Symantec delivers information-centric security on Office 365; provides data loss prevention and data rights management

Symantec Corp. announced on Tuesday enhancements to its Data Loss Prevention (DLP) technology to protect information in Office 365. With Symantec DLP, data is protected whether at rest or in transit, on-premises or in the cloud, and everywhere it flows through a single management console.

As an integral element of Symantec’s Integrated Cyber Defense Platform, Symantec’s DLP technology leverages a combination of detection technologies backed by advanced machine learning to classify sensitive personal information, including Sensitive Image Recognition (SIR) with Optical Character Recognition (OCR).

When data is shared with third parties, identity-based encryption and digital rights are automatically enabled to classify and persistently protect and track the data. Protected organizations will have visibility of where their data is shared and who is accessing it, with the ability to revoke access if needed. This Information Centric Security (ICS) approach focuses protection around data and reinforces GDPR controls and other compliance best practices.

Monitoring and protecting data in the cloud generation is a complex task, and GDPR and other similar privacy regulations have further raised the stakes on data security, privacy and compliance.

As such, companies must work to ensure that sensitive data such as PII, intellectual property, or source code is protected no matter where it is shared. In the cloud generation, this is more difficult than ever, as enterprises are rapidly adopting SaaS applications, including Office 365, that require data to continuously move between endpoints, cloud and third parties such as partners, vendors or contractors.

Symantec provides advanced functionality for visibility, protection and control of sensitive data no matter where it lives or travels. Users can now safely share sensitive data through Office 365 with employees, partners or contractors.

Symantec DLP 15.1 offers automatic protection for sensitive emails and attachments in Office 365 and Gmail with identity-based encryption and digital rights management. This is delivered via integration of Symantec DLP and Symantec Information Centric Encryption (ICE) to protect and track sensitive data shared with third parties. It also provides ability to read classification tags that were manually applied to files and emails and automatically protect based on the assigned level of sensitivity; and easier monitoring for GDPR compliance-related data risk with the use of new DLP in-built policy templates and powerful risk-based reporting capabilities provided via Symantec Information Centric Analytics (ICA).

“As enterprises migrate to Office 365 and other SaaS applications, they risk a huge potential of data loss, which is made even more complex in the face of increasing data regulations such as GDPR,” said Nico Popp, senior vice president of Information Protection, Symantec. “Information Protection is a critical part of an organization’s integrated cyber defense strategy in this cloud generation environment. By taking a holistic approach, we can better protect data as it moves across endpoints, networks and applications.”

Within the Symantec Integrated Cyber Defense Platform, DLP integrates with many Symantec technologies to provide data protection across control points. This is accomplished with a single solution and centralized policies for consistent protection extended across endpoints, network, IaaS, SaaS and email.

The integrated solution aims to lower total cost of ownership, increase data protection efficacy and minimize false positives. Symantec DLP is integrated with proxy, CASB, email and user and entity-based analytics (UEBA) solutions to deliver end-to-end data security for enterprises worldwide.

Symantec Data Loss Prevention finds data and determines whether it is sensitive and adds policies around it. For instance, users can set policies to make sure that certain highly sensitive data is not allowed to leave your organization, unless it is encrypted. Data Loss Prevention provides complete visibility and control across the range of channels, including cloud apps, endpoints, data repositories, and email and web communications.

While Data Loss Prevention delivers a combination of automated data detection technologies (from data fingerprinting to image analysis), it relies on appropriate policies being defined. When sensitive data is created before a policy exists, the Symantec approach lets the data owner classify it.

Symantec Information Centric Tagging empowers employees to identify and classify how sensitive their data is, extending protection to sensitive data where policies may not yet exist. Information Centric Tagging also automates data protection, applying automatic watermarks to email and documents, leaving a visual indication of the classification level, as well as the protection state.

Symantec Information Centric Analytics (powered by Bay Dynamics) provides an integrated, contextually enriched view of the enterprise’s cyber risk. It correlates and distills Symantec Data Loss Prevention security event data, uncovering valuable insights into user behaviors to reveal persistent threats and risky activities.

Information Centric Analytics helps become more resilient to data breaches or account takeover by dynamically analyzing large numbers of security alerts and delivering a prioritized list of users whose behaviors are elevating risk level. This helps reduce the likelihood of a breach and improves compliance with data protection regulations.


Leave a Reply

WWPI – Covering the best in IT since 1980