InfoWatch EndPoint Security (EgoSecure)

The solution InfoWatch EgoSecure EndPoint is intended for protection of end devices of the enterprise, provides control and data protection on external devices (including mobile) and different removable mediums. The main feature of this solution is that it allows to approach the organization of protection of corporate data in a complex.

EgoSecure EndPoint is the first solution in a line of InfoWatch which is focused on bulk sales in a segment of small and medium business.

2018: InfoWatch EndPoint Security 13.1

On December 18, 2018 the InfoWatch group (G), the Russian developer of complete solutions in the field of the information security (IS) of the enterprises, announced release of InfoWatch EndPoint Security 13.1 — solutions for monitoring and control of integrity of workstations and information resources of the organizations with the improved encryption algorithms. The product allows to control access for employees to different devices and programs, automatically ciphers data for protection against unauthorized access, including in accordance with GOST, and provides audit of information systems of the organization.

For convenient and fast monitoring of use of IT infrastructure of the enterprises, the product InfoWatch EndPoint Security using the Insight tool creates evident reports which allow to estimate and predict use by employees of workstations, office equipments, different drives of information, network and Internet resources, software applications.

The InfoWatch EndPoint Security software product allows the enterprises to execute a number of basic steps on creation of the systems of protection. The solution books audit of all information systems in the organization, allows to define bottlenecks in IT infrastructure and to reveal wrongful acts of employees, to set rules for tracking of legitimate actions and incidents of information security. At the same time, the security policies configured by service cybersecurity are applied on devices where the agent is set even if the computer is outside the company and has no connection to network. Removable mediums, notebooks, cloud storages are, as a rule, the most vulnerable links of corporate IT infrastructure where employees often store large volumes of confidential information. Such channels often draw attention of malefactors, are subject to foreign access and loss of control over them with the subsequent compromise of data. Therefore without the due level of protection there are risks which can lead to reputation and financial losses. InfoWatch EndPoint Security ciphers files in local directories of notebooks and PC, on external devices, in network folders and in cloud storages and by that provides integrity and confidentiality of data. The data access is possible only to the users set by security policies. Data encryption does not break normal operation of the device and can be made as automatically in the background, and the user or the security officer using a context menu. Sergey Pozdnyakov, head InfoWatch Endpoint Security

The solution InfoWatch EndPoint Security gives an opportunity to differentiate access rights of employees to devices and networked environment, for example, to flash drives, local disks, printers, and to programs, creating black and white lists and also to control transactions with specific types of files. Besides, software product allows to limit downloading of data through browser, access to cloud to storages and document transfer of century messenger Skype.

The version of InfoWatch EndPoint Security 13.1 contains the improved algorithms and methods of data encryption.

Access to the ciphered data depending on requirements and business processes of the organization allows to set up the solution, for example, at individual enciphering the file will be available only to the specific user, and function of enciphering on groups is available to providing access to a certain group of people.

For cryptographic execution of operations in to the operating system a product can use both basic crypto provider Windows, and third-party cryptoprovider who allows to use the standard of enciphering of GOST 28147-89.

The solution can be integrated with DLP- a system InfoWatch Traffic Monitor and to supplement it with data on actions of users. InfoWatch EndPoint Security sends to a DLP system shadow copies of files at their copying on removable mediums. Besides, the product allows to monitor the changes connected with the hardware of a workplace of the employee, for example, replacement hard drives, modules of RAM or graphics adapters.

Integration of InfoWatch EndPoint Security into infrastructure of the organization assumes deployment of a software agent on computers of employees and also installation of the server of management for work of cybersecurity specialists. Installation of the agent of InfoWatch EndPoint Security on the device requires 1 GB of an empty seat on a disk and 512 MB of RAM. The software product is quickly scaled on any number of stations.

2015

InfoWatch EndPoint Security is certified by FSTEC of Russia

The InfoWatch company received at the beginning of 2015 the FSTEC certificate of Russia on the solution InfoWatch EndPoint Security. Announced this CNews in InfoWatch.

Results of certification tests confirmed that the InfoWatch EndPoint Security software product conforms to regulating documents and the regulating software requirements, used for confidential information protection. InfoWatch EndPoint Security is certified on the 4th level of control and specifications of lack of not declared opportunities (NDV) and can be applied in personal data information systems of all levels of security.

According to InfoWatch, the received FSTEC certificate No. 3308 (of December 23, 2014) gives the chance of use of InfoWatch EndPoint Security in the state, financial, industrial and other institutions where in use the certified software products are required.

