SlideShare ist ein Scribd-Unternehmen logo

GTB IRM - How it Works - 2013

Ravindran Vasu
Ravindran Vasu

See How it Works - This document describes the ability of GTB’s DLP Suite in extending its Data Leakage Prevention policies to External parties such as Business Partners, Vendors & Contractors once confidential or any business critical information leaves the network perimeter.

1 von 16
Downloaden Sie, um offline zu lesen
Content Aware Enterprise Information Rights Management How it Works ? GTB Technologies, Inc
The Case for Content Aware Information Rights Management An IRM system which can transfer the responsibility of protection from human beings to a content aware automated process will be extremely valuable in case of large organizations. The need to integrate DLP and IRM is critical Lots have been written about famous data breaches and the need for Data Loss Prevention. I will spare the reader the aggravation of reading it again here. There are hundreds of data security systems designed to control and prevent data breaches, and yet, every week we here about a new Data Breach. It is clear that users and administrators are unable to fully protect sensitive data. The main problem is that Data changes all the time. Users are focused on doing their job and not on data security. Aggravating the problem is that Hackers, Malware, Spyware and Viruses are focused on extracting such data from the perimeter. What is a CSO to do? Content awareness and the 4 W's A good solution is to provide Content-Aware Information Rights Management System. Automatic Content visibility transfers the obligation of Data Security from users to a process. Imagine a system that automatically identifies files containing Credit Cards, Source Code, Images or any other intellectual property. Furthermore, imagine a process in which pre-defined IRM Policies are automatically enforced on such files as soon as they are saved on desktops or file shares. Such policies are the 4 W’s that are so crucial to protecting Data. The 4 W’s – Who – What – Where and When Access controls and usage control are two aspects of Data Security that are often ignored. Mapping the content discovery to the IRM policies (see example picture below) provides automatic control of the 4 W’s: WHO can access the information: The IRM system's identity establishment method, LDAP or non-LDAP databases as defined in custom applications and portals. WHAT can recipients do with the information: Control specific allowed actions on files: View, Edit, Print (Print Screen), Forward/Share, Copy/Paste. WHEN can each user access the information: IRM can control the time-span in which the recipient has access to the file. A document may have allowed access from August, 20, 4 pm to August 23rd, midnight. Alternatively time span may be defined as 2 days from first access. WHERE the information can be used : This important Control restricts usage of the information to only a pre - specified list of computers identified by the hardware (MAC address) or to a specific range of IP addresses or networks. CSO’s can now control Data even if such data is outside the perimeter. This is a very good way to provide data protection for Smart Mobile Devices. One can prevent such devices from ever seeing the data. Users, who have such credentials, may view the files with the local Browser. The discovery agent must be monitoring the system constantly so that anytime a file is saved; it is scanned for a pattern or fingerprint and then the mapped IRM Policy is enforced.
A Typical File Sharing Scenario – without IRM RECEIVER SENDER Once the file is sent to the RECEIVER, The SENDER has no control on the file. It can further be: Edited, Copied, Printed, Distributed, Viewed (by others)
A Typical File Sharing Scenario – without IRM Edited  Copied  Printed Un-protected File  Viewed Distributed   Once the file is sent to the RECEIVER, The SENDER has no control on the file. It can further be: Edited, Copied, Printed, Distributed, Viewed (by others) It can further be: Edited, Copied, Printed, Distributed, Viewed (by others)
