|Developers:||DeviceLock (before Smart Line)|
|Last Release Date:||2018/10/09|
|Technology:||Cybersecurity - Information loss preventions|
DeviceLock DLP has the most full range of opportunities of control of local ports and peripheral devices - removable drives, printers, USB ports and also provides control of data in the virtual and redirected devices, a system clipboard of Windows, network applications and protocols used on controlled computers.
DeviceLock DLP Suite allows to prevent accidental or deliberate information leaks: the controlled working environment including both corporate computers and networks, and own mobile devices of users is created. DeviceLock DLP provides data protection from unauthorized copying, transfer via e-mail and messengers, unauthorized access through Wi-Fi and Bluetooth and also allows to detect the data stored in workplaces with violation of corporate security policy.
Using DeviceLock DLP of the company can keep the permanent analysis and control of use of transmission channels, preserving and printings of the users given in the course of work. Onto work with data it is controlled on a broad spectrum of parameters: formats, types of interfaces and devices, network protocols, directions of transfer, time of day, etc. Depending on properties of this or that user group possibilities of copying or use of removable mediums, and for those who enter into risk group can be differently limited, deeper level of control based on the analysis of content (contents of documents, correspondence and other data) is set. The texts directed to printing using DeviceLock DLP can be controlled even if they were not saved in the file system. Also the contents of the files transferred via messengers, and content of the correspondence are analyzed. The unique resident module of optical character recognition helps to prevent information leaks through use of images (for example, scans or pictures of documents).
Sales growth in the Arab market for 25%
On February 11, 2019 it became known that sales the Russian the systems of prevention date leaks (Data Leak Prevention) DeviceLock DLP in United Arab Emirates Saudi Arabia, Bahrain and other countries of Arabian Peninsula in 2018 grew by 25% relatively 2017. Implementations were performed at state institutes, banks and the large companies, and the Sultanate of Oman became the leader in a total quantity of implementations.
As it was reported, among selected the products DeviceLock: the largest developer of Dubai - Emaar and also Royal office, the Ministry of Defence, Secret service and Police of the Sultanate of Oman (Sultanate of Oman Royal Office, Sultanate of Oman Ministry of Defence, Sultanate of Oman Internal Security Service), International bank of Kuwait (Kuwait International Bank), Head department of military works of the Ministry of Defence of Saudi Arabia (General Directorate of Military Works) and others.
| ||With the translation of data in a digital format there are risks of leaks which are well realized by heads of the companies and government institutions. At the same time owing to specifics of management in the Arab states, punishment for leak can be very much and very tough therefore do not save on the systems of protection. DeviceLock DLP choice, in turn, was caused by our experience in this market, wide functionality of a system, a possibility of a full-fledged work with Arabic, including, at image understanding and also existence of the local support performed by the local certified partner of DeviceLoc.|
Ashot Oganesyan, founder and technical directors of DeviceLock
Possibility of control of date leaks via Skype
The updating of Skype which came out at the end of August, 2018 including an option of creation of the "private conversations" protected by enciphering, more than for a month output this messenger from under control of the majority of DLP systems. Application of the Signal protocol drafted by Open Whisper Systems non-profit organization made impossible all standard methods of interception of messages, including the substitution of certificates known as man-in-the-middle attack.
DeviceLock solved this problem, using a combination of network control and the local agents controlling processes and the file system of client devices. At the same time in DeviceLock DLP not only recording, but also the full control of "private conversations" including check of a chat and the transferred files on the prohibited contents before their sending and immediate blocking of transfer of confidential information in case of its detection is implemented.
| ||Aiming to provide privacy of private users, producers of messengers create gaps in corporate systems of protection. For the company, the protected messenger which suddenly received in each workplace, is only two exits: it is simple to prohibit its use or to apply a DLP system. The last option is optimal not only by opportunities, but also from the legal and ethical parties and also does not destroy the processes which developed in the company.|
Ashot Oganesyan, founder and technical director of DeviceLock DLP
According to the statistics DeviceLock DLP, in 2018 more than 50% of leaks of corporate data occurred because of insiders. Personal data of clients which then are used by competitors were most often abducted or spam mailings, on the second place subjects of copyright (texts, a program code, images and video), on the third – finance documents get on the markets. In Russia which is the least protected there is services industry where data loss has universal character as most the companies working in this segment treat small business and has neither the budget, nor competences for protection of the information. Also the financial institutions and telecom operators working with large volumes of sensitive data are endangered.
Integration with Rutoken of the EDS of Flash and Rutoken Disk
On July 3, 2018 the companies "Asset" and "Smart Line Ink" announced technology integration of own developments for increase in efficiency in solving of tasks of prevention of leaks of corporate information: software package DeviceLock DLP, Rutoken of the EDS of 2.0 Flash and Rutoken Disk. In more detail here.
DeviceLock DLP Suite 8.3
The DeviceLock company noted the most significant functionality of DeviceLock DLP 8.3 which includes:
- Technology of detecting of contents – Digital fingerprints ("Document Fingerprints"), used for inspection of the data transmitted via controlled devices and network protocols. This technology is based on comparison of short alphanumeric hashes of the inspected documents and files which are also called by digital fingerprints or fingerprinta with the hashes stored in a collection (database) of digital fingerprints. It allows to identify unambiguously contents of documents or files for the solution of different problems of data security provision.
- Improvement of function of control of the network protocol SMB. The most significant changes include control of the entering files at the level of permissions for the protocol, a possibility of control of outgoing files on contents at the level of content and dependent rules for permissions.