So, in the state information systems of all classes of security InfoWatch EndPoint Security can be used for security of information of limited access which is not the state secret.

Also InfoWatch EndPoint Security conforms to requirements of data protection for all classes of security of automated control systems for production and technology processes on crucial and potentially dangerous objects and also the objects posing the increased hazard to life and human health and for the surrounding environment.

InfoWatch EndPoint Security 10.1 - Insight Edition

On October 22, 2015 the InfoWatch company announced release of InfoWatch EndPoint Security of version 10.1. She received^[1].

Screenshot of a window of product (2015)

InfoWatch EndPoint Security Insight Edition is the system of permanent monitoring, diagnostics and protection, she helps to create an evident picture of working activity of personnel, to analyze it in terms of information security and personnel risks then directionally to protect the most vulnerable parts of infrastructure and business processes.

With implementation of InfoWatch EndPoint Security Insight Edition business receives the simple tool for investigation of the reasons of event of default from employees, the management and entrepreneurs can control a situation in the company, being outside office. The product provides evident and convenient reports of the module Insight, they create a picture of working activity of personnel.

A system helps to reduce risks of loss and theft of corporate data, for example, of the database of clients which loss leads to real financial loss. The solution ciphers valuable information, monitors actions of employees during operation with confidential data and cloud storages and also controls use of external devices (flash drives, hard drives, etc.). Developers noted, InfoWatch EndPoint Security Insight Edition saves confidential data, customer bases and a trade secret.

InfoWatch EndPoint Security Insight Edition controls use of the purchased programs and business applications. Audit of the started applications will allow to trace which of employees really uses them and on whom the company wastes expensive licenses. The module Green IT will help the system administrator to reduce costs for electricity consumption, having configured optimal profiles of a power supply of workstations depending on activity of employees. Reports on cumulative power saving with a binding to its cost will make a picture visual for the management.

"Practically each InfoWatch EndPoint Security function of the version of Insight Edition is anyway directed to economy of money and decrease in financial risks of the company. The solution allows to make the weighed decisions on cost reduction. We offer "smart approach" to security: at first we determine problems and weak points by the automated tool — the module Insight. Then on the basis of a real picture and reliable data from reports of Insight we offer tools which control and protect the most vulnerable elements of infrastructure and business processes, allowing to save real money" — Tatyana Beley, the marketing director of InfoWatch told.

The product InfoWatch EndPoint Security performs all fixed functions of products of the class EndPoint Security, including control of transactions on peripheral devices and network resources, enciphering removable mediums and directories on the hard drive, centralized operation by mobile devices iOS and Android, control of applications according to black and white lists. In the new version of a product there were additional classes of controlled devices, new types of automatically detected files, performance is increased during the work on the big distributed networks, safety of storage of the ciphered data is increased.

2014: InfoWatch EndPoint Security 5.4

On February 25, 2014 the InfoWatch company released InfoWatch EndPoint Security of version 5.4.

The updated solution ensures safety of workstations in corporate network of the enterprise, controls applications launch and use of external devices by employees, performs audit of actions of users and data filtering by different criteria, implements process of transparent enciphering of information at record on mobile carriers.

Cloud functions

The main innovation of InfoWatch EndPoint Security 5.4 - distribution of all classical functions of a product on cloud storages. The new version of the software solution helps to control all files sent by employees to Dropbox, OneDrive, GoogleDrive, Yandeksdisk, BoxSync and also to regulate these processes, prohibiting or permitting movement of documents on a certain type and a format of data.

Enciphering

There is a possibility of the individual choice of enciphering of information for each specific cloud provider. Encryption keys are stored at the client, not in "cloud". Enciphering is performed at the level of files in the transparent mode imperceptible for employees that nullifies the probability of ignoring or a bypass of a system and also distribution of confidential documents in the unprotected mode outside.

Types of controlled files

In the new version of InfoWatch EndPoint Security the augmented list of controlled types of files — such formats as .mpg, .mov and .db are added that allows to prohibit watching video in working time, to prevent information leak, having appointed access to the database only to the limited group of people.

Lists of control

In the new version of InfoWatch EndPoint Security the functions directed to economy of resources of IT department are implemented. InfoWatch EndPoint Security can be configured so that to monitor actions with documents only of the set formats: control of databases in the .xlsx format is required - to add xlsx a format to the "black" list enough. A system will automatically create copies of all xlsx-documents copied on external devices, sent on network or to "cloud".

