The Digital Guardian Platform from Fortra (formerly HelpSystems, acquired in late 2021) is a cloud-delivered data protection platform purpose-built to stop data loss by both insiders and outsiders on Windows, Mac and Linux operating systems. Additionally, Digital Guardian User Activity Monitoring enables users to detect, investigate and mitigate suspicious user actions to ensure sensitive data doesn’t get out. And Digital Guardian for Data Discovery provides visibility and auditing of sensitive…
N/A
Proofpoint Insider Threat Management
Score 9.1 out of 10
N/A
An Insider Threat Management (ITM) solution, Proofpoint’s ObserveIT ITM (acquired by Proofpoint November 2019) protects against data loss and brand damage involving insiders acting maliciously, negligently, or unknowingly. ObserveIT correlates activity and data movement, enabling security teams to identify user risk, detect insider-led data breaches, and accelerate security incident response.
When Digital Guardian works well, it really is fairly seamless. You may notice a tiny bit of additional lag on some programs, but for the most part, when it functions properly, it's fairly unobtrusive. Therein lies the rub...when it functions properly. We had frequent program conflicts with Digital Guardian. We had one issue that caused Digital Guardian to completely cripple Microsoft Outlook, and similarly cripple Microsoft Excel. It took Digital Guardian weeks to even release any kind of fix for the issue, and the first several fixes did not, in fact, resolve the issue. We ended up having to completely remove it from our environment and are still waiting for a confirmed more stable version, as it simply caused far too much disruption to our user base, and also consumed an extremely large amount of time from our admins dealing with user issues related to these problems.
Proofpoint Insider Threat Management (ObserveIT) is well suite for organization that are ready to implement risk based solution and do not compare it feature by feature with Classic DLP products. It's aim to analyze and prevent misuse(both accidental or intentional) and educate users.
Email data leaks - DLP software must prevent certain actions to work well. Let's say you try to copy and paste an SS # to an email, or upload sensitive data to your personal email account. Guardian Edge can prevent that, and then alert administrators that it happened
Unauthorized file copies - Guardian Edge can also prevent users from copying files from a sensitive restricted area to somewhere else where they might be able to more easily exfiltrate it. A good example would be from a company file share to a less secure server or their own home drive
Alerting Administrators of suspicious activities - Any time a user uploads a file to an upload service or personal email, it is logged and reported as an event to be reviewed. If it found nothing in scanning the data, it will still notify you that it happened so you can review it yourself to confirm it wasn't a false negative.
It depends on the our needs actually. Audit has big space on our environment, so we need to put anything infront of them clearly. ObserveIT makes it perfectly.
Digital Guardian consists of an elite team of professionals, who easily [identify] any threat and the possibility of cyberattacks. Further, Digital Guardian has the ability to prioritize the handling of the database, based on the risk that each carries. Finally, Digital Guardian has [an] attack sequence that is detailed, progressive, and sustainable.
Proofpoint Insider Threat Management (ObserveIT) is so called next generation of DLP systems ensuring that you can use it after deployment, no need to create comprehensive regex and patterns of data