Clearswift’s Endpoint DLP

Securing Information at the Endpoint

Be confident your enterprise security and compliance policies extend to your endpoints distributed inside your organization or at remote locations. Clearswift’s Endpoint DLP solution automatically discovers critical data that requires the security demanded by industry regulations, protects against unauthorized information copy or transfer, and controls device connectivity to prevent malicious attacks, and malicious or accidental data loss.

Endpoint Information Protection

• Automated Discovery and Protection
  Detect and secure critical information based on content or regulation, including cloud and file server storage.
• Complete Control
  Control all device connections to the endpoint, protect against insecure or unauthorized file copying.
• Regulation Readiness
  Ensure consistent policies across all egress points with out-of-the-box policies to comply with regulations, including GDPR, HIPAA and PCI).

Unparalleled Endpoint Information Inspection, Detection and Security

Utilizing the Clearswift Deep Content Inspection Engine, the Clearswift Endpoint DLP Agent discovers critical information wherever it is stored (at rest) on desktops, notebooks, servers, network and cloud shares. Transfer of critical information (in use) can be logged, blocked, encrypted or redacted and the solution provides automated policy-based remediation. Granular organizational policy provides the necessary flexibility to permit multiple behaviours, depending on the user and destination of file operations.

Automated Data Discovery and Security of Data-at-Rest (DAR)

Detect and secure critical information based on content or regulation, including cloud and file server storage. Mitigate unsecured critical information risk based on policy, including moving the files to a more secure location within a network, leaving breadcrumbs behind for users to be made aware of where critical information has been moved to. Built-in and customizable lexical expressions enable the discovery of a variety of critical information types including PII, PCI and other sensitive data.

Context Aware Data-in-Use (DIU) Policies

Flexible policies and context-aware content inspection mean that you no longer have to choose between the productive use of removal media and unacceptable risk. A policy which is too restrictive means that people either cannot work effectively, or they will find way to bypass company security policy. Rules can be created that can, for example, block all spreadsheets containing particular keyword terms from being copied to external devices, network or cloud storage. Adpative redaction can also be used to allow the transfer of files while masking the sensitive data.

Granular Device Control

The Clearswift Endpoint DLP Agent also provides a fine level of granular control over removable media devices, including USB sticks, CDs, DVDs and variety of other modern device types. Granularity can restrict use to specific device manufacturers or to individual devices to ensure only authorized devices are used.

Adaptive Data Loss Prevention

Protect critical information with the industry’s game-changing Adaptive DLP technology by redacting only the sensitive information that breaks policy while allowing the document to be read, copied or moved to removeable media, network shares and cloud storage. Ensure that unauthorised sensitive data doesn’t leave or enter your organisation through removable media and cloud storage Optimized for data privacy and regulatory compliance (PCI, HIPAA, GDPR, etc.)

Secure Cloud Storage

The Clearswift Endpoint DLP Agent can also prevent file uploads to cloud storage via direct website access, such as Google Drive, Dropbox and Onedrive without the need of additional proxy servers. Synchronization folders can be monitored to ensure no sensitive data is stored outside the organisation, either through blocking the file transfers or redacting the sensitive data, reducing the risks of using Shadow IT.