The latest release of the Clearswift Information Governance Server (IGS) product offers new features and Data Loss Prevention (DLP) functionality, as well as the ability to track unstructured classified information and policy enactment. The Clearswift IGS integrates seamlessly with all Clearswift Secure Gateways and ARgon for Email product, enabling our customers to detect when information registered within files is in transit internally, or externally leaving the organization.
Working with ‘information’ rather than files or file names, the IGS can detect and block based upon information fragments. This ensures that if a file changes name or even format, for example from a Word document to a PDF, or if an extract is cut and pasted into a new document, the registered information can still be discovered and a security policy applied.
The IGS contains a central repository of information checksums derived from files registered by users or document owners. Files can be easily registered using a web browser or through the improved client application which enables single or multiple file registration.
For organizations who want to automate the search their Windows fileservers, the File Server Resource Manager (FSRM) feature in Windows Server 2008R2 (and later) can be used to look for sensitive content. If found, the Clearswift IGS Client can register files automatically with the IG Server – saving time and ensuring that sensitive data doesn’t get missed.
If registered files or fragments of these files (information) are emailed to unauthorized recipients or are shared over the Web to unsanctioned sites, action is taken according to policy. For example, the transfer can be blocked and the person breaking policy, and/or the system admin and/or the document owner, can be notified of the event for further action to be taken. Extensive reporting is available to show information provenance.
Extending the use of FSRM to help with GDPR compliance
In the era of GDPR, where information shared both into and out of the organization needs to be tracked, the Clearswift Information Governance Server can be used as part of a compliance strategy through its ability to work with the Clearswift Secure Gateways, monitoring and acting upon the sensitive information they process.
In addition, leveraging the Windows File Server Resource Manager (FSRM) interface to detect sensitive content then pass the file into the IGS for registration adds an additional layer of protection of the information in the document - either as a whole or as a part - should it be sent out via one of an organizations egress points to an unauthorized user.
FSRM can work without the IGS so rather than registering documents that contain sensitive terms such as PII or PCI data; FSRM can use another one of its features known as the File Classification Infrastructure (FCI) which can add custom properties to files. These can subsequently be read and acted upon by the Clearswift Secure Email and Secure Web Gateways as they are processed.
This approach is typically how data classification tools work, as the property is persisted even after the document has been edited and subsequently re-saved.
The Clearswift Secure Gateways can have policy-based actions based on the properties, including:
- Stop the transaction from happening (eg. don’t send the email or upload the file to the web)
- Permit the transaction and send an alert to the Administrator or the user’s Manager
- In the case of email, we can use the property as a trigger to encrypt the message
In the case where the properties are used internally and should not be disclosed externally, the Document Sanitization feature (part of our Adaptive Redaction solution) can automatically remove some or all of the properties that are stored in the documents.
A guide to using FSRM and FCI can be found here.