- Support of tags of the qualifier of Boldon James in compound documents and also the documents MS Office of modern formats and the PDF files as expansion of the content Document Properties groups for content and dependent rules.
- An opportunity to set the user properties of documents in the content Document Properties groups and their values for search of the set parameters in the corresponding user properties of compound documents and also the documents MS Office of modern formats and the PDF files.
- The optimized control messenger Skype for versions of Skype 8.x and Skype 12.x.
Inclusion in the Unified register of the Russian software
The Smart Line Ink company announced on August 17 inclusion of data on the software package DeviceLock DLP in the unified register of the Russian programs for electronic computers and databases in a class of means of ensuring of information security. Such decision was made by Expert advice according to the Russian software at the Ministry of Telecom and Mass Communications of the Russian Federation on August 14, 2017 and approved as order No. 421 of the Minister of Telecom and Mass Communications of August 16.
The decision of Expert advice is confirmed by compliance of the software package DeviceLock DLP to requirements imposed on participants of the register of software and the specified software class. Inclusion in the Register confirms the Russian origin of products of Smart Line Ink that allows the state customers to purchase the solutions DeviceLock DLP within purchases on the import substitution program.
| ||More than a year we expected the decision on inclusion of the DeviceLock DLP complex in the unified register of the Russian computer programs and a DB, having faced bureaucratic obstacles and unfair influence of competitors at the level of expert advice of the Ministry of Telecom and Mass Communications — Ashot Oganesyan, the founder and the technical director of DeviceLock reported. — More than 20 years we conducted development of DeviceLock DLP in Russia, having brought a product to the level of the international standard de facto in the field of control facilities of peripheral devices, and sold the solution worldwide, facing at the same time considerable difficulties in a number of the countries just owing to the Russian origin. In Russia the DeviceLock DLP complex was repeatedly certified by FSTEC. Owing to wide circulation of DeviceLock in Russia, including among the organizations of public sector, and requirements for ensuring import substitution, expressed for our clients in need of presence of DeviceLock DLP for the register of the Russian software, we persistently continued process, trying to obtain recognition obvious, and here at last DeviceLock is included in the Register. We calculate that confirmation of the Russian origin of DeviceLock DLP will allow to strengthen DeviceLock positions on the Russian information security market and also will lead to healthy competition and quality improvement of the Russian solutions positioning itself in the class DLP.|| |
Integration with Microolap EtherSensor
The companies Smart Line Ink Mikroolap Teknolodzhis announced also on August 4 implementation of transparent technology integration of own solutions for optimization of solving of tasks on prevention of leaks of corporate information and also increase in flexibility and width of opportunities DLP- technologies at identification investigation of incidents. As result, the first full-fledged hybrid DLP system allowing to integrate different technologies of control of data transmission channels in a whole was created.
As a result of integration of the DeviceLock DLP DLP complex and a software platform of interception and the analysis of network traffic of Microolap EtherSensor into the uniform hybrid DLP system of the organization have an opportunity of simultaneous use of opportunities of two adjacent solutions with partially crossed functionality for ensuring DLP control of corporate information in different scenarios. Product management is exercised independently of each other, but at the same time the single database of event recording and shadow copying is maintained that allows to make identification and incident analysis of information security for the broadest spectrum of potential channels of date leak – from ports and devices before modern web services, on a centralized basis within one solution.
In more detail about an event it is possible to read here.
DeviceLock DLP became a source of events for RuSIEM
On July 17, 2017 the companies Smart Line also RuSIEM announced technology integration of own products for increase in efficiency at prevention of leaks of corporate information and incident analysis.
DeviceLock DLP sends to SIEM systems operational information in real time under the SNMP and SYSLOG protocols, can duplicate records of magazines of event recording. Disturbing notifications can be created and be sent to SIEM systems as a result of the permitted and prohibited attempts of data transmission on different channels of network communications, data recording to removable drives, printing of documents to local and network printers, data transmission in terminal sessions through a clipboard, etc.
The DeviceLock DLP settings help to configure the mode of disturbing notifications for transfer of operational information in SIEM in real time at identification by means of the content analysis in the transferred files and documents, chats and e-mail of information of limited access. Besides, SIEM systems can obtain information on events directly from the DeviceLock DLP magazines.
For integration of DeviceLock DLP and RuSIEM the method of transfer of events from agents of DeviceLock DLP is selected from RuSIEM through the SYSLOG protocol.
| ||Recently we note keen interest of customers and system integrators in integration of DeviceLock DLP into solutions of the class SIEM. As a result of integration of our DLP solution with RuSIEM mature technologies of the analysis in a uniform panel of a SIEM event system will become available to customers to a comprehensive range of the data transmission channels controlled by DeviceLock DLP.|
Ashot Oganesyan, technical director of DeviceLock
| ||The complex analysis of the events intercepted and transferred to DeviceLock DLP to RuSIEM will allow to detect and fix really important incidents in real time, to perform quick context search on the network services and various devices used by users, to analyze a circle of contacts and the movement of critical data in combination with the analysis of other events of information security that certainly should increase efficiency and performance of work of Information Security Services.|
Olesya Shelestova, CEO of RuSIEM
DeviceLock DLP 8.2
On April 28, 2017 the Smart Line Ink company announced release of version 8.2 of the software package DeviceLock DLP.
Together with optimization the product had a number of opportunities and functions. In particular, the version contains the processed parser of network traffic, possibilities of control of a virtual environment, e-mail and services of instant messages are upgraded, the report is created — an interactive bond graph.
In DeviceLock DLP 8.2 the DeviceLock Virtual DLP technology improving variability of scenarios of control of virtual environments when using ContentLock for inspection and filtering of contents in RDP/ICA/RDS/VDI sessions is optimized. In particular, the feature for the content analysis of the files transferred on the connected disks (Mapped Drives) is added.
