1 / 13

GlobalCerts & SurfControl Only a layered approach can provide total risk management.

GlobalCerts & SurfControl Only a layered approach can provide total risk management. Who is GlobalCerts?. Founded as Tovaris in Fall 1999 by team of information security and electronic mail experts Changed name to GlobalCerts in 2004 to better illustrate our corporate strategy

cole
Télécharger la présentation

GlobalCerts & SurfControl Only a layered approach can provide total risk management.

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. GlobalCerts&SurfControlOnly a layered approach can provide total risk management.

  2. Who is GlobalCerts? • Founded as Tovaris in Fall 1999 by team of information security and electronic mail experts • Changed name to GlobalCerts in 2004 to better illustrate our corporate strategy • Brought first S/MIME-compliant secure messaging gateway appliance to market in Fall 2000 • Headquarters in Bedford, NH, and offices in Charlottesville, VA, Washington DC, Boston, MA, and Dublin, Ireland • Privately held company with customers in the healthcare, insurance, banking, investment, government, legal and corporate spaces in U.S., Canada, and Europe

  3. Turn-Key, ALL INCLUSIVE Secure Email & Secure Messaging Platform S/MIME Compliant Universal Secure Delivery Global Certificate Network

  4. The Benefits & Advantagesfor Compliance with the GlobalCerts are Clear • Turn-key email security with little to no user overhead • No client software to load on each individual workstation • Automatic encryption and decryption • Send secure email to any recipient • Little to no management burden • Automated cert management - find and retrieve recipient certificates by default (automatically), on every message sent • Integrate secure email with anti-virus, content scanning, etc. • Link remote email locations quickly – within a couple of hours • Ensures privacy with strong encryption, ensures confidentiality with symmetric key exchange, ensures integrity with a hash function and ensures non-repudiation with symmetric key exchange.

  5. Who is SurfControl? • Leading provider of enterprise threat protection • Shields enterprises from known and emerging Internet dangers through Layered Threat Protection • Redefined traditional “filtering” into a unified set of web, email and messaging security solutions • Continuously filter inbound and outbound Internet traffic to eliminate spam, spyware, phishing, web and email abuse • More than 20,000 customers worldwide

  6. The Risk • 80% of breaches originate within an organization and are carried out by an insider. • Some may be malign, but more commonly they are ‘user error’ –hitting send by mistake. • Information leakage is ranked right after spam as a major content issue facing corporations today. • Today, enterprises need to protect not only external threats, but emerging internal threats regulating the need to control outbound content Information taken from research done by IDC.

  7. What am I protected against? • Violations of regulatory compliance • HIPAA • GLBA • Sarbox (See additional slides for full description of each) • Violations of corporate email policy & best practices • Loss/leakage of intellectual property • Loss/leakage of confidential or customer information • Inappropriate content

  8. Regulatory Compliance • Healthcare – HIPAA • All Protected Health Information (PHI) must be secured to ensure privacy and confidentiality when electronically stored, maintained or transmitted. • Email containing PHI sent across the Internet unencrypted puts a healthcare organization in jeopardy of public scrutiny, stiff fines, and in gross negligence cases can even include imprisonment.

  9. Regulatory Compliance • Financial – GLBA • Under the Gramm-Leach-Bliley Act financial institutions must provide customers with a notice of privacy policies and must not disclose nonpublic personal information about consumers. GLB requires that the SEC establishes standards for protecting customer information. (Section 248.30) Any perceived threat or hazard to the security or integrity of customer records and information must be protected. This includes customer information in both storage and via email.

  10. Regulatory Compliance Enterprises-Sarbanes-Oxley Act (Sarbox) • Sarbox was created to restore investor confidence in US public markets, which was damaged by business scandals and lapses in corporate governance. Under Sarbox good corporate governance and ethical business practices are no longer optional niceties. • Email is a key corporate infrastructure that, per sections 302 and 404 need to be further controlled. When email leaves an organization it is in clear text and there is no way to “control” the integrity of the information in that message.

  11. The Joint Solution • The joint solution from SurfControl & GlobalCerts provides seamless content-forced encryption, allowing for tighter enterprise-wide content protection and compliance enforcement. • Users don’t do anything differently to send/receive email • Administrators don’t manage complex systems • Recipients don’t change the way they receive secure messages • Sensitive information stays confidential, protected and compliant

  12. Joint Solution Architecture

  13. Who is using our Joint Solution? • Iowa Health System: 10,000+ users (Case Study Available) • Compass Bank: 800+ users • Holmes Murphy: 500+ users • Blue Ball National Bank: 500+ users • Lincare: 1000+ users • Harris County Hospital 4,000+ users

More Related