Find and protect sensitive data where it's most vulnerable
Unstructured data—information contained in documents, spreadhseets, images, and other files, rather than in a database—accounts for 80% of a typical organization's data. Much of this data resides on user devices like laptops, mobile phones, and tablets, where it's exposed to physical theft, unauthorized sharing, and other threats on a daily basis.
Typical approaches to endpoint security have focused on protecting devices, rather than the data stored on them, from unauthorized access. These strategies fail to address the reality that employees are constantly sharing and sending data from their devices to external parties, cloud storage services, and other destinations outside the organization's control.
Meaningful endpoint security requires not only protection while data resides on a device, but protection against threats when data travels to other devices, other operating systems, and other networks.
Protect data you didn't know you had
Two obstacles commonly hinder organizations who attempt to secure data on desktops and laptops:
- A lack of visibility into the data stored on employee devices
- Limited options for remediating and protecting sensitive data
PKWARE's Smartcrypt solves these challenges, enabling organizations to identify and protect sensitive information as soon as it appears on a user device. Smartcrypt's advanced data discovery, classification, and protection capabilities allow administrators to scan endpoint devices for files containing sensitive information and to apply automated, policy-based, remediation and protection.
Administrators can define the types of information that require protection, and can choose from a wide range of actions to be taken when sensitive data is detected:
- Protecting files with persistent encryption that travels with files when they are moved or shared via email, FTP, or the cloud.
- Masking or redacting specific text within files
- Moving files to a quarantine folder or other secure location
- Deleting files that contain inappropriate data or that are stored in inappropriate locations
Smartcrypt is compatible with every enterprise operating system and integrates with Microsoft Office, allowing users to maintain their normal workflows without compromising the security of the organization's data.
How it works
The Smartcrypt for Files and Folders agent is installed on any user device that may be used to create, process, or store sensitive data. Agents apply the organization's data protection policies as defined in the Smartcrypt Enterprise Manager administrative console.
After deployment, Smartcrypt agents monitor all file activity on protected devices. Depending on the organization's policies, Smartcrypt can encrypt all files on a device, or use data discovery and classification to determine which files should be encrypted. Whether encrypted files are saved on a computer’s hard drive, stored on removable media, or backed up on a cloud service, the files can only be accessed by authorized users.
If the organization's policies call for actions other than encryption, the Smartcrypt agent will apply the appropriate form of protection or remediation.
Find, classify, and protect sensitive information
When Smartcrypt is integrated with Boldon James Classifier, organizations can add data classification to their security policies, while maintaining a streamlined, intuitive user experience.
Smartcrypt can be configured to search for Boldon James Classifier-tagged files on laptops and desktops, and to encrypt tagged files according to the organization's policies. Smartcrypt can also detect untagged sensitive information and initiate classification via Classifier. Administrators define the types of sensitive data they want to find, as well as the locations they want to search for it.