GTB IRM by FileSecure - File Sharing Scenario [File Protection] Policy Server (PS) Request is sent to the SENDER defines the Policy Server Usage Rights
GTB IRM by FileSecure - File Sharing Scenario [File Protection] Various Users Different Rights View Edit Print Copy/Paste Time Limit Location USER 1 Office USER 2 1-5 Jan Usage Rights Matrix USER 3 USER 4 Office Representative form of Usage Rights Matrix Examples of protected files … & other combinations View only View & Edit only View & Distribute only View & Print only Seclore Policy Server (PS)
GTB IRM by FileSecure - File Sharing Scenario [File Protection] Policy Server (PS) Encryption Key is generated at the Policy File gets Protected Server and sent to the SENDER
GTB IRM by FileSecure - File Sharing Scenario [File Distribution] @ External users File with different Usage rights travels through various media (email, CD, shared internet portals, LAN, etc.) to various RECEIVERS
File access in ONLINE mode (for Employees) organization 1 USB 2 AUTHENTICATED √ ? 3 Policy Server (PS) 1. RECEIVER gets a 2. Authentication 3. Once authenticated, protected file through Information goes to a User Key travels to RECEIVER removable media. Authentication system and the file opens with Clicks on the file to open it (AD). restricted rights.
File access in ONLINE mode (for Employees) organization USB Same File, but with New usage rights 2. Authenticated √ IRM Policy Server (PS) View Edit Print Copy/Pas Time Location te Limit USER 1 Office USER 2 1-5 Jan USER 3 USER 4 Office “SENDER can still change usage rights at the Policy Server and the new rights are transferred automatically to the RECEIVER” . See Sequence 1  2  3
File access in ONLINE mode (for Business Partners) 1 e-mail 3 2 AUTHENTICATED √ ? Policy Server (PS) 1. RECEIVER gets a 3. Once authenticated, 2. Authentication Information Key travels to RECEIVER protected file through e- goes to a User Authentication and the file opens with mail. Clicks on the file to system (LDAP/non-LDAP) restricted rights open it.
File access in OFFLINE mode 1 e-mail 4 3 2 AUTHENTICATED √ ? 1. RECEIVER gets a Policy Server (PS) protected file through e- mail. Clicks on the file to open it 4. But in this case, Key gets 2. Authentication 3. Once authenticated, stored in RECEIVERS Information goes to a User Key travels to RECEIVER computer after being Authentication system and the file opens with encrypted with another key (LDAP/non-LDAP) restricted rights. for offline usage along with a timer
File access in OFFLINE mode 2 1 1. The Document can still be opened even if the RECEIVER moves to a 2. Once the timer expires, the OFFLINE rights get deleted. The USER can no-longer different location (OFFLINE, No access to access the document in OFFLINE mode. Policy Server)
File access in OFFLINE mode AUTHENTICATED √ ? Policy Server (PS) RECEIVER has to come back ONLINE and authenticate himself to open the document.
File access in OFFLINE mode e-mail If the RECEIVER forwards the document, If the RECEIVER tampers with the system the RECIPIENT will not be able to open time, all OFFLINE rights are Automatically the document because he doesn't have terminated. the key.
Conclusion The marriage of Content-Awareness and IRM provide the organization comprehensive access control on sensitive data for internal and external constituents. Sensitive or confidential data is automatically encrypted based on file content and access to such data is controlled by either the File Owner or designated Administrator. External constituents may also have access rights to such files but only if they have been approved. This way organizations are able to secure files even after such files are circulating outside the perimeter. THE GTB Data Protection Suite We return the “P” back into “DLP” For more information, please contact: GTB Technologies, Inc. 5000 Birch St., Suite 3000 Newport Beach, CA 92660 Sales: (800) 507-9926 Main: (949) 783-3359 Email: info@gttb.com or your local representative. Web: www.gtbtechnologies.com Reference: Graphics courtesy of Seclore Pvt. Ltd.

