Verdasys Hosted Service Provides Advanced Tools for Data-Loss Prevention
Cybersecurity
SHARE
Facebook X Pinterest WhatsApp

Verdasys Risk Assessment Program

Verdasys Risk Assessment Program
Written By
Frank J. Ohlhorst
Frank J. Ohlhorst
Jan 18, 2013
3 minute read
eWeek content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More


Verdasys Risk Assessment Program

Verdasys Risk Assessment Program

The Verdasys Managed Service Risk Assessment Program begins with a questionnaire which gathers answers to key questions such as “Are users allowed to use Dropbox?” or “Are users allowed to email sensitive data to any known third parties?” The purpose of the questions is to determine if there are pre-existing policies in place.


Data Loss Protection Service

2

It’s easier than ever to move sensitive data from an endpoint to removable media such as USBs, iPods and iPhones. Verdasys’ MSIP relies on the Verdasys Digital Guardian DLP solution to provide removable media encryption on data and devices individually by file, device type, brand or model. The customer receives a report like this one detailing who is sending what and where, for a complete audit to meet compliance and forensic needs.


Controlling Data at All Phases

3

Capturing hard-to-detect, high-risk user actions such as print and “print screen” information can prohibit the unauthorized movement of confidential information. The MSIP print report shows key information such as file size and type, top users and printers. Many organizations can’t confirm whether valuable data is exposed, let alone how. The MSIP helps them answer the most detailed data security questions. It can even see printing online or offline, from home or work, to local, network and “soft” printers such as PDFs.


Advertisement

Following Data in Motion

4

From this Verdasys MSIP report, the customer can see how data is moving throught the enterprise and who is sending it, as well as in what format.


Validating Data in Emails

5

Visibility into the way data flows through email systems is critical. MSIP has the ability to track which users are sending data to particular domains. Another important component of the MSIP reports details what type of data is being emailed.


Extensive Reporting

6

Who is using Dropbox? What are they doing with it? Is a company’s sensitive data at risk of being sent to the cloud unencrypted? It’s important to monitor the usage of risky applications in an environment and determine whether these applications have accessed sensitive data. This report drills down into individual machines and users. It can also show how data is used in a complete usage context, from executive summaries to detailed forensics.


Role-Based Controls

7

Another aspect of the MSIP involves presenting the right report to the right customer. Different business units may need to access different reports about different user populations. The MSIP service uses role-based access so that console views can be tuned to the needs of each business.


Enhanced Views

8

Understanding acceptable use verses unacceptable use of data is critical in order to enable users to legitimately conduct business. Here you can see that an email was sent to Gmail with work data. Is it safe? Enterprises need to be able to collaborate or allow users to send social email, for example. But what is an acceptable use of these social services? This report allows the MSIP customer to see a full view of activity and flag potentially risky behavior.


Advertisement

Activity Reporting

9

Customizable MSIP reports can offer insight into data activity that may be questionable. This report shows that a single executable uploaded files to a remote host and accessed system-level files. This can be indicative of a cyber-threat, and the business utility of this process should be reviewed.


Questionable Business Process Detection

10

This MSIP report, provided by an actual Verdasys customer with identifying information removed, was provided because it flags a questionable business process—a single executable was uploaded to a host in China and accessed system-level files. This type of activity can be indicative of an Advanced Persistent Threat or some other cyber-threat. It was recommended that the business utility of this process should be reviewed. The response the MSIP team can take may include restricting the application, retrieving all files it touches, cautioning the user of a risky business activity or even shutting down the application.


Customizable Rules and Policies

11

Verdasys MSIP engineers work closely with the customer to create rules and policies tuned specifically for each business workflow and process. Robust exception handling capabilities, honed over years of field experience with large Global 2000 companies, are invoked to support complex workflows.

Frank J. Ohlhorst
eWeek Logo

eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site's focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

facebook
linkedin
youtube
rss
x

Company

About us Contact us Advertise with us

Categories

Latest News Resources Artificial Intelligence Video Big Data & Analytics Cloud Networking

Property of TechnologyAdvice. © 2026 TechnologyAdvice. All Rights Reserved

Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

Terms of Service Privacy Policy California - Do Not Sell My Information