Cyber Protego Cyber Protego

White Paper: DLP - Data Loss/Leak Prevention

2024

Cyber Proteo 10.2.1 with Extended OS List on Linux

Cyberprotect has released an update to the DLP system - Cyber ​ ​ Protego 10.2.1. The company announced this on May 30, 2024. This version has expanded the range of Russian operating systems based on Linux, with which the solution works. The Cyber Proteo for Linux agent supports Astra Linux SE 1.7.5 operating systems in the Oryol and Voronezh editions, as well as Red OS 7.3.4. In addition to server versions of these domestic operating systems, the web server managed using the web console also supports CentOS Stream 9. The update allows you to embed Cyber Proteo into any infrastructure and use it in conjunction with other import-independent solutions.

With each update of the DLP complex Cyber ​ ​ Protego, we are consistently moving towards making it easier for our customers to integrate it into information systems built on import-independent domestic solutions, providing reliable protection against leakage of confidential information. The implementation of agent control of devices with a single centralized management for the most popular operating systems, Astra Linux, RED OS and Alt Linux, as well as the ability to use a cross-platform web server for auditing security incidents, brings us closer to solving this problem, which we will continue to deal with in the next versions, - said Sergey Vakhonin, director of information security systems at Cyberprotect.

Cyber Proteo 10.2 with cross-platform web server for Windows and Alt Server

The company Cyberprotect"" on April 1, 2024 presented an update to the DLP Cyber ​ ​ Protego 10.2 system. This version implements a cross-platform web for server OS Windows and, expanded Alt Server the ability to control devices Linux in and control network communications in Windows. Implemented integration with enterprise solution for synchronization and exchange files of Cyber Files. Other improvements and fixes have been made.

Cyber Proteo is a solution that provides comprehensive protection against data breaches from, and computers servers virtual environments of organizations. One of the key changes in this version is the implementation of a cross-platform web server managed using the modern web console. The server, available for operating systems Windows Server (2012 and later) and Alt Server (10.0 and later), allows you to create statistical reports based on a single archive of events, regardless of the type of version used (,,,), DBMS MSSQL PostgreSQL Postgres Pro as well as Jatoba analyze incidents using a single list of events formed from event logging and shadow copy logs. The flexible role model provides the ability to create and assign users their own roles depending on the tasks they solve, allows not only to restrict access to various sections of the web console, but also to protect confidential ones. data

This version adds integration with the secure file sharing and synchronization solution Cyber Files on both the agent and server side. Now, in addition to cloud file-sharing services, it has become possible to control user access to the corporate Cyber ​ ​ Files server, including using tools for analyzing the content of transmitted data in real time. Server-level integration aggregates file exchange information in a single DLP system event archive.

In addition, control of the domestic messenger TamTam and current version of the messenger has been implemented. WhatsApp Agent Cyber Proteo now allows you to selectively restrict user access to these communications tools, as well as use the capabilities of event logging, shadow copying, alarm alerts (alerts) and rules based on real-time content analysis. The same capabilities are implemented to control web access to the mail service. Mailion

With each release, Cyber Proteo is becoming more convenