SearchInform announced an update of the SearchInform FileAuditor DCAP system. Now the system allows you to specify the level of document confidentiality right in the interface of Microsoft Office applications. For example, if top managers don’t want a document with some internal regulations settled by the board of directors to be read by staff, they will be able to mark the corresponding files – and the system will apply the required restrictions to them.
The task is solved by tagging – tags can be assigned to a file when working with it in Word, Excel, PowerPoint, etc. FileAuditor tags a file in one click in the office editor control panel and allows you to manually set one of five privacy levels: “Public”, “Employees only”, “Secret”, “Top secret” and “Of particular importance”.
For each category of manually assigned tags, flexible protection criteria are available, they are administered by the information security department in the FileAuditor console. For example, you can set a rule so that documents tagged “Employees only” can’t be sent via Outlook, Skype, or any other application. Or forbid everyone to read a file marked “Top secret”, except the selected users and groups. The solution also allows you to define on which PCs and to whom tagging will be available – for example, only to a company’s top management.
“Typically, DCAP solutions are focused on protecting documents stored within massive data arrays – when there is no way to manually find all the files containing confidential information. FileAuditor does an excellent job of identifying vulnerable documents and protecting them; the system implements a unique technology for blocking access to a file in various applications. However, sometimes you don’t need to search for anything: you need to protect a particular important document right now. Previously, information security specialists would have to tweak the system in order to detect it and protect. We made it quicker: an author of a document can tag it assigning the needed level of confidentiality, according to which the system will understand its value and apply the monitoring rules,” says Alexey Parfentiev, senior analyst at SearchInform.
SearchInform FileAuditor finds and sorts vulnerable documents in file storages. For all documents with critical content (personal data, files with passwords, contracts, financial statements, etc.), the solution automatically puts an appropriate tag and takes control of the operations that users perform with them. The system allows you to control access to specified categories of files – prohibit reading, changing, sending documents. Manual tagging enriches this functionality and provide you with an additional protection for the most critical files. The results of manual and automatic classification can be combined. For example, if a document from a financial category is labeled “Top secret”, you can create a general rule that only a chief accountant can work with the file.
In FileAuditor, an information security department or a specialist receives a visual report of who, when set manual tags and what operations are performed with the tagged files. In particular, who tried to open such documents without necessary access rights. And for general users, manual tags signalise that security measures are taken in a company. Upon opening a tagged document, an employee will see privacy tags in the form of headers, footers and watermarks. Nevertheless, if such a document leaks outside the company, this will mean a deliberate leak of information: the employee saw the stamp “Employees only”, knew that the document was not intended for “prying eyes”, and therefore deliberately violated security policies. In case of litigation, this will serve as additional evidence.