The data security is to prevent the top of the IT departments and often the main reason for choosing a Citrix solution. Nowhere is this issue more relevant today than are involved in discussions enterprise mobility and data exchange.
Share File, the Citrix sync and share solution for the company, makes it easy, with third parties exchanging information sometimes too easy. Users should not be allowed to share files on the whole if they contain sensitive information such as credit card numbers, personal identification information or intellectual property. For healthcare organizations, the spread is from Protected Health Information (PHI) limiting the core requirement for HIPAA.
For location-based systems such as corporate e-mail and Web proxy server, outbound information can be checked, the network edge and the trailing of sensitive data, accidental or intentional, can be prevented. But if you send a file as a hyperlink instead of a plant, the existing systems are bypassed and your security team lose visibility into what is leaving the network.
introducedSoon after Citrix Share File Enterprise with Storage Zones, our partner Digital Guardian and Code Green Networks develops solutions the risk of data leakage by the use of Share File APIs to mitigate the access to move files to or revoke the contain confidential information. But if your security team had already standardized on another on-premise security suite, you had to either two sets of DLP policies to manage or reduce the risk of sensitive data accept via Share File nightlife.
So, we are very excited to announce that Share File now integrates with several market-leading DLP offerings to enable Content-Aware-sharing restrictions. be checked
documents stored in your local can Storage zone's third of each party DLP security suite that supports for inline content scanning ICAP, a standard network protocol. Sharing and access rights can then be adjusted based on the results of the DLP scanning and your preferences for how strictly you want to control access.
Which DLP systems are supported?
because we rely on the ICAP standard for interacting with your DLP server same as a web proxy would-Share File DLP integration with any ICAP-compliant solution work and requires no modification in policy or server in your existing security suite. ICAP-compliant solutions include:
- Symantec Data Loss Prevention
- McAfee DLP Prevent
- Websense TRITON AP-DATA
- RSA Data Loss Prevention
binding Share File security policies means your existing DLP security suite that you get a single point of policy management for data validation and security alerts. If you are already one of the outgoing top for scanning e-mail attachments or web traffic using solutions mentioned, you can refer to the Share File Storage Zones controller on the same server.
How Share File works with market -leading DLP solutions to prevent data loss
We have a flexible develops policy-based system that provides on a new granular access and exchange of checks based classification attribute that is associated with each file. The system uses DLP scan results to each version fit into your storage area of each file . There are three data classifications:
- Scanned: OK - files that have been scanned by a DLP system, and passed OK
- Scanned: Blocks - files that have been scanned by a DLP system, and sensitive data contained
- unscanned were found: files (have not been scanned in the cases where the files in front of the DLP is configured or when the external DLP system is unavailable or slow to respond)
next sets different access and sharing of limitations for each data classification the Share File platform. For each category, select the Share File Administrator to enable the actions:
- Whether an employee can download the file or share
- Whether 3rd party customers can use the file download Share
- Whether anonymous users to download the file
These settings limit the normal permissions and sharing controls available for users as their data Share file interaction and cooperation with other , For example, when to send someone a file, users could choose anonymous access settings when DLP to block it would allow them to anonymously share. But when they try to share a file in a way that prohibit the DLP settings, prevents them from platform.
This flexibility allows you to control the trade-off between security and usability, how your organization fits best. When a document is marked as sensitive, you could still allow to be sent to people outside the organization exchanges between employees, but block. Or you could take a more rigorous approach and all users lock (also the owner of the file) by downloading or sharing the file with anyone. If you block downloads, an employee would not be able to access Share File from an unmanaged device to get the file and share it with other agents.
For all files that are not scanned, you can configure the same sets of restrictions. This means Share File could take a "innocent until proven guilty" or impede the flow of information according to your appetite approach "guilty until proven innocent."
When Storage Controller Zones files sends the DLP system for scanning, it the owner of the file and the folder path contains metadata indicating where the file is located in Share File. This enables the DLP server to log events and create alerts with enough details to be actionable.
Availability
Share File DLP integration requires Storage Zones Controller Release 3.2, which will be generally available in June 2015
0 Komentar