Awarenesstechnologies Intro Document

Awareness Technologies, Inc. Corporate Headquarters | 4640 Admiralty Way | Suite 1010 | Los Angeles, CA 90292 | TOLL FREE: 1.888.224.1288 | LOCAL: 310.822.4557 www.awarenesstechnologies.com ©2010 Awareness Technologies, Inc. The trademarks used herin are the trademarks of Awareness Technologies, Inc.

AWARENESST E C H N O L O G I E S

Awareness Technologies, Inc (ATI) is a Los Angeles, California company founded in

2002 who has over 200,000 total users and 10,000 corporate customers using ATI’s

patented Software as a Service (SaaS) all-in-one endpoint security solution to

protect organizations from their greatest threat, the insider. Awareness

Technologies was honored with the distinction of “Technology Fast 500” by Deloitte

in 2008. Leading and marquee organizations in government, financial, health care,

education and many Fortune 5000 companies use Awareness Technologies to

mitigate the threats posed by insiders.

About Awareness Technologies, Inc

A Whitepaper By Ron Penna

Complete internal threat solution on the endpoint delivered as a service

Viruses

Spam

Hackers

Malware

Ant

i-Viru

s Firewall

Anti-Spam

Anti-M

alw

are

Company Network


The primary focus of security professionals over the last 10 years has been External Security – keeping the unknown bad guy

out. However, there is now recognition that Insiders are by far the greatest risk to a company, as they know where critical and

confidential data already resides. Insiders can be an employee, contractor, telecommuter, traveler, or anyone that has

privileged access to systems. Breaches caused by insiders can include negligence, pretexting, and carelessness, as well as a

wide range of malicious behavior. Even most breaches by external individuals were made possible by insiders whether

deliberate or not.

Insiders are a growing problem and yet the technology solutions available to mitigate the insider threat are far fewer in

number, and far less utilized than solutions that claim to prevent compromise by outsiders. The dedicated focus on external

threats has created a very large gap in most organizations information security programs that companies are just now realizing

they must address. Like the slow boil of a frog in water, as a society we have acclimated ourselves to a very unhealthy balance

between external and internal threats. It is important that we understand why so we can reverse this trend.

Information Security EvolutionOver the past decade, information security has gone through a series of evolutionary steps. Originally there were single,

individual threats from the outside. These were individually mitigated through separate solutions. Viruses were stopped by

anti-virus solutions; hackers blocked by firewalls; SPAM filtered by anti-SPAM solutions, and so forth.

The number of threats and paired solutions grew to the point where technology providers began offering solutions that

included several mitigation techniques within a single device. These devices are commonly referred to as unified threat

management (UTM) devices. Most organizations today don’t just have a firewall but rather an all-in-one device that that

includes firewall, intrusion detection and prevention, gateway anti-virus, web content filtering, SPAM filtering and more.

These UTM devices attempt to give you all the protection you need from Internet based threats.

Security 2000-2009

Complete internal threat solution on the endpoint delivered as a serviceA Whitepaper By Ron Penna

Awareness Technologies


PAGE 1


Complete internal threat solution on the endpoint delivered as a service

The threat landscape has changed over the past few years to be more focused on internal threats. This includes attackers

directly compromising internal systems as well as increased risks from insiders themselves. Confidential data loss, laptop theft

and loss, employee productivity and liability issues, regulatory compliance, incident forensics and data monitoring and recording

are all issues the modern day information security professional, compliance officer, and IT administrator must address.

Again we see the same pattern but this time it revolves around insider threats. Individual internal threats spawn a myriad

of individual point solutions . Software conflicts, management difficulty, and interoperability will naturally lead to the next

evolution of insider threat mitigation solutions. What emerges is an all-in-one solution that has a complete set of security

solutions to protect organizations from their greatest threat, the insider.

In addition to the trend toward a unified threat solution, there are two other key themes that have now become core to

IT security. The first is Software as a Service or SaaS. The need for simplicity has emerged as a critical element that

allows companies to adopt a multitude of security technologies in a rapid and efficient manner.

A Whitepaper By Ron Penna

Viruses

Spam

Hackers

Malware

Ant

i-Viru

s

Firewall

Anti-Spam Anti-M

alw

are

Security 2010 and Beyond


Company Network

Employee Monitoring

Employee Errors &Regulatory Failures

LaptopTheft/Loss

EmployeeProductivity

ConfidentialData

DLP

Lap

top

Rec

over

y

Web

Filtering


PAGE 2

FUTURE2008 2009 2010200720052000

Proliferation of singlepoint solutions for

external threats

Proliferation of singlepoint solutions for

external threats

Emergence of UTMfor Internal Threats

Emergence of SaaSfor Internal Threats

Proliferation of singlepoint solution for

internal threats

Emergence of SaaSfor external threats

Emergence of UTMto consolidate

external threats


With the above in mind, Awareness Technologies has created Interguard -- a complete, unified solution focused on insider

threats through a single vendor that offers easy deployment and centralized management though a SaaS delivery model

which sits on the endpoint providing complete visibility and control.

