Data Protection Manager (Deep DPM) is the world’s first Data Loss Prevention (DLP) technology integrated with Data Access Governance (DAG) and Identity Governance & Administration (IGA).
While typical DLP solutions focus only on files and its data, Deep Identity uses the “layered approach” to inspect and analyze data providing real-time monitoring and take appropriate preventive actions taking into consideration the identity, access, file attributes including storage and data itself.
Point solutions or Silo implementations simply don’t meet the key requirements of an enterprise today. Enterprises must decide on the right strategy to address the data security challenges of today.
The integration with Data Access Governance technology (Deep DGM) has enabled Deep Identity to provide source location, destination location, number of duplicate files in the enterprise, list of individuals with the related information on access to the files with detailed access rights and last access dates, classifications and finally the owner of the file itself.
Integration with Identity Governance and Administration (Deep IACM, IM and PIM) has enabled Deep Identity to provide comprehensive information about the individuals and their access rights to these files and data. Deep IACM, Deep IM and Deep PIM provide information on who has access to what, when, where, why and how-along with the related request and approval information. Other valuable information includes logical information about these individuals such as date of hiring, transfers, current department, manager and business role within the enterprise.
With this integrated solution, enterprises can truly meet their end to end data lifecycle management and data protection requirements.
Content & Contextual Analysis
Deep DPM will first get hold of the files or objects, either from data at rest or data in motion or data at endpoint. Once a file or object is opened, Deep DPM will perform content inspection or contextual analysis. For the analysis, contexts include source, destination, size, recipient, sender, header information, time, format and many more attributes.
Content inspection involves searching for a particular string or pattern against opened files or objects. This is more time consuming than basic contextual analysis. Regular expression and Rule based search are applied to make the DLP implementation more practical. Whitelist and Blacklist words are also possible to be applied here. As part of this content and contextual analysis, pre-built rules also can be used. Such rules include PCI-DSS for credit card, Source Code for IP protection, PDPA for privacy of personal data and HIPAA for healthcare information.
Real-time Data Protection (Monitoring & Prevention)
Deep DPM provides various types of real-time monitoring and protection against data loss. Such real-
time monitoring and protection is implemented for:
1. Data at rest typically resides within stationary repositories – such as Windows file server, Databases, SharePoint portal and other common storage drives. Typical risks with this type of data include the lack of visibility of who has access to the sensitive data and list of duplicate files being copied again within the enterprises.
Deep DPM understands where the data reside within an enterprise and reports regularly on details such as complete access to these files or objects, duplication files/objects, last access and other related information.
2. Data in motion include information that is in transition, especially documents being attached in the mail and sent outside the organization. Common risks associated with this type of data include the loss of sensitive data and business risk associated with it.
Deep DPM can capture data in transit from laptops, mobile devices or even from mail servers and protect these data from leaving the enterprises.
3. Data at the endpoint relates to information stored on laptops, mobile devices and portable storage.
Misplaced or Stolen laptops, mobile devices and portable storage give unauthorized access to valuable data, eventually causing access to “offline” data.
Deep DPM with endpoint agents can discover the files and objects and their content for inspection and analysis which leads towards protection of these data against data loss.