Possibilities of control of e-mail and messengers are also expanded: the feature to use as parameters of content and dependent rules identifiers of senders and receivers in messengers, just as the addresses of senders and receivers of e-mail for protocols SMTP, MAPI, IBM Notes and webmail services is added. This functional feature allows to set the permitted receivers and senders, without allowing at the same time data transmission from or to not authorized contacts, noted in Smart Line Ink.
The report on data of DeviceLock Enterprise Server is added: Relations Chart (bond graph). The report allows to visualize and browse communications between users in the organization and with external users, detected according to network protocols and services:
- * Jabber,
- * Skype,
- * Yahoo Messenger,
- post office protocols
- * IBM Notes,
In DeviceLock Enterprise Server the managing role in the DeviceLock DLP complex — an opportunity using not licensed component to execute installation of agents and management of politicians of DeviceLock DLP in a local network is organized.
| ||Date leaks continue to remain serious threat for the organizations in 2017, and DeviceLock DLP is still one of the functional and corresponding to relevant types risks of date leak thanks to release of version 8.2. DeviceLock DLP 8.2 are the culmination in the 20-year history of continuous development and optimization of our software package.|
Ashot Oganesyan, founder and technical director of DeviceLock
Certificate of conformity of the State system of technical regulation of Kazakhstan
The software package DeviceLock 8 DLP Suite including the DeviceLock, NetworkLock, ContentLock and DeviceLock Search Server (DLSS) components received the certificate of conformity of the State system of technical regulation of the Republic of Kazakhstan No. KZ.7500818.05.01.00080 of November 24, 2014 at the beginning of 2015.
The certificate certifies what is certified by software of DeviceLock 8 DLP Suite on compliance to the security requirements (quality) set in CT PK of GOST P ISO/IEC 15408-3-2006 and can be used for confidential information protection in automated systems with providing the first trust level of information security.
DeviceLock Endpoint DLP Suite 8.0
The Smart Line Ink company announced in January, 2014 release of the first beta of the software DLP package DeviceLock Endpoint Suite 8 intended for prevention of insider date leaks and the beginning of open beta testing. Most significantly the functionality of a product is expanded the new DeviceLock Discovery Server component. DeviceLock Discovery Server is separately licensed server component as a part of DeviceLock Content Security Server intended for scanning of computers of users and storage systems, placed as inside, and out of corporate network, for the purpose of identification of violations of security policies. DeviceLock Discovery Server detects the files and data stored at workstations and servers which are considered as confidential, identifying different content types according to the rules predetermined by the administrator. Besides, control of services of web mail based on Microsoft Outlook Web Access (OWA) is added to number of opportunities of a DLP system.
- NetworkLock: Control of services of web mail based on Microsoft Outlook Web Access (OWA) is added. Using the OWA Servers parameter in the Service Options settings, it is possible to set transfer of the address (URL) of certain servers which will be considered by NetworkLock subsystem as OWA servers.
- NetworkLock: in rules of the White list of network protocols (Protocols White List) the Log Event and Send Alert parameters are available to all supported network protocols and services now.
- NetworkLock: Overall performance of a system when processing HTTPS connections using a mask in rules of the White list of network protocols for SSL is improved.
- NetworkLock: Control of network service of file exchange and synchronization of Dropbox is improved.
- DeviceLock: The new DeviceLock Discovery Server component is added. DeviceLock Discovery Server is separately licensed server component as a part of DeviceLock Content Security Server intended for scanning of computers of the users and storage systems placed as inside, and out of corporate network, for the purpose of identification of violations of security policies. DeviceLock Discovery Server detects the files and data stored at workstations and servers which are considered as confidential, identifying different content types according to the rules predetermined by the administrator.
- DeviceLock: The flags of "Log Event" and "Send Alert" set in rules of the White list of network protocols and in content and dependent rules, have a priority above in comparison with the similar flags set in settings of audit and disturbing notifications at the level of network protocols and devices now.
- DeviceLock: New feature: the option "Shadow Data Access" added to settings of the list of Administrators of DeviceLock allows to limit data access of shadow copying only to users for whom this option is included. The new option is applicable to DeviceLock Service, DeviceLock Enterprise Server and DeviceLock Service for Mac.
- DeviceLock: The new type of disturbing notifications of administrative character is added: "Notify if Service is uninstalled", working on an event of removal of the agent of DeviceLock.
- DeviceLock: New reports on data of magazines of audit and shadow copying are added: "Top printed documents", "Top active processes' and 'Top copied files by extension'.
- DeviceLock: The new parameter 'Report TS Devices as regular devices' allowing to consider the redirected TS Devices devices as normal physical devices at report generation is added.
- DeviceLock: The improvements in the Service Settings Editor and Group Policy Editor console allowing the administrator to switch between editing modes the politician for Mac and Windows by means of the corresponding elements in context menus of the DeviceLock Settings node are entered.
- DeviceLock: Improvements of the general character are entered to functionality of control, audit and shadow copying of types of Clipboard, Printer and MTP devices for prevention of the potential conflicts in the localized (not English) versions of Windows.
- DeviceLock: The agent of DeviceLock Service for Mac completely supports now parameter 'Log policy changes and Start/Stop events' set in the Service Options settings.
DeviceLock 8.0.56551 RC1
On June 6, 2014 the Smart Line Ink company, the world leader in the development area of means of protecting from date leaks from computers, announced release by the first candidate release of the version of the software package DeviceLock DLP Suite 8 and the beginning of open beta testing.
List of amendments and additions:
- NetworkLock: Control of network services of file exchange and synchronization of OneDrive, Google Drive, Dropbox and Amazon S3 is improved.
- NetworkLock: Control of webmail services of Outlook Web Access (OWA), Hotmail, Gmail, GMX.de and web.de is improved.
- NetworkLock: Cosmetic changes in recording of webmail services and network services of file exchange and synchronization for an exception of not informative entries in magazines of audit are made.
- NetworkLock: Support of network service of file exchange Narod.ru owing to closing of this service is turned off.
- NetworkLock: Set of improvements of the general character in control of the MAPI protocol and Skype service.
- NetworkLock: Functions of recording and shadow copying of the FTP protocol are improved.
- ContentLock: Function of indexing of metadata in the Adobe Photoshop files is added.
- ContentLock: Support of files and documents of the XLS, DOC, XLSX, DOCX, PPTX, RTF, EML, RAR, MBOX, DBX and PST formats in content and dependent rules is improved.
- ContentLock: The error of version 8.0 Beta 2 resulting in impossibility of implementation of the OCR analysis in the Windows 2000 operating system is eliminated.
- DeviceLock: The options "Show policy for Mac" and "Show policy for Windows" are added to Service Settings Editor and Group Policy Editor consoles. Using these options, the administrator can hide parameters of policy DeviceLock which are not supported on the Mac or Windows platforms for which the policy task is performed at present.
- DeviceLock: Flags of "Remove ContentLock Policy" and "Remove NetworkLock Policy" are added to the Service Settings Editor console. Using these flags, the administrator can create files the politician (.dls) which completely delete all parameters relating to the ContentLock or NetworkLock components which were transferred by any method on agents of DeviceLock.
- DeviceLock: New feature: Log Only. This function allows DeviceLock and Windows to continue work in the normal mode even if intervention in the code of the DeviceLock driver at the included option Enable Unhook Protection is revealed. In that case instead of generation of an event of a fatal error only logging of audit about intervention identification will be made.
- DeviceLock: Performance of printing of files in the PDF format in cases when shadow copying for Printer devices is included is significantly increased.
- DeviceLock: The new report type according to magazines of audit is added: "Top printed documents".
- DeviceLock: The memory leak in the procedure of interception of the channel of printing shown in certain cases on terminal servers is eliminated.
- DeviceLock: The problem causing unavailability of the disks redirected to the terminal session of RDP when content and dependent rules for TS Devices devices are set is fixed.
- DeviceLock: Seldom shown problem resulting in impossibility of "safe extraction" of removable USB drives when content and dependent rules complete check of the contents written on the device is fixed.
- DeviceLock: Seldom shown problem of version 8.0 of Beta2 leading to display of an error in the DeviceLock Management Console console in attempt to browse magazines of the server at a high load is fixed.
- DeviceLock: The problem resulting in impossibility to browse a source object of group policy in the RSoP interface for some parameters of the agent of DeviceLock (Service Options) is fixed.
- DeviceLock: The problem resulting in impossibility to create the report on data of shadow copying of "Copied files per channel" is fixed if the total amount of shadow copies for the selected interval exceeded 4 GB.
- DeviceLock: Seldom shown problem in the DeviceLock Enterprise Manager console causing an error "The network path was not found is fixed. (53)" when scanning the remote computer a plug-in of "Report PnP Devices".
- DeviceLock: The problem causing incorrect functioning of the Report Protocols setup in a plug-in of Report Permissions/Auditing of the DeviceLock Enterprise Manager console is fixed.
- DeviceLock: The problem resulting in impossibility of remote connection to DeviceLock Agent for Mac is fixed if on the Mac computer the service "Open Directory" was started.
- DeviceLock Search Server: Support of synonymic search of the text is improved. Support of Russian is added and also the dictionary of English is updated.
- DeviceLock Search Server: The problem resulting in lack of an output of a name of the sender in parameters of documents for shadow copies of the files transferred in messages of webmail services on the page of search is fixed.
- DeviceLock Search Server: The error leading to unforeseen completion of work of DeviceLock Search Server at indexation of some specific files is eliminated.
- Discovery: New action for elimination of violations of "Encrypt" is added (to Cipher). Discovery Agent at operation of content and dependent rules will consistently cipher files, using possibilities of Encrypted File System.
- Discovery: The browser of the Discovery Log magazine is added. This magazine contains the different events specific to Discovery Server – such as events of a start/stop, updating of the database, event of generation of the report on a task, etc.
- Discovery: DeviceLock Discovery Agent independently adds now itself to the list of exceptions Windows Firewall.
- Discovery: Speed of accomplishment of a problem of reports generation is considerably increased.
- Discovery: The problem of version 8.0 Beta 2 resulting in impossibility of automatic end of problems of scanning in the mode without use of the agent is fixed if the remote computer is unavailable or incorrect credentials are used.
- Discovery: The problem of version 8.0 Beta 2 connected with display of incorrect values "Scanned Objects" when viewing the list of the scanned computers in cases when during the course of performance tasks were scanned file containers is fixed.
- Discovery: Seldom shown error of version 8.0 of Beta2 leading to an unforeseen stop of problems of scanning is eliminated.
- DeviceLock: The set of improvements is entered to the interface of the DeviceLock Management Console console.
- DeviceLock: The updated interface of the DeviceLock WebConsole console contains all recent changes made to the DeviceLock Management Console console now.
- DeviceLock: Compatibility issues of the general character with the software of the third parties are fixed: VMware Workstation, Kaspersky Endpoint Security 10, McAfee VirusScan Enterprise and the different products McAfee using the mfetdik.sys driver.
