|
The Growing Threat of Data Theft & Loss
As
the enterprise has become more online in nature and knowledge
workers have become more mobile, the incidence and cost
of data theft and loss has grown dramatically. Every day,
larger amounts of data reside outside the protection of the
traditional firewall. Enterprises and government agencies
are becoming aware that non-compliance with new worldwide
data security regulations can result in serious financial
and legal exposure and business impairment.
There is an urgent
need to ensure complete mobile data security and access-rights
management – so that businesses can
protect their information on other networks and extend
their information-security policy to data as it travels
outside the perimeter to mobile employees, suppliers and
consultants.
The prevailing solutions offered by traditional
security software companies fall far short of addressing
these emerging security requirements. A different approach
is needed.
 Back
to Top
Only OfficeLock: Automatic Protection
for Life of File, Independent of Server
OfficeLock software
is the only Multi-Function Security Solution that automatically
embeds encryption, rights management and security-policy
management features within the file, enabling businesses
to protect their information on other networks – independent
of any server or network security level.
Unlike server-centric
products, OfficeLock extends security policy to files
and email messages – regardless of
whether they are within the corporate network or traveling
outside a secure perimeter. This protection enables corporate
and government officials to fully comply with the worldwide
security mandates as stated in HIPAA, Gramm Leach Bliley
Act, Basel Accord and Sarbanes-Oxley.
OfficeLock is easy
to deploy and users do not require special training. It
allows security to become an integral, yet transparent, part
of normal business operations. Numerous corporations and
government agencies have successfully deployed OfficeLock.
Back
to Top
Comparing
Various Data Security Products
Discrete Point Security Products: There are many server-based products that provide a narrow
solution to specific security requirements such as email,
policy management and authentication. When used separately,
these discrete point products do not meet the total online
security requirements of the mobile knowledge worker. When
these products are combined to provide a comprehensive
security solution, the total cost increases, additional integration
costs are incurred and ease of use is compromised.
Secure
Collaboration Environments: These products provide secure
collaboration on desktop computers within a business, and
on computers belonging to business affiliates. These products
may require changes to business processes and extra user
training. Also, they do not secure data files when at rest
on PCs or outside the secure perimeter. OfficeLock complements
this category by protecting data beyond the environment.
Virtual
Private Network Products (VPN): This category includes
hardware and software products from numerous vendors that
provide a protected and encrypted communication channel between
discrete end points. VPN products are limited to securing
transmissions. They do not secure files at rest on servers
or client devices.
Public Key Infrastructure (PKI) Products: PKI-based products provide a system of digital certificates
and other registration methods that verify and authenticate
the validity of each party involved in an Internet transaction.
Individual key management generally is perceived as very
difficult to administer and use. It requires substantial
management, equipment and infrastructure. PKI-based products
such as USB token devices, authentication devices and Common
Access Cards can complement OfficeLock.
Multi-Function Security
Solutions: These solutions, represented by OfficeLock and
other vendors, provide a variety of components required
for file life-cycle security. Components can include: Automatic
Email & File Encryption; Secure User Authentication;
Rights Management; Security Policy Management; Secure Work
Group Administration; and Malware Protection. OfficeLock
is the only Multi-Function Security Solution that fully integrates
all of these components – without dependence on a
central server and without dependence on non-native file
formats such as PDF files to protect content. Server-independence
enables OfficeLock to easily extend security features to
business affiliates that are outside the security perimeter.
Non-reliance on PDF files makes it easier for users to
collaborate within an application, according to the secure
file-management attributes that are embedded within the
file.
Back
to Top
OfficeLock G2™ for the Government Market
OfficeLock
G2 meets or exceeds all U.S. Government requirements for
processing sensitive-but-unclassified (SBU) data. It is
undergoing Common Criteria certification and is available
with a FIPS (Federal Information Processing Standards) 140-2
certified algorithm.
Who is Using OfficeLock?
OfficeLock’s automatic data protection is ideal for
mobile knowledge workers, home-office workforce, health care
professionals, attorneys, CPAs, and financial & business
consultants. OfficeLock is already used by many organizations
in the public and private sectors, including: two major
U.S. Dept. of Defense branches; a global manufacturing
firm; and companies in the real estate investment, health
care and private investigation industries.
OfficeLock Pricing
OfficeLock pricing is
available by calling the Interfuse media contact. The cost
of deploying and owning the OfficeLock Multi-Function Security
Solution is substantially less than attempting to attain
the same functionality by combining several Discrete Point
Security Products.
Back
to Top
Detail on OfficeLock Features
Automatic
File & Email Encryption: Automatically – from
within the application and according to policy-controlled
automation and privilege levels – encrypts files,
email and attachments when a user closes a file or sends
a message, according to an automation level.
Secure User
Authentication: Ensures authentication for each user.
The OfficeLock secure sign-on utilizes a user-entered password
to gain access to OfficeLock resources, decrypt/encrypt
the user’s “key bag”, and prevent any
non-authenticated attacker from accessing information secured
by OfficeLock. An Application Program Interface (API) is
provided for connection to multifactor authentication devices,
such as tokens, Common-Access Cards and biometric readers.
Rights
Management: The originator of the file can restrict the
recipient’s ability to print, cut, copy, paste,
rename and access the file content outside of specific
start and end dates.
Central Policy Management: Empowers
the management team to define a security policy in
terms of an individual user’s
rights and privileges for electronic files in each protected
business application, deploy the policy to users within
and beyond the enterprise network (regardless of an active
network connection), and ensure that internal and external
users automatically comply with the policy for the complete
business-information cycle.
Secure Workgroups: Empowers users
to create self-administered confidential work groups, without
changing business practices. Groups may include internal
and external workers and external customers, patients,
clients, suppliers and consultants. Also extends security
information access, control and collaboration to business’ employees and external affiliates with
a high degree of automation, in compliance with the enterprise
security policy. Users within an enterprise directory, such
as Microsoft’s Active Directory (LDAP), can become
members of multiple OfficeLock enterprise groups while
also being in self-administered work groups.
Malware Intrusion
Protection: Prevents compromise of OfficeLock-protected
applications and related system resources from attack by
aggressive malware, including destructive Trojans, Remote
Administrative Trojans, Key Logger Trojans & Spyware,
Multipartite Trojans/Worms, and Polymorphic malware. System
protection from malicious threat patterns is available
as an option. This feature is expected to be available
by the end of 2004.
Back
to Top
Interfuse Leadership Team – Security
Expertise
Key members of the Interfuse leadership
team have been responsible for development, validation and
deployment of sensitive, confidential and classified projects
in the commercial and government sectors – which include
secure international banking and transaction systems, battlefield
data management systems, and Tempest products. They also
have been active in the U.S. Intelligence Community and have
helped develop plans and technologies to respond to the Community’s
requirements for secure hardware and software products.
OfficeLock is a patent-pending technology. To learn more
about Interfuse’s
advanced security infrastructure solutions, please visit
www.interfusetech.com.
###
Media Contact:
Stan Schneider, Schneider Communications
Ph. 954-435-3310; stan@schneidercom.com
Trademark Notice: OfficeLock, OfficeLock Enterprise and OfficeLock G2 are
trademarks of Interfuse Technology Corporation. Microsoft
Office is a registered trademark of Microsoft Corporation
in the United States and/or other countries. All other
trademarks are the property of their respective owners.
Back
to Top |