Empfohlen

Magic info premium server qs
Magic info premium server qsMagic info premium server qs
Magic info premium server qs
Pete Colquitt
 
Azboxme
AzboxmeAzboxme
Azboxme
TELE-audiovision eng
 
Data Leakage Prevention
Data Leakage PreventionData Leakage Prevention
Data Leakage Prevention
Ben Omoakin Oguntala, developingafrica(dot)net
 
Endpoint Data Protection and Data Loss Prevention by EVault - Introduction fo...
Endpoint Data Protection and Data Loss Prevention by EVault - Introduction fo...Endpoint Data Protection and Data Loss Prevention by EVault - Introduction fo...
Endpoint Data Protection and Data Loss Prevention by EVault - Introduction fo...
EVault
 
Summit 2011 trends in information security
Summit 2011 trends in information securitySummit 2011 trends in information security
Summit 2011 trends in information security
Shahar Geiger Maor
 
Data Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItData Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify It
Marc Crudgington, MBA
 
DLP - Network Security Conference_ Ramsés Gallego
DLP - Network Security Conference_ Ramsés GallegoDLP - Network Security Conference_ Ramsés Gallego
DLP - Network Security Conference_ Ramsés Gallego
Ramsés Gallego
 
Active directory installation windows 2003 1
Active directory installation windows 2003 1Active directory installation windows 2003 1
Active directory installation windows 2003 1
tameemyousaf
 

Empfohlen

Magic info premium server qs
Magic info premium server qsMagic info premium server qs
Magic info premium server qs
Pete Colquitt
 
Azboxme
AzboxmeAzboxme
Azboxme
TELE-audiovision eng
 
Data Leakage Prevention
Data Leakage PreventionData Leakage Prevention
Data Leakage Prevention
Ben Omoakin Oguntala, developingafrica(dot)net
 
Endpoint Data Protection and Data Loss Prevention by EVault - Introduction fo...
Endpoint Data Protection and Data Loss Prevention by EVault - Introduction fo...Endpoint Data Protection and Data Loss Prevention by EVault - Introduction fo...
Endpoint Data Protection and Data Loss Prevention by EVault - Introduction fo...
EVault
 
Summit 2011 trends in information security
Summit 2011 trends in information securitySummit 2011 trends in information security
Summit 2011 trends in information security
Shahar Geiger Maor
 
Data Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItData Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify It
Marc Crudgington, MBA
 
DLP - Network Security Conference_ Ramsés Gallego
DLP - Network Security Conference_ Ramsés GallegoDLP - Network Security Conference_ Ramsés Gallego
DLP - Network Security Conference_ Ramsés Gallego
Ramsés Gallego
 
Active directory installation windows 2003 1
Active directory installation windows 2003 1Active directory installation windows 2003 1
Active directory installation windows 2003 1
tameemyousaf
 
Running head Identifying Potential Malicious Attacks1IDEN.docx
Running head Identifying Potential Malicious Attacks1IDEN.docxRunning head Identifying Potential Malicious Attacks1IDEN.docx
Running head Identifying Potential Malicious Attacks1IDEN.docx
cowinhelen
 
Fasoo Secure Document (FSD) for SharePoint
Fasoo Secure Document (FSD) for SharePoint Fasoo Secure Document (FSD) for SharePoint
Fasoo Secure Document (FSD) for SharePoint
Fasoo
 
Lecture 8 permissions
Lecture 8 permissionsLecture 8 permissions
Lecture 8 permissions
Wiliam Ferraciolli
 
IRJET- Research Paper on Active Directory
IRJET- Research Paper on Active DirectoryIRJET- Research Paper on Active Directory
IRJET- Research Paper on Active Directory
IRJET Journal
 
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalProtecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Vinod Kumar
 
proposed solution to resource sharing and security against unauthorize.docx
proposed solution to resource sharing and security against unauthorize.docxproposed solution to resource sharing and security against unauthorize.docx
proposed solution to resource sharing and security against unauthorize.docx
todd921
 
Linux Security
Linux SecurityLinux Security
Linux Security
Mahdi Cherif
 
File permission in Linux
File permission in LinuxFile permission in Linux
File permission in Linux
KrutikMandre1
 
report on network security fundamentals
report on network security fundamentalsreport on network security fundamentals
report on network security fundamentals
Jassika
 
Digital Rights Management One For Sharepoint
Digital Rights Management One For SharepointDigital Rights Management One For Sharepoint
Digital Rights Management One For Sharepoint
pabatan
 
