information flows is defines through Digital Guardian policies and rules that, with its flexibility, enables the user to completely adjust the system to his or her business needs. Examples of events that can be monitored:
These are just some of basic examples, although the system allows for the setup of considerably more complex rules and policies. Digital Guardian rules allow for each detected event to have different actions setup, for example:
Aiming at additionally protecting information from unauthorized use and misuse, Digital Guardian additionally enables information encryption, depending on the way it is being handled. The two functionalities of information encryption used most often are:
Digital Guardian, through its central console, allows users to browse and generate reports about all the recorded activities, as well as to generate alerts in case of detecting potentially suspicious events. Through the central console, the user can get full access to the company’s business information record, its location and the way it is managed. The tool also contains a detailed forensic log of all the registered activities that can provide, if necessary, a detailed forensic analysis of potentially malicious events.