DeviceLock 7.2 Endpoint DLP Suite 7.2
The Smart Line Ink company announced on May 27, 2013 release of product update of DeviceLock 7.2 Endpoint DLP Suite – the software package intended for prevention of insider date leaks from the user computers and servers of corporate information systems.
The new version of the DeviceLock 7.2.48899 software product includes a considerable set of improvements and corrections in comparison with the previous version 7.2.46662.
This version of DeviceLock is much more convenient for Russian-speaking users – the program is completely Russified. In comparison with the previous English-language version 7.2.46662 the feature to block the TeamViewer and RDP connections is added, the content groups are expanded and new are added. The set of internal improvements in the agent and the DeviceLock server is entered, a number of errors is eliminated and possibilities of the module NetworkLock are improved.
The Smart Line Ink company reported at the beginning of 2013 that the software package DeviceLock Endpoint DLP Suite of version 7.2 underwent certification and can use the Windows 8 logo. After official release of version 7.2 the DeviceLock complex can be installed on any computers and notebooks running Windows 8 OS for protection against insider date leaks. 'That many companies consider a question of deployment of Windows 8 OS in the IT infrastructure we considered necessary to make sure that DeviceLock continues to remain the effective DLP tool and in the new operating system', - Oganesyan Ashot, the technical director of DeviceLock noted.
Also software package DeviceLock Endpoint DLP Suite successfully passed all necessary tests according to the tests developed by VMware and can be used for integration with VMware View virtualization environment. Such environment includes the safe hosting for the BYOD model (use of personal devices in the working purposes) providing providing remote access to the corporate applications and these employees using the different mobile devices connected through the VMware View's Mobile Secure Desktop application. DeviceLock provides control of the data transferred between the annexes published on the server of virtualization and redirected on remote working computers by devices including printers, USB drives, a clipboard data and network protocols.
Thanks to DeviceLock 7.2 Information Security Services have an opportunity of timely rapid response to date leak incidents thanks to disturbing notifications under the SMTP or SNMP protocols when critical events take place in relation to peripheral devices, interfaces and network protocols. This functionality provides to users of DeviceLock high flexibility of control of users thanks to simple use of the opportunities of the disturbing notification which are built in DeviceLock or transparent integration into already existing SIEM infrastructure and management of logs.
DeviceLock 7.2 allows to provide control of data transmission in such popular and unsafe network services as Skype™ instant messaging service, social network Facebook, network file exchange services, and without the need for total blocking of these services, but with a possibility of selective volume of use according to requirements of business communications and business processes of the companies. Besides, DeviceLock 7.2 Endpoint DLP Suite offers services cybersecurity unprecedented opportunities of prevention of date leak when using the post office protocol MAPI, providing granular contextual control in combination with methods of content filtering for mail communications via Microsoft Exchange both for e-mails, and for investments – directly at workstations. Implementation of control of the MAPI protocol turns DeviceLock into a strategic component of information security of the enterprises which are using or going to use cloud solutions based on Exchange when the mail server is controlled by the third party and cannot block inadmissible e-mails if it is necessary owing to requirements of business or regulators.
DeviceLock Endpoint DLP Suite 7.3
On September 25, 2013 the Smart Line Ink company announced release of the new version of the software package DeviceLock Endpoint DLP Suite 7.3.
The new version gives ample opportunities of control of devices at workstations running the OS X Lion and OS X Mountain Lion Apple operating systems that allows Information Security Services of the organizations of any scale to unify DLP politicians both for Windows computers, and for Mac-computers by the easiest and convenient way – from the DeviceLock equipment in the editor group the politician of Group Policy Management Console for Microsoft Active Directory.
New in a complex
On November 18, 2013 the Smart Line Ink company announced considerable expansion of opportunities of the software package DeviceLock Endpoint DLP Suite in solving of tasks of data loss prevention.
Control new products
In the new version of a complex control of synchronization of data between workstations and smartphones and other mobile devices connected to them under the popular Media Transfer Protocol (MTP) protocol works.
The new feature helps users of DeviceLock to control, block, register, receive shadow copies and disturbing notifications about the facts of not authorized data transmission from corporate computers on USB the mobile devices connected via the interface running operating systems Android and Windows Phone, owing to the fact that the MTP protocol is the standard of file exchange via the USB interface. Attempts of transfer and shadow copies of the transferred data are fixed, and the disturbing notifications transferred in real time can be sent to a security administrator to corporate SIEM- a system under standard protocols SMTP and SNMP.
"Uncontrollable synchronization of data on the MTP protocol between corporate computers and the connected locally personal Android- and Windows Phone- devices of employees was noted until recently by our clients as a substantial risk of date leak, - tells Ashot Oganesyan, the founder and the technical director of DeviceLock. - Adding a feature for monitoring and control of MTP communications at the protected workstations in addition to already implemented control of protocols iTunes, ActiveSync, WDMC and HotSync, we considerably increased the level of counteraction to date leaks in a software package DeviceLock DLP that shows the aspiration of our command to create the best DLP solution for the organizations of any size and a profile".
In the new version of a product the area of the platforms controlled by the agent of DeviceLock thanks to support Apple of OS X operating system 10.9 Mavericks is expanded. Now the users of DeviceLock using Mac computers can safely update the operating system on the latest solution from Apple without risk of date leak from uncontrollable local ports and peripheral devices. The agent of DeviceLock for Mac computers provides the necessary level of control of devices with the easiest, universal and scalable way – through group politicians of the domain Microsoft Active Directory.