There is no shortage of technologies that mitigate specific threats. With the number of new threats compounding each

year, more and more technologies are needed. These single point solutions have become a plague for IT administrators

due to the overwhelming administrative and management requirements that accompany having so many different

technologies, each with their own management and monitoring interface. Information security professionals need to have

an all-in-one, multi-threat prevention platform that creates layered security protection for all insider threats including loss

of critical data (both intentional and accidental) as well as employee productivity and malfeasance. Accordingly, a

complete insider threat solution would include all elements necessary to control all insider actions including:

The Solution in Concept

1. Unified Internal Threat Solution

Data Loss Prevention

Web Filtering

Laptop Recovery

Employee Monitoring

2. End-Point Security Solution

With the exception of desktop anti-virus, nearly everything organizations use to protect their networks and systems is

applied on the network level. Firewalls, intrusion detection systems, proxies, filters, and scores of other technologies have

been used at the “edge” of the network to keep the bad guys out. This approach is sensible to keep bad guys out;

However, the situation is different with insiders as their damage is done from within the network or the endpoint.

Accordingly, it is nothing more than common (or uncommon) sense that insider threat protection occur on the endpoint.

In addition, with the advent of the mobile workforce, endpoint security has become that much more necessary as network

based solutions do not adequately account for off-network staff. What information security professionals need is a next

generation end-point solution that focuses on the insider that works everywhere and sees everything. No excuses or

exceptions for telecommuters, travelers, and other remote employees. No security gaps missed by lack of visibility across

all end-points, regardless of location.

Summary of 4 core evolutionary themes in IT Security

Old New

External threats

Multi-point solutions

Complex/costly

Network-based

Internal Threats

Unified Threat Solution

SaaS (simple/lowcost)

Endpoint-based

The second is the shift away from network-based security technologies to the endpoint, as recognition of the clear

benefits from controlling the problem at their source – the endpoint.

Complete internal threat solution on the endpoint delivered as a service A Whitepaper By Ron Penna



PAGE 3


Data Protection and Employee Productivity Redefined

1. DLP is only as good as the policies you set up. What if you don’t set up all the policies you need?

What if there are gaps? How would you even know if sensitive data was leaking out?

In order to understand the solution, we need to agree on the problem. From a very high level, insiders can do two things

to cause damage to a business. The first is leak or lose critical data, while the second is use company resources for

unproductive purposes. Most of us believe that DLP and Webfiltering are sufficient to solve these issues. But are they?

Let’s start with the first – leak or lose of data.

Again, the common view is that DLP is the answer to prevent data leaks. However, let’s examine the realities. In DLP, we

set up policies to prevent confidential data from leaving the organization, either through email or removable media. So the

first step is to set up policies, and then let the machine do the rest. Standard DLP is ideal for what it does, but let’s

examine it in the real world by looking at some what if scenarios:

2. As most DLP solutions are network based, what if you have remote or travelling staff? What if

personal webmail (hotmail) is used to send out data?

3. What about data that is sensitive but required for business, such as a salesperson needing client data

including all contact information, expiration date and amount of contracts? Since we can’t prevent

them from having this data, how do we control this threat if they leave to go to a competitor?

4. What about data that is saved to a laptop that walks out the door every day or from time-to-time?

How does standard DLP address lost or stolen laptops?

OffsiteEmployee

Employee onthe road

Organization




Data Center Reporting

PAGE 4

Internet

3. Software as a ServiceFor years IT administrators and information security personnel have struggled with the difficulty of traditional client/server

applications. Each new threat has a corresponding solution that must be tested, deployed and managed. Most require

hardware for centralized data collection, reporting, management, configuration and monitoring. Procuring hardware for

each new solution is both timely and costly. Setup and configuration of a system are often times so complex, it is nearly

impossible to try solutions before you buy them. What information security professionals need is a method to easily and

quickly download, try and buy solutions that don’t require any hardware whatsoever. This is what SaaS promises,

however few technology providers have been able to step up and address the needs of organizations in this way.


1. DLP

As such, Awareness Technologies Data Protection suite includes complete data protection through:

Screen all email (both work and personal) including attachments for sensitive data and block if needed.

Detect and block non-public personal information (NPPI) from leaving your network or organization.

Stop the use of removable media.

Block files based on their content from being copied to portable media.

Protect and enforce policies governing each employee’s computer use, including those that never

connect to a network…including laptops!

Easy intuitive policy creation.

2. Stolen Laptop Protection

Remotely retrieve important files invisibly, using any Internet connection.

