Endpoints like desktops and laptops are large repositories of organizational data with hundreds and thousands of them carrying critical product, financial, sales, marketing and employee data. Data transfer from these endpoints over USB devices, applications, printers or through network sharing can lead to loss of confidential information. Also, modification and deletion of critical files over the endpoint poses a significant threat to data security.
Lack of strict policies regarding file and device encryption make removable devices the most critical points of data loss. Such data breaches can lead to severe financial and legal liabilities to organizations including loss of customer, partner and stakeholder confidence.
Cyberoam Data Protection and Encryption
Data Protection and Encryption from Cyberoam helps organizations control data loss through identity and group policies that control transfer of data over applications like email, instant messengers – Skype, Yahoo, GTalk and more – files shared within the network and use of printers.
Cyberoam offers granular encryption controls for removable media like USB Drives, sticks and other USB Storage devices. Customizable alerts to administrators and warning messages to end users allow prompt action as well as user education.
Document Protection – Shadow Copy
Cyberoam allows administrators to implement policies for file transfer to fixed and removable devices as well as network sharing, based on the user or group, file name, extension and application type.
Shadow copies of files during creation, modification, copy and deletion over removable media eliminate the threat of accidental or malicious modification and deletion of data in addition to assisting in forensics.
Encryption – Removable Devices
Cyberoam allows administrators to create a list of permissible removable devices for use within the organization. This enables them to implement organization-wide policies of compulsory usage of encrypted devices in addition to allocating different groups of removable USB devices based on departments, groups and hierarchical levels.
Policies can be defined to control the ability to read and write over removable devices, preventing employees from carrying organizational data in their pockets, a leading cause of data loss. At the second level, administrators can implement policies for compulsory encryption of the removable device or file while writing the file to a device. Imposing compulsory decryption prevents lost USB devices from exposing organizational data to external entities.
Cyberoam allows organizations to control file transfer based on the sender, recipient, subject and attachment name, extension and size, delivering comprehensive controls over email file transfer. Policies can be created based on the user or group’s work profile, offering data protection with work flexibility.
Instant Messenger Controls
With effective control over files transferred through Skype, MSN, Yahoo, Google Talk and many other popular instant messengers, Cyberoam offers one of the most comprehensive controls for data transfer over instant messengers. Administrators can control file transfer by file name, extension and size. Logs can be archived for chat conversation as well as file upload and download. This feature also gives shadow copies of the files uploaded and downloaded over IMs.
Policy-based printer management for local, network, shared and virtual printers with granular controls that include printer name and application-based printing are provided by Cyberoam Endpoint Data Protection. Administrators also have access to the recorded image of the printed file.