Certification of FSTEC of Russia
The software package DeviceLock 7.1 Endpoint DLP Suite including the DeviceLock, NetworkLock, ContentLock and DeviceLock Search Server (DLSS) components received the certificate of conformity of FSTEC of Russia No. 2611 of 4/5/2011 at the beginning of 2012. This certificate certifies that the software package DeviceLock 7.1 is certified on compliance to requirements of the following regulating documents of FSTEC (State Technical Commission) of Russia: "Information technology security. Criteria for evaluation of information technology security" – on OUD2 and "Protection against unauthorized access to information. Part 1. Information security software. Classification by the level of absence control of not declared opportunities" – on the 4th level of control.
DeviceLock 7.1 Endpoint DLP Suite represents the software package of the class DLP functioning running operating systems of the Windows family and intended for protection and administration of local and networked PCs by prevention of uncontrollable actions of users at information exchange through computer ports, devices with removable media, network protocols and messaging applications.
The certified version of DeviceLock 7.1 Endpoint DLP Suite can be used for confidential information protection in automated systems to a class of security 1G inclusive and personal data in information systems to the 1st class inclusive.
Certificate of Citrix Ready
Smart Line Ink company reported in the fall of 2012 that the software package DeviceLock Endpoint DLP Suite successfully passed all necessary tests according to the tests developed by Citrix and it can be used for integration with the Citrix XenApp environment. Such environment includes the safe hosting for the BYOD model (use of personal devices in the working purposes) providing providing remote access to the corporate applications and these employees using the different mobile devices connected through mobile application of Citrix Receiver. DeviceLock provides control of the data transferred between the annexes published on the server of virtualization and redirected on remote working computers by devices including printers, USB drives, a clipboard data and network protocols.
DeviceLock Endpoint DLP Suite 7.1
The software package DeviceLock 7.2 Endpoint DLP Suite provides comprehensive control of communications via Skype from corporate computers. DeviceLock allows to permit or block selectively chats and file transfer in Skype, to permit or prohibit voice and video a talk between users of Skype, based on conversation participants identifiers. Contents of the data transmitted via Skype are analyzed in real time, at violation identification the politician transfer of an outgoing instant message or the file will be blocked, and to the administrator of DeviceLock the disturbing message (alert) by e-mail or SNMP will be sent. Shadow copies of the transferred and received messages and files are stored in the centralized database for the subsequent criminalistic analysis.
DeviceLock Endpoint DLP Suite 7.2
The DeviceLock 7.2 complex gives the amplest opportunities of content filtering and data loss prevention from corporate computers – whether it be notebooks, workstations, servers and even virtual working environments. The DeviceLock Endpoint DLP Suite complex includes three program components - DeviceLock, NetworkLock and ContentLock, - which jointly provide protection against date leaks of the organizations of any size for the broadest spectrum of threats. Such vectors of threats as concern them:
- Transfer of corporate data through connected to working computers smartphones iPhone Android, BlackBerry and others, iPod players and tablets iPad, digital cameras, ROM CD/DVD carriers, disks with the interface USB, carriers SD, Compact Flash and other types of removable drives;
- Transfer of corporate data to cloud storages (File Sharing Services), such, as Dropbox Google Drive SkyDrive RapidShare, Yandex.Disk and iFolder.ru
- Leak of corporate information from workstations through social networks, Skype and other messengers, webmail services, e-mail and the channel of printing of documents;
- Date leak from workstations according to the network protocols FTP/FTPS, HTTP/HTTPS and others.
DeviceLock Endpoint DLP Suite 7.0
The Smart Line Ink company, the developer of means of protecting from date leaks from computers, announced in March, 2011 the beginning of sales of the version of the product DeviceLock 7.0 Endpoint DLP Suite – the software package intended for prevention of insider date leaks from the user computers and servers of corporate information systems.
In addition to access control mechanisms to the peripheral devices and local interfaces implemented in the basic module – DeviceLock 7.0, a complex is complemented with two essentially new functional parts: NetworkLock and ContentLock. NetworkLock allows to control communications of users via popular network applications, including electronic and web mail, messengers and also social networks Twitter Facebook, LiveJournal, MySpace, etc. In turn, ContentLock provides content filtering of data at their copying on removable mediums and by transfer on network input-output channels. Modular functionality in combination with optional licensing of modules allow to offer Smart Line to the Russian organizations optimal on a ratio "the price – quality" the solution for protection against date leaks from computers of corporate information systems, says the company.
According to developers, effective technologies of parsing and the content analysis of ContentLock provide extraction and filtering of text contents of more than 80 file formats and other data types at their copying on removable mediums and also transfer on other input-output channels of computers. The module NetworkLock using methods of the deep package analysis allows to detect and control network protocols and messaging applications irrespective of the ports used by them, to reconstruct messages and sessions with selection of transmitted data and files for their operational analysis, performs the centralized shadow copying and also event recording.
Besides, in DeviceLock 7.0 Endpoint DLP Suite integration with Microsoft Windows 7 the means enciphering of data which is built in OS at the removable mediums BitLocker To Go is implemented. As a result users have an opportunity without additional costs to apply regular means of Windows 7 to data protection at their storage on removable devices of memory, access to which is controlled by DeviceLock.
Use of technologies of content filtering of DeviceLock to function of shadow copying of data essentially increases its efficiency and scalability for all input-output channels, including removable mediums and plug-n-play of the device of memory, network communications, synchronization of data with locally connected smartphones, data exchange through a clipboard and also the channel of printing of documents, noted in Smart Line Ink. Users of DeviceLock 7.0 can set rules of filtering of contents of the data copied in "shadow", thus saving only those their parts which it is information in magazines of registration are significant for problems of an information security audit, investigations of emergency situations and their criminalistic analysis. At the same time on orders requirements to the capacity of storages of shadow copies and capacity of communication channels decrease by their transfer to the central base of logs DeviceLock, underlined in the company.