Monitor everything the thief does including all of the files they attempt to access, etc.

Prevent the thief from being able to access to any desired programs (Excel, Word, etc.)

Remotely delete files or an entire hard drive.

3. Employee Monitoring

Trigger words allow for proactive alerts without the need to log in to the admin view.

Records all employee communications including email, webmail, and instant messaging.

Blocks or limits applications like peer to peer, webmail and instant messaging.

Records and analyzes all keystroke activity, regardless of the application used.

Formats all data into easy-to-read reports, making it easy to find and evaluate critical security lapses.

Screenshots taken whenever an alert word is typed or read on a webpage.

Ability to search all stored data based on alert words as well as sender or recipient.

Full individualized reporting on an employee’s computer activity.

For this reason, we believe that DLP is a necessary but insufficient solution for protecting data. In order to complete

the picture, organizations need to be able to both record and store all computer activity as well as have the ability to

retrieve/disable the asset or delete the information stored on laptops. By recording all computer activity data,

Information security specialists can now review the realities of what data is leaving the organization and thus

fine-tune policies. In addition, a complete forensic record exists on demand should an issue arise. With respect to

laptops, most data breaches today occur as a result of lost or stolen laptops. These have also represented the most

public and damaging cases. Thus, the ability to geolocate and/or disable a laptop or delete sensitive information

remotely is a critical element of complete data protection.

Secure and confirm deletion to the highest government standard of unrecoverability.

Geo-locate the stolen laptop, in real-time over any Internet connection, often with greater accuracy than GPS.

Works invisibly and undetectable at each desktop, without impacting central network computer resources.




PAGE 5


1. Webfiltering

For this reason, we believe that standard network-based webfiltering is insufficient. The first problem is addressed by a

solution that works both on and off network. Endpoint solutions accomplish are the only way to address this scenario. The

second problem is addressed through a solution that goes beyond webfiltering by recording all computer activity and can

block any application such as webmail, IM, games and peer-to-peer. In this way, an employer can be assured that

company assets can only be used for work purposes as can see a full picture of the employees day in context. That is,

how much time is spent on work email, vs personal email vs. websurfing vs IM vs. Excel or Word or Powerpoint.

Monitors and filters Internet use on and off the network (even on laptops).

Blocks or limits applications like peer-to-peer and instant messaging.


All search terms captured.

Works whether the system is connected to the network or not.

As such, Awareness Technologies Employee Productivity suite includes:

Day in the life of an employee:



Business Email

Personal Email

Web Browsing

Media Player

Microsoft Office File Sharing

Games

IM/Chat


PAGE 6

Now let’s turn to Employee Productivity. Again, it is commonly believed that standard network-based webfiltering fully

addresses this issue. But let’s ask a few what ifs:

1. What if the employee is remote or travelling? In today’s business climate, few organizations don’t have a

growing remote employee base. Once of the network, there is no way to enforce policy.

2. Are there other unproductive activities beyond simple url blocking, such as IM, personal email, peer-to-peer, games?

3. What can you really tell about an employee’s day from a list of urls visited? Can you really tell what is being googled?


1.

Employers today recognize that employees represent their greatest competitive asset, and thus their greatest potential

threat. With a business climate today that demands maximum employee productivity and recognizes that employees have

access and knowledge of critical data. a greater portion of the IT security budget will begin to be spent on solutions that

mitigate the greatest threat to organizations, the insider. While this fundamental shift will not happen overnight, it will

literally redefine information security over the next decade. As such, we urge organizations to consider the entirety of the

problem and to not take the same piecemeal approach initially used in addressing external threats.

Complete – one solution and one interface for all insider threats.

Organizations should consider lessons learned from the evolution of external security and consider solutions that solve the

problem. In summary, these are:

2. SaaS – removes obstacle to adoption through simplicity of installation and management.

3. Endpoint – control the problem at the source for complete visibility and control.

Awareness TechnologiesThe Awareness Technologies solution is the next evolution in insider risk mitigation technology designed for organizations

of all sizes. With its easy to deploy, easy trial, and no hardware required, you can immediately enjoy the benefits of this

next generation solution within minutes.

2. Employee Monitoring

Works invisibly and undetectable at each desktop, without impacting central network computer resources.

Records all employee communications including email, webmail, and instant messaging.

Blocks or limits applications like peer to peer, webmail and instant messaging.

Records and analyzes all keystroke activity, regardless of the application used.

Formats all data into easy-to-read reports, making it easy to find and evaluate critical security lapses.


Ability to search all stored data based on alert words as well as sender or recipient.

Full individualized reporting on an employee’s computer activity.




PAGE 7

Date post:	12-Jan-2015
Category:	Documents
Upload:	guardera-access-solutions-inc
View:	341 times
Download:	0 times

Awarenesstechnologies Intro Document

Documents