What Is DFS In Windows Server 2016 2.pdf
What Is DFS In Windows Server 2016 2.pdfWhat Is DFS In Windows Server 2016 2.pdf
What Is DFS In Windows Server 2016 2.pdf
EIHEducation
 
docTrackr Presents at DefCamp 2013 - November 29-30
docTrackr Presents at DefCamp 2013 - November 29-30docTrackr Presents at DefCamp 2013 - November 29-30
docTrackr Presents at DefCamp 2013 - November 29-30
docTrackr
 
Windows Forensics
Windows ForensicsWindows Forensics
Windows Forensics
Prince Boonlia
 
Dos unit 4
Dos unit 4Dos unit 4
Dos unit 4
JebasheelaSJ
 
Techology2
Techology2Techology2
Techology2
coackleyr
 
Sanctuary Device Control
Sanctuary Device ControlSanctuary Device Control
Sanctuary Device Control
HassaanSahloul
 
Hcs Topic 5 Software V2
Hcs Topic 5 Software V2Hcs Topic 5 Software V2
Hcs Topic 5 Software V2
ekul
 
Hcs Topic 5 Software V2
Hcs Topic 5 Software V2Hcs Topic 5 Software V2
Hcs Topic 5 Software V2
Kyle
 
Distributed File Systems
Distributed File SystemsDistributed File Systems
Distributed File Systems
Medicaps University
 
Ppt linux
Ppt linuxPpt linux
Ppt linux
Gurpreet Kaur
 
elevatorpitchstartupawards-140409072128-phpapp02
elevatorpitchstartupawards-140409072128-phpapp02elevatorpitchstartupawards-140409072128-phpapp02
elevatorpitchstartupawards-140409072128-phpapp02
Ravindran Vasu
 
Watchful-Corporate-Overview-Q1-16
Watchful-Corporate-Overview-Q1-16Watchful-Corporate-Overview-Q1-16
Watchful-Corporate-Overview-Q1-16
Ravindran Vasu
 

Weitere ähnliche Inhalte

Ähnlich wie GTB IRM - How it Works - 2013

Running head Identifying Potential Malicious Attacks1IDEN.docx
Running head Identifying Potential Malicious Attacks1IDEN.docxRunning head Identifying Potential Malicious Attacks1IDEN.docx
Running head Identifying Potential Malicious Attacks1IDEN.docx
cowinhelen
 
Fasoo Secure Document (FSD) for SharePoint
Fasoo Secure Document (FSD) for SharePoint Fasoo Secure Document (FSD) for SharePoint
Fasoo Secure Document (FSD) for SharePoint
Fasoo
 
proposed solution to resource sharing and security against unauthorize.docx
proposed solution to resource sharing and security against unauthorize.docxproposed solution to resource sharing and security against unauthorize.docx
proposed solution to resource sharing and security against unauthorize.docx
todd921
 
Sanctuary Device Control
Sanctuary Device ControlSanctuary Device Control
Sanctuary Device Control
HassaanSahloul
 
Hcs Topic 5 Software V2
Hcs Topic 5 Software V2Hcs Topic 5 Software V2
Hcs Topic 5 Software V2
ekul
 
Hcs Topic 5 Software V2
Hcs Topic 5 Software V2Hcs Topic 5 Software V2
Hcs Topic 5 Software V2
Kyle
 

Ähnlich wie GTB IRM - How it Works - 2013 (20)

Running head Identifying Potential Malicious Attacks1IDEN.docx
Running head Identifying Potential Malicious Attacks1IDEN.docxRunning head Identifying Potential Malicious Attacks1IDEN.docx
Running head Identifying Potential Malicious Attacks1IDEN.docx
 
Fasoo Secure Document (FSD) for SharePoint
Fasoo Secure Document (FSD) for SharePoint Fasoo Secure Document (FSD) for SharePoint
Fasoo Secure Document (FSD) for SharePoint
 
Lecture 8 permissions
Lecture 8 permissionsLecture 8 permissions
Lecture 8 permissions
 
IRJET- Research Paper on Active Directory
IRJET- Research Paper on Active DirectoryIRJET- Research Paper on Active Directory
IRJET- Research Paper on Active Directory
 