According to Smart Line Ink, ensuring high scalability of the solution, flexibility of its management, simplicity of installation and operation were the fundamental principles of development of DeviceLock 7.0. Configuring the politician of content filtering and control of network communications of computers is made from the Windows graphical interface of the MMC console. When using the DeviceLock Group Policy Manager console, a specialized MMC plug-in for Windows Group Policy Object Editor, all functions on installation, management and maintenance of executive agents of DeviceLock are performed on a centralized basis through group politicians of Windows in the domain Active Directory.
Components of the DeviceLock 7.0 Endpoint DLP Suite complex are licensed by the functional modularity principle. The basic module of access control to peripheral devices and interfaces of DeviceLock 7.0 computers can independently be used. Optionally the licensed ContentLock and NetworkLock components can be purchased in addition to DeviceLock 7.0, but independently of each other that will provide to users gradual and economical expansion of functionality of their DLP solutions according to real requirements. As the install packet of DeviceLock 7.0 includes all components of a complex, activation of optional licenses will not demand reinstallation of its any parts, noted in Smart Line Ink.
DeviceLock Endpoint DLP Suite 7.1
In September, 2011 the Smart Line Ink company announced release of the new version of the product DeviceLock 7.1 Endpoint DLP Suite – the software package intended for prevention of insider date leaks from the user computers and servers of corporate information systems.
What new is in DeviceLock 7.1.33781 in comparison with version 7.1.32972:
- NetworkLock: Support of a webmail service of Rambler-Pochta is added
- NetworkLock: Support of webmail services of Gmail, Yahoo! of Mail, Mail.ru, Gmx.de and Web.de is improved
- NetworkLock: Support of social networks VKontakte, Odnoklassniki, MySpace, XING, Twitter, Facebook and StudiVZ is improved
- NetworkLock: Support of the Opera browser is improved. The warning message during connection to HTTPS resources is not displayed any more
- NetworkLock: Support of a proxy of SOCKS4 and SOCKS5 for normal and SSL connections is added
- NetworkLock: Support of FTP/FTPS of the connections set through a HTTP proxy is improved
- NetworkLock: Support for instant messaging services the Agent of Mail.ru and QIP of 2012 is improved
- NetworkLock: File transfer under the HTTPS protocol is improved
- NetworkLock: Shadow copying given for files more than 500 MB in size is improved
- ContentLock: New content groups are added: 'Cellular Operator Call Log' and 'Internet Slang Abbreviations'
- ContentLock: The content group 'Financial Statements' is expanded
- ContentLock: Now at application of content and dependent rules to the PDF files containing investments, all investments are taken from the PDF file and analyzed as independent files
- ContentLock: The mechanism of the content analysis for the documents MS Word and MS Excel is improved. Now from the document the Content status, Content type, Company and Manager fields are taken and analyzed
- ContentLock: Memory leak in the agent of DeviceLock when processing content and dependent rules for the PDF files is eliminated
- ContentLock: The error leading to abnormal termination of work of DeviceLock service at application of content and dependent rules for some documents MS of Visio is eliminated
- ContentLock: The error resulting in impossibility of processing of the resolving content and dependent rules for the SMTP protocol is eliminated
- DeviceLock: Integration with means of disk encryption of Sophos Safeguard Easy is added. DeviceLock defines the disks (an USB flash and other removable media) ciphered by Sophos Safeguard Easy and applies special "politicians of enciphering" to them. Using such politicians, it is possible to permit, for example, record only of the ciphered data on removable devices and to prohibit record of not ciphered data
- DeviceLock: The 'pdfFactory Pro' printer is added to the list of the supported virtual printers
- DeviceLock: The error in DeviceLock Enterprise Manager resulting in impossibility to scan the removed agents of DeviceLock working on computers running Windows Vista/7 is eliminated
- DeviceLock: The error in DeviceLock service resulting in impossibility to index a search server files of shadow copying which were sent by the user to Floppy-disks is eliminated
- DeviceLock: The error in DeviceLock Enterprise Manager resulting in impossibility to open the files which are stored in the magazine of shadow copying, the built-in browser is eliminated
- The set of internal improvements in the agent of DeviceLock is entered
- Set of improvements in the user interface.
Components of the DeviceLock Endpoint DLP Suite complex are licensed by the functional modularity principle. The basic module of access control to peripheral devices and interfaces of DeviceLock computers can independently be used. Optionally the licensed ContentLock and NetworkLock components can be purchased in addition to DeviceLock, but independently of each other that will provide to users gradual and economical expansion of functionality of their DLP solutions according to real requirements. As the install packet of DeviceLock includes all components of a complex, activation of optional licenses will not demand reinstallation of its any parts.
FSTEC certificate of Russia
DeviceLock 7.1 is certified on compliance to requirements of the following regulating documents of FSTEC (State Technical Commission) of Russia: "Information technology security. Criteria for evaluation of information technology security" – on OUD2 and "Protection against unauthorized access to information. Part 1. Information security software. Classification by the level of absence control of not declared opportunities" – on the 4th level of control.
DeviceLock 7.1 represents the software package functioning running operating systems of the Windows family and intended for protection and administration of local and networked PCs by prevention of uncontrollable actions of users at information exchange through computer ports, devices with removable media, network protocols and messaging applications.
