Seclore FileSecure HotFolder Walkthrough

Seclore FilesecureHot Folder server

Enhancing security of fileshares

Contents

• The Problem with Fileshare security

• The Solution ..• What is Seclore FileSecure• What is Hot Folder Server• Policy definition• Assigning policies to folders• Protecting a file• Accessing a protected file• Audit trails

• About Seclore2

A Process Flow of Product PlanFileshares and security

File Share FolderUserUser

Edited

Copied

Printed

ViewedUn-protected File

Distributed

Fileshare accessed by users

Fileshare security is not persistent . Once the file is copied locally, it can be edited, copied & distributed.

Contents



• About Seclore4

5

• WHO can use the information

People & groups within and outside of the organization can be defined as rightful users of the information

• WHAT can each person doIndividual actions like reading, editing, printing,

distributing, copy-pasting, screen grabbing etc. can be controlled

• WHEN can he use itInformation usage can be time based e.g. can

only be used by Mr. A till 28th Sept OR only for the 2 days

• WHERE can he use it fromInformation can be linked to locations e.g. only

3rd floor office by private/public IP addresses

Seclore FileSecure allow enterprises to define, implement & audit information usage “policies”. A “policy” defines :

Seclore FileSecure

• Policies are– Persistent: Implemented on information and all its copies

wherever it is transmitted or stored– Dynamic: Policies can be changed after distributing

information without having access to or redistributing the information

• Policies can be attached to information on– Creation– Placement in a certain location e.g. shared folder– Attachment to email– Uploading to a document management / ECM system– …

Seclore FileSecure

Contents



• About Seclore7

A Process Flow of Product PlanHot Folder enabled Fileshare

UserUser

Hot Folder accessed by users

Files copied out of “Hot Folders” are persistently protected. Rights to edit, copy, print and distribute are restricted based

on Seclore FileSecure policies

File Share+ Seclore FileSecure

Edited

Copied

Printed

ViewedProtected File

Distributed

Contents



• About Seclore9

10

Policy definition–WHO, WHAT

Policy Admin

People / groups, within / outside the enterprise can be dis-allowed to edit, print, copy, forward etc. via a policy

11

Policy definition–WHEN, WHERE

Policy Admin

A policy can expire information beyond a date / timespan and also restrict its usage to certain computers / networks

Contents



• About Seclore12

13

Defining Hot Folders …

FileshareAdmin

Policies can be attached to folders by the Fileshare admin. The admin chooses the folder …

14

… Defining Hot Folders

FileshareAdmin

… and the policy to be applied to files in the folder

Contents



• About Seclore15

16

Protecting files

File creator’s computer

The creator of the file drags-and-drops the file into the Hot Folder. The file is instantly protected.

Contents



• About Seclore17

18

Rights display

User’s Computer

On clicking a rights display makes the recipient explicitly aware of his rights to the document

19

Unauthorized print

User’s Computer Unauthorized activities like attempts to print …

20User’s

Computer … are disallowed

Unauthorized print

21User’s

Computer Unauthorized activities like attempts to edit & save…

Unauthorized edit & save

22User’s


Unauthorized edit & save

23User’s

Computer

Unauthorized copy

Attempts to copy parts / whole of the document …

24User’s


Unauthorized copy

25User’s

ComputerScreen capture by the Prt Scr key, screen grabbing tools like

Camtasia and screen sharing tools like Webex is blocked

Unauthorized screen grab

Contents



• About Seclore26

27User’s

Computer

The audit captures the WHO, WHAT, WHEN and WHERE of the access attempt. Authorized and unauthorized attempts

are captured and reported

Information audit

Contents



• About Seclore28

29

Corporate Background …

“Seclore is a high growth software product company. Seclore’s technology helps mitigate the risks arising out of information breaches whilst

enhancing collaboration”

6 years old, Headquartered in Mumbai, India

Promoted by IIT Bombay under the SINE program - www.sineiitb.org

Geographical and customer presence in Middle East, ASEAN, SAARC & Europe

Offerings focused on Information Rights Management and Secure Outsourcing

Stake holders including

IIT Bombay – www.iitb.ac.in

ICICI Bank – www.icicibank.com

Ventureast – www.ventureast.net

Technology and service differentiators focusing on minimally intrusive technology, value based pricing and usage without training

http://www.iitb.ac.in/

http://www.icicibank.com/

http://www.ventureast.net/

30

About …Value to customers

Security without compromising on collaborationCustomers across

….Diversified business groups

….Large financial services groups

….Engineering and manufacturing organizations

….Defence, Software, BPO, Consulting, Services, ….

31

What customers say about us …

“We chose Seclore FileSecure due to the flexibility provided by Seclore in terms of solution capabilities and customization. Implementation of Seclore FileSecure has reduced the exposure of critical data for potential misuse or frauds. The business benefits are tremendous.” - Murli Nambiar, Head of Information Security

"Financial services companies like banks, insurance carriers & broking are ‘opening up’ their information systems and processes for participation by customers, partners and vendors. This of course brings in a lot of value chain integration and lowers costs but comes with information security needs which cannot be solved by present day systems. Seclore’s technology for securing documents as they flow within and outside enterprises as well as securing data shared with outsourcing partners is extremely relevant. - C N Ram. Group CIO, Essar group

32

What industry experts say …

“Information breaches normally result in intellectual property violation which is a serious problem affecting industry today. Seclore’s combination of preventive and corrective methods of handling information breaches is invaluable to any industry” - Haigreve Khaitan (Managing partner – Khaitan and Co)

“Collaboration, security and privacy appear as mutually conflicting goals with most present day technologies. Seclore has resolved this conflict in a very elegant manner with its technology.” - Animesh Parihar (Global Delivery Head – SAP)

Seclore’s approach is different in that they not mandatory rely on such plug-ins but mainly act “below” the application. The client component (which is required to access protected, e.g. encrypted, documents) tries to analyze the activities off the application like access to the file system. One impact of that approach is that a document might be opened with different applications supporting the specific document format.

- Martin Kuppinger, One of the fore-most information security analysts

33

Deloitte Technology Fast 50 is a ranking compiled every year based on percentage of growth of fiscal year revenue over three years. The companies must also fulfil other criterion of technology orientation.

‘Hidden Gems’ 2010 by Kuppinger Cole, Europe’s leading information security analyst firm is a report

which lists vendors, which have a significantly differentiated offering and are market leaders in a

particular segment.

Awards and recognition …

34

… Awards and recognition

The TR35 award is for innovators whose inventions and research, Massachusetts Institute of Technology (MIT) finds exciting. Technology Review, owned and published by MIT, is the world’s oldest technology magazine.

“Innovations – ideas in practice” is an annual event honoring researchers and innovators for creative and innovative work in the sphere of science and technology. The innovation needs to have a high

degree of practical relevance to change everyday life.

35

More Info?

www.seclore.com+91-22-4015-5252