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 FinalProtecting Your Key Asset – Data Protection Best Practices V2.0 Final
Protecting Your Key Asset – Data Protection Best Practices V2.0 Final
 
proposed solution to resource sharing and security against unauthorize.docx
proposed solution to resource sharing and security against unauthorize.docxproposed solution to resource sharing and security against unauthorize.docx
proposed solution to resource sharing and security against unauthorize.docx
 
Linux Security
Linux SecurityLinux Security
Linux Security
 
File permission in Linux
File permission in LinuxFile permission in Linux
File permission in Linux
 
report on network security fundamentals
report on network security fundamentalsreport on network security fundamentals
report on network security fundamentals
 
Digital Rights Management One For Sharepoint
Digital Rights Management One For SharepointDigital Rights Management One For Sharepoint
Digital Rights Management One For Sharepoint
 
What Is DFS In Windows Server 2016 2.pdf
What Is DFS In Windows Server 2016 2.pdfWhat Is DFS In Windows Server 2016 2.pdf
What Is DFS In Windows Server 2016 2.pdf
 
docTrackr Presents at DefCamp 2013 - November 29-30
docTrackr Presents at DefCamp 2013 - November 29-30docTrackr Presents at DefCamp 2013 - November 29-30
docTrackr Presents at DefCamp 2013 - November 29-30
 
Windows Forensics
Windows ForensicsWindows Forensics
Windows Forensics
 
Dos unit 4
Dos unit 4Dos unit 4
Dos unit 4
 
Techology2
Techology2Techology2
Techology2
 
Sanctuary Device Control
Sanctuary Device ControlSanctuary Device Control
Sanctuary Device Control
 
Hcs Topic 5 Software V2
Hcs Topic 5 Software V2Hcs Topic 5 Software V2
Hcs Topic 5 Software V2
 
Hcs Topic 5 Software V2
Hcs Topic 5 Software V2Hcs Topic 5 Software V2
Hcs Topic 5 Software V2
 
Distributed File Systems
Distributed File SystemsDistributed File Systems
Distributed File Systems
 
Ppt linux
Ppt linuxPpt linux
Ppt linux
 

Mehr von Ravindran Vasu

elevatorpitchstartupawards-140409072128-phpapp02
elevatorpitchstartupawards-140409072128-phpapp02elevatorpitchstartupawards-140409072128-phpapp02
elevatorpitchstartupawards-140409072128-phpapp02
Ravindran Vasu
 
Watchful-Corporate-Overview-Q1-16
Watchful-Corporate-Overview-Q1-16Watchful-Corporate-Overview-Q1-16
Watchful-Corporate-Overview-Q1-16
Ravindran Vasu
 
GTB Data Leakage Prevention Use Cases 2014
GTB Data Leakage Prevention Use Cases 2014GTB Data Leakage Prevention Use Cases 2014
GTB Data Leakage Prevention Use Cases 2014
Ravindran Vasu
 
GTB Technologies Datasheet 2014
GTB Technologies Datasheet 2014GTB Technologies Datasheet 2014
GTB Technologies Datasheet 2014
Ravindran Vasu
 
GTB IRM - Business Use Cases - 2013
GTB IRM - Business Use Cases - 2013GTB IRM - Business Use Cases - 2013
GTB IRM - Business Use Cases - 2013
Ravindran Vasu
 
GTB IRM - Usage Rights Matrix
GTB IRM - Usage Rights MatrixGTB IRM - Usage Rights Matrix
GTB IRM - Usage Rights Matrix
Ravindran Vasu
 

Mehr von Ravindran Vasu (7)

elevatorpitchstartupawards-140409072128-phpapp02
elevatorpitchstartupawards-140409072128-phpapp02elevatorpitchstartupawards-140409072128-phpapp02
elevatorpitchstartupawards-140409072128-phpapp02
 
Watchful-Corporate-Overview-Q1-16
Watchful-Corporate-Overview-Q1-16Watchful-Corporate-Overview-Q1-16
Watchful-Corporate-Overview-Q1-16
 