The certified version of DeviceLock 7.1 can be used for confidential information protection in automated systems to a class of security 1G inclusive and personal data in information systems to the 1st class inclusive, says AltexSoft.
Program of transition to the DeviceLock Endpoint DLP Suite complex
Having used the program, users of a number of products of access control to peripheral devices and local ports of computers (device/port control) and also protection against date leaks based on content filtering (content-aware endpoint DLP) will be able to switch to technically more perfect and commercially profitable software package DeviceLock 7 on free or preferential terms. According to program conditions, transition is possible with the freshest on time of release of legally used version of the competitive product included in the qualification list, or from any version of the qualified product in the presence at the user of the current contract on its support and maintenance.
"Depending on version control and the status of support of a competitive product participants of the program will be able to obtain the license for the basic module DeviceLock 7 implementing access control mechanisms to peripheral devices and local interfaces of the protected computers including integration with the means of data encryption which is built in Windows 7 OS at removable disks of BitLocker To Go®, at a discount 70%, – Oganesyan Ashot, the founder and the technical director of Smart Line Ink explained. Secondly, at their choice the free license on one of two essentially new functional parts of DeviceLock Endpoint DLP Suite is provided to the qualified participants: module of monitoring and content filtering of ContentLock or module of control of network communications NetworkLock™. At the same time the second component they will be able to purchase also at a discount 70%, as a result having received the full-function DeviceLock 7 complex on exclusively preferential terms. Naturally, the free technical support, including updating of versions, will be provided for all again used DeviceLock Endpoint DLP Suite components for the period of operation of the contract for support of a competitive product from which the organization passed to DeviceLock. At last, it will be possible to pass to DeviceLock 7 at greatly reduced prices also to those at whom the contract for support of a competitive product expired – within a month from the moment of the termination of its action".
The Bakotek group – the sole distributor of DeviceLock in the territory of Ukraine, reported in November, 2011 that the software package DeviceLock 7 DLP Suite received an expert opinion of Public service of special communication and data protection of Ukraine. Thus, DeviceLock became actually the first full-fledged DLP system which passed State examination of GSSSZI in Ukraine, noted in the company.
"The need for solutions on protection against date leak for Public sector constantly grows, especially after entry into force of the law "About Personal Data Protection". At the same time the state organizations cannot use information security tools without the corresponding conclusion of GSSSZI. The expert opinion of DeviceLock for the first time gives the chance to the Ukrainian state organizations to use full the DLP solution for data protection from leak" - Evgeny, the director of Bakotek group commented on an event Dietary supplements.
The conclusion of GSSSZI is a confirmation by experts in the field of communication and data protection, the functionality of the software product declared the producer. The implemented services meet the requirements of the document ND TZI 2.5-004-99 "Criteria for evaluation of security of information in computer systems from unauthorized access" and provide the level of guarantees G-2.
Beta of DeviceLock 7.0
In July, 2010 the Smart Line Ink company announced the beta of the product DeviceLock 7.0 which will provide to the organizations a possibility of control of data transmission with filtering of their contents in all input-output channels of corporate computers, including network communications.
In addition to the access control mechanisms supported in former versions of DeviceLock to peripheral devices and local interfaces in version 7.0 two essentially new functional parts are implemented: ContentLock – the module of monitoring and content filtering and NetworkLock – the module of control of network communications.
As developers note, main advantage of DeviceLock 7.0 consists that it allows to implement full protection against date leaks economically and rationally, step by step increasing functions of the content analysis from their sufficient level to more complex opportunities, at the same time considerably reducing time and labor costs on setup and service of the DLP solution.
Technologies of the content analysis ContentLock provide extraction and filtering of text contents of data at their copying on removable mediums and also transfer on other input-output channels of computers. To functions of the module NetworkLock detecting and control of network protocols and applications irrespective of used by them ports, reconstruction of messages and sessions treat with selection of transmitted data and files for their operational analysis, event recording and shadow copying of data.
Combined use of ContentLock and NetworkLock allows DeviceLock 7.0 to control sessions and to filter information content of the most popular network applications and protocols, including e-mail messages and investments, web access, webmail-services and social networks, instant messaging services (Instant Messaging), file exchange under the FTP and FTP-SSL protocols.
Besides, in the product DeviceLock 7.0 integration with the means of data encryption which is built in Windows 7 OS at the removable mediums BitLocker To Go is provided. Thus, users have an opportunity without additional costs to apply regular means of Windows 7 to reliable data protection at their storage on removable devices of memory, access to which is controlled by DeviceLock. Use of technologies of content filtering of DeviceLock to function of shadow copying of data increases its efficiency and scalability for all input-output channels, including removable mediums, network communications, synchronization of data with mobile devices and also the channel of printing of documents. Users of DeviceLock 7.0 are given an opportunity to set rules of filtering for the data on their contents copied in "shadow", saving in the database of shadow copying only those documents which matter for problems of an information security audit, investigations of emergency situations and their criminalistic analysis.
Says about quality of work of the product DeviceLock that the product received an expert opinion in Republic of Belarus and it is used in GO "Minsk Central Customs". DeviceLock will allow GO "Minsk Central Customs" to organize reliable access control to devices for acceptance, transfer or data processing. Besides, in DeviceLock VTB 24 bank it is installed more than on 5000 computers, and in 2009 the bank prolongs technical support of DeviceLock for the next year. The Smart Line Ink company announces also that the largest mail node of Russia – the Main center of trunk transportations of mail – the FGUP Russian Post branch controls access for employees to external drives and devices using DeviceLock. The product DeviceLock is selected also by Lenta company, one of the largest retail networks from Russia, for ensuring reliable protection against information leaks.