• The system of centralized operation is optimized by a product — the objects which are disconnected in the Active Directory automatically are disconnected in InfoWatch EndPoint Security.
• Automatic export of reports on the set schedule is implemented.

The new version of the program is compatible to all versions of Windows OS, including Windows 8.1.

"The solution InfoWatch is compatible to any software used in the company that provides easy implementation. The software product is easily scaled, is simple in mastering, deployment and administration" — Elena Naumova, the product area director of SMB of InfoWatch company noted.

2013: Expansion of functionality for protection of endpoints of corporate network

In May, 2013 the InfoWatch company announced release of the updated solution InfoWatch EndPoint Security focused on protection of workstations against a different type of threats in the companies of small and medium business.

Having studied customers needs of a SMB segment, specifics of business processes and features of typical configurations of IT infrastructure of the small companies, specialists of InfoWatch considerably expanded functionality of the endpoint-solution provided in a product line of the company, having turned it into a full-fledged product for protection of endpoints of corporate network against a different type of threats. Now InfoWatch EndPoint Security solves all complex of basic problems in information security field for workstations and removable mediums of information in corporate network, namely: control of observance of information security policies in the companies, audit of actions of users in networks, applications launch control and also enciphering of documents using standard algorithms. The most important advantage of this solution is the compatibility with any antivirus software used in the company.

Thus, the updated endpoint-solution InfoWatch provides protection of infrastructure, applications and documents on endpoints of network and logically supplements the system of protection of corporate information against internal threats of InfoWatch Traffic Monitor.

2012: Over 500 thousand licenses of EgoSecure are sold

For December, 2012 EgoSecure is already set at 800 companies and more than half a million end devices in the countries of Europe provide protection (all more than 500 thousand licenses are sold).

InfoWatch formulates philosophy of creation of a product in the form of an abbreviation of C.A.F.E.:

Control is control of use and differentiation of access rights of users to external devices. A system provides the maximum flexibility in setup of security policies: access rights can be configured according to the schedule, black and white lists of carriers, file formats, etc.

Audit is conducting general audit of actions of users during the work with information on external carriers and network folders. Audit includes preserving of shadow copies of files, access to which is provided directly from the management console.

Filter is filtering of formats and data types which use is authorized or it is forbidden to users. Control of applications launch allows to avoid use in network of the undesirable software, and the special mode of training gives to administrators the chance to easily configure and create rules.

Encryption – imperceptible for employees, "transparent" enciphering of information at record on mobile carriers and also enciphering of directories on the hard drive. As all information before record on external carriers is ciphered by the agent of InfoWatch EndPoint Security and stored already in encrypted form, corporate data will be available only to those to whom they intend, and will not fall prey of malefactors in case of theft of the mobile device of the employee.

Enciphering of folders on the hard drive ensures data security which are stored on working computers and notebooks of employees and also is an optimal alternative to full-disk enciphering.

The centralized use of security policies on the scale of all organization is performed via the single console of management. The combination of several technologies, their thought-over and smoothly running joint work create the complete finished solution.

Though the product does not make scanning on viruses and other malware, but protection against installation of foreign programs, filtering of malicious URLs and control of activity of users can quite compensate the technology of search of mass infections with a signature method which was almost outdate today. It is quite possible that EgoSecure is capable to protect better users from the purposeful and polymorphic attacks, than some traditional antiviruses.

2011: Purchase of InfoWatch and adaptation for the Russian market

In December, 2011 in InfoWatch purchased Cynapspro and started adaptation of a product for the Russian market. For release on the Russian market it was necessary to finish a system — to translate the interface and documentation and also to exclude the module of complete disk encryption which in original execution contradicted the domestic legislation. Perhaps, the module will appear further, but now all enciphering in EgoSecure is based on cryptoproviders of the operating system.

For InfoWatch the new product is a method to provide protection against date leaks (Data Leak Protection, DLP) to those users for whom the main DLP solution offered by the company is rather heavy. At the same time the success of a system directly depends on the sales channel — InfoWatch is going to sell EgoSecurity as a mass product. As the sole distributor for creation of the sales channel the Axoft company was selected. And as Axoft has a certain bias towards producers of means of protecting, tasks not only creations of the sales channel for a new product, but also its promotion in the market of SMB are assigned to it.

2005: Creation of a product

The product is created in 2005 by Cynapspro company and was rather popular in Germany, Austria and Switzerland.

Notes