GTB Data Leakage Prevention Use Cases 2014
GTB Data Leakage Prevention Use Cases 2014GTB Data Leakage Prevention Use Cases 2014
GTB Data Leakage Prevention Use Cases 2014
 
GTB Technologies Datasheet 2014
GTB Technologies Datasheet 2014GTB Technologies Datasheet 2014
GTB Technologies Datasheet 2014
 
GTB DLP Brochure
GTB DLP BrochureGTB DLP Brochure
GTB DLP Brochure
 
GTB IRM - Business Use Cases - 2013
GTB IRM - Business Use Cases - 2013GTB IRM - Business Use Cases - 2013
GTB IRM - Business Use Cases - 2013
 
GTB IRM - Usage Rights Matrix
GTB IRM - Usage Rights MatrixGTB IRM - Usage Rights Matrix
GTB IRM - Usage Rights Matrix
 

GTB IRM - How it Works - 2013

  • 1. Content Aware Enterprise Information Rights Management How it Works ? GTB Technologies, Inc
  • 2. The Case for Content Aware Information Rights Management An IRM system which can transfer the responsibility of protection from human beings to a content aware automated process will be extremely valuable in case of large organizations. The need to integrate DLP and IRM is critical Lots have been written about famous data breaches and the need for Data Loss Prevention. I will spare the reader the aggravation of reading it again here. There are hundreds of data security systems designed to control and prevent data breaches, and yet, every week we here about a new Data Breach. It is clear that users and administrators are unable to fully protect sensitive data. The main problem is that Data changes all the time. Users are focused on doing their job and not on data security. Aggravating the problem is that Hackers, Malware, Spyware and Viruses are focused on extracting such data from the perimeter. What is a CSO to do? Content awareness and the 4 W's A good solution is to provide Content-Aware Information Rights Management System. Automatic Content visibility transfers the obligation of Data Security from users to a process. Imagine a system that automatically identifies files containing Credit Cards, Source Code, Images or any other intellectual property. Furthermore, imagine a process in which pre-defined IRM Policies are automatically enforced on such files as soon as they are saved on desktops or file shares. Such policies are the 4 W’s that are so crucial to protecting Data. The 4 W’s – Who – What – Where and When Access controls and usage control are two aspects of Data Security that are often ignored. Mapping the content discovery to the IRM policies (see example picture below) provides automatic control of the 4 W’s: WHO can access the information: The IRM system's identity establishment method, LDAP or non-LDAP databases as defined in custom applications and portals. WHAT can recipients do with the information: Control specific allowed actions on files: View, Edit, Print (Print Screen), Forward/Share, Copy/Paste. WHEN can each user access the information: IRM can control the time-span in which the recipient has access to the file. A document may have allowed access from August, 20, 4 pm to August 23rd, midnight. Alternatively time span may be defined as 2 days from first access. WHERE the information can be used : This important Control restricts usage of the information to only a pre - specified list of computers identified by the hardware (MAC address) or to a specific range of IP addresses or networks. CSO’s can now control Data even if such data is outside the perimeter. This is a very good way to provide data protection for Smart Mobile Devices. One can prevent such devices from ever seeing the data. Users, who have such credentials, may view the files with the local Browser. The discovery agent must be monitoring the system constantly so that anytime a file is saved; it is scanned for a pattern or fingerprint and then the mapped IRM Policy is enforced.
  • 3. A Typical File Sharing Scenario – without IRM RECEIVER SENDER Once the file is sent to the RECEIVER, The SENDER has no control on the file. It can further be: Edited, Copied, Printed, Distributed, Viewed (by others)
  • 4. A Typical File Sharing Scenario – without IRM Edited  Copied  Printed Un-protected File  Viewed Distributed   Once the file is sent to the RECEIVER, The SENDER has no control on the file. It can further be: Edited, Copied, Printed, Distributed, Viewed (by others) It can further be: Edited, Copied, Printed, Distributed, Viewed (by others)
