Core DLP Technology
The 10 Core Technologies Required for Real Enterprise Data Protection
1. Binary & Text Data Inspection
With both text and binary data, files and data streams are protected. All Channels, All Protocols have binary and text data inspected and acted upon. Multiple span ports with greater than 1 Gig/sec bandwidth.
2. Unmatched Intelligence
AccuMatchTM Detection Engines are so advanced with the unique proven ability to accurately detect partial file matches on greater than 10 terabytes of unstructured file-less fingerprinted data without network degradation or latency issues!
GTB’s proprietary, patented technology is so innovative and intelligent, that unlike others, the detection engine doesn’t “choke” when moving into the Multi-Terabyte range.
3. Technology Foundation – AccuMatchtm Detection Engines with Intelligent Smart Search
One of the key differentiators to the GTB Data Protection System are its proprietary, patent pending Data AccuMatchTM detection and Intelligent Smart Search algorithms, which allow GTB’s Data Protection solutions to detect and match pre-defined data with proven unprecedented, unrivaled accuracy and speed.
4. Unstructured, Semi-Structured & Structured – Full & Fragmented / Derivative Data Inspection
Both structured data (social security numbers, credit card numbers, bank accounts, etc.) and unstructured data (reports, memos, designs, source code, agreements, patent applications, MRI files, etc.) even partial source components (e.g. “snippets”, derivative data) are protected from data exfiltration.
5. OCR (Optical Character Recognition) – Visible & Invisible Data
Within documents, both visible and invisible data are protected. OCR inspection for both Data in Motion and Data at Rest covers scanned images, imaged documents, screenshots, and the like.
6. Core Detection & Analysis Algorithms
Methods for describing sensitive content are abundant. They can be divided into two categories: precise methods and imprecise methods.
Precise methods are, by definition, those that involve Content Registration and trigger virtually zero false-positive incidents.
All other methods are imprecise. They include: keywords (custom dictionaries), lexicons, regular expressions (regex), extended regular expressions, metadata, tags, Bayesian analysis, a statistical analysis such as Machine Learning, behavior analytics, hierarchical threat modeling, predefined Dlp (templates), etc.
Combined with proprietary algorithms, GTB’s AccuMatchtm detection algorithms have virtually zero false positives and very high resilience to data modifications including:
Excerpting, inserting, file type conversion, formatting, ASCII ->UNICODE conversion, UNIX–Windows conversion, partial data match, and so on.
7. Real-Time Detection for BOTH Outbound or Inbound Transmissions
Real-time detection is an important aspect of all DLP components, i.e., Network, e-Discovery, and content-aware Endpoint protection. The GTB detection technology has the rare capability of real-time inspection and detection of secure content. The unique advantage of Real-Time inspection is the ability to prevent data loss over the network on any protocol.
This is in stark contrast to competing solutions that can prevent data loss/Leak (i.e.block a violating transmission) only on non-real-time protocols: SMTP via MTA, HTTP/S or FTP via a proxy and/or ICAP server.
8. Proxy not needed on Inbound or Outbound Traffic Inspection
GTB Inspector also has its own SSL Internet Content Adaptation Protocol (ICAP) so there is no need for another web proxy. Already have a web proxy – no worries, GTB’s Network Enterprise DLP has ICAP functions that are compatible with Blue Coat, Cisco, Forcepoint, Intel Security, and like proxy products.
GTB’s Endpoint Protection offers complete data-in-use content inspection DLP capabilities
9. Mail Transfer Agent (MTA)
GTB’s DLP that Works Inspector has an on-board Mail Transfer Agent (MTA) that permits the Inspector to become a smart host for MS Exchange, Lotus Notes, and the like.
10. File Cracking
Unlike others, GTB Detection Engines use numerous proprietary techniques for file cracking. The process does not require knowledge of the file type, does not require the location of the beginning of the file nor its end in the data stream.