Digital Guardian for Data Loss Prevention: Product overview

Expert Bill Hayes examines Digital Guardian for Data Loss Prevention and more of the vendor's DLP product lineup, which cover data in use, data in transit and data in the cloud.

Digital Guardian, which was known as Verdasys until 2014, offers several data loss prevention products. Originally focused on technologies for stopping data loss from insider threats, Digital Guardian has expanded its DLP product lineup to address external threats as well.

The company's original product is Digital Guardian for Data Loss Prevention (DLP), an endpoint DLP product. In addition, Digital Guardian acquired Code Green Networks in October 2015, adding Code Green Networks' TrueDLP suite of products -- Network Data Loss Prevention, Cloud Data Loss Prevention and Discovery Data Loss Prevention -- to its lineup. When used together, Digital Guardian four DLP products address security for data in use, data in transit, data at rest and cloud-based sensitive data protection.

Digital Guardian for Data Loss Prevention

The Digital Guardian for Data Loss Prevention product provides context-aware data loss prevention inspection of all data at rest and data in use on Windows, Mac OS X and Linux-based desktops and laptops. It also offers monitoring and control for removable devices, such as USB flash drives and removable media attached to protected endpoints. This ensures that only authorized removable devices are used and that only the appropriate files may be copied or moved to removable devices and media. Digital Guardian for Data Loss Prevention also allows security managers to set policies for their organizations that can block, all or automatically encrypt sensitive data depending on the situation -- such as attaching a file to an email or uploading it to a cloud service.

One of the key features included in Digital Guardian for Data Loss Prevention is automated data classification; the product is designed to tag and classify data upon installation, sorting personally identifiable information, healthcare data, PCI DDS data and more. In addition, Digital Guardian's DLP software can cover up to 250,000 employees with a single management server.

Digital Guardian Network Data Loss Prevention

The Digital Guardian Network Data Loss Prevention product monitors three types of communications: email traffic, HTTP/HTTPS/FTP traffic and all other packets -- for sensitive data in the packet content. The onboard Message Transfer Agent examines email messages for content, source, destination, attachments and subject before leaving an organization. The HTTP/HTTPS/FTP uses a web proxy acting as an ICAP client to communicate with the Network DLP appliance's ICAP service. This enables Network DLP to inspect all outbound sessions for these protocols. The packet monitoring ensures that all outbound data packets regardless of network protocol or destination port are inspected before leaving the organization.

Digital Guardian Cloud Data Protection

The Digital Guardian Cloud Data Protection product provides monitoring and control for all data exchanges with cloud-based resources involving desktops and laptops as well as iOS and Android mobile devices. Supported cloud services include Accellion, Box, Citrix ShareFile and Egnyte. The cloud DLP product scans all files uploaded to cloud storage for confidential or regulated data and remediates it based on policies.

Digital Guardian for Data Discovery

Digital Guardian for Data Discovery performs network and local scans of at-rest files to identify sensitive information found in servers and other data center assets. It also offers an agent that can be used to scan desktops, laptops and servers at remote offices. Once sensitive data is detected, Discovery DLP can handle the file containing that data based on policy. Common responses include deleting a file, moving a file to a vault -- optionally leaving a notification in place of the relocated file -- generating an alert or triggering a custom script.

Summary

Digital Guardian DLP products cover several enterprise IT areas, including endpoint devices, networks and cloud services. The DLP suite also comes with a data discovery component that's designed to help companies identify and audit potentially unsecure data within the IT environment. The suite covers data in use on endpoint devices, data in transit on networks, and data at rest as well as cloud and mobile data. Digital Guardian's products are designed to meet the needs of large enterprises as well as small and medium-sized businesses.

Customers can access the Digital Guardian Support Portal for 24/7 technical support, FAQs, tutorials and other information. Digital Guardian also offers free product trials. Companies interested in Digital Guardian for Data Loss Prevention and other DLP products should contact the vendor for pricing and licensing information.

Next Steps

Part one of this series looks at the basics of data loss prevention products

Part two examines the business case for DLP products

Part three explores usage scenarios for DLP products

Part four focuses on procuring DLP products

Part five offers insight on selecting the right DLP product

Part six compares the best DLP products on the market

Dig Deeper on Data security and privacy

Networking
CIO
Enterprise Desktop
Cloud Computing
ComputerWeekly.com
Close