  • 5. GTB IRM by FileSecure - File Sharing Scenario [File Protection] Policy Server (PS) Request is sent to the SENDER defines the Policy Server Usage Rights
  • 6. GTB IRM by FileSecure - File Sharing Scenario [File Protection] Various Users Different Rights View Edit Print Copy/Paste Time Limit Location USER 1 Office USER 2 1-5 Jan Usage Rights Matrix USER 3 USER 4 Office Representative form of Usage Rights Matrix Examples of protected files … & other combinations View only View & Edit only View & Distribute only View & Print only Seclore Policy Server (PS)
  • 7. GTB IRM by FileSecure - File Sharing Scenario [File Protection] Policy Server (PS) Encryption Key is generated at the Policy File gets Protected Server and sent to the SENDER
  • 8. GTB IRM by FileSecure - File Sharing Scenario [File Distribution] @ External users File with different Usage rights travels through various media (email, CD, shared internet portals, LAN, etc.) to various RECEIVERS
  • 9. File access in ONLINE mode (for Employees) organization 1 USB 2 AUTHENTICATED √ ? 3 Policy Server (PS) 1. RECEIVER gets a 2. Authentication 3. Once authenticated, protected file through Information goes to a User Key travels to RECEIVER removable media. Authentication system and the file opens with Clicks on the file to open it (AD). restricted rights.
  • 10. File access in ONLINE mode (for Employees) organization USB Same File, but with New usage rights 2. Authenticated √ IRM Policy Server (PS) View Edit Print Copy/Pas Time Location te Limit USER 1 Office USER 2 1-5 Jan USER 3 USER 4 Office “SENDER can still change usage rights at the Policy Server and the new rights are transferred automatically to the RECEIVER” . See Sequence 1  2  3
  • 11. File access in ONLINE mode (for Business Partners) 1 e-mail 3 2 AUTHENTICATED √ ? Policy Server (PS) 1. RECEIVER gets a 3. Once authenticated, 2. Authentication Information Key travels to RECEIVER protected file through e- goes to a User Authentication and the file opens with mail. Clicks on the file to system (LDAP/non-LDAP) restricted rights open it.
  • 12. File access in OFFLINE mode 1 e-mail 4 3 2 AUTHENTICATED √ ? 1. RECEIVER gets a Policy Server (PS) protected file through e- mail. Clicks on the file to open it 4. But in this case, Key gets 2. Authentication 3. Once authenticated, stored in RECEIVERS Information goes to a User Key travels to RECEIVER computer after being Authentication system and the file opens with encrypted with another key (LDAP/non-LDAP) restricted rights. for offline usage along with a timer
  • 13. File access in OFFLINE mode 2 1 1. The Document can still be opened even if the RECEIVER moves to a 2. Once the timer expires, the OFFLINE rights get deleted. The USER can no-longer different location (OFFLINE, No access to access the document in OFFLINE mode. Policy Server)
  • 14. File access in OFFLINE mode AUTHENTICATED √ ? Policy Server (PS) RECEIVER has to come back ONLINE and authenticate himself to open the document.
  • 15. File access in OFFLINE mode e-mail If the RECEIVER forwards the document, If the RECEIVER tampers with the system the RECIPIENT will not be able to open time, all OFFLINE rights are Automatically the document because he doesn't have terminated. the key.
  • 16. Conclusion The marriage of Content-Awareness and IRM provide the organization comprehensive access control on sensitive data for internal and external constituents. Sensitive or confidential data is automatically encrypted based on file content and access to such data is controlled by either the File Owner or designated Administrator. External constituents may also have access rights to such files but only if they have been approved. This way organizations are able to secure files even after such files are circulating outside the perimeter. THE GTB Data Protection Suite We return the “P” back into “DLP” For more information, please contact: GTB Technologies, Inc. 5000 Birch St., Suite 3000 Newport Beach, CA 92660 Sales: (800) 507-9926 Main: (949) 783-3359 Email: info@gttb.com or your local representative. Web: www.gtbtechnologies.com Reference: Graphics courtesy of Seclore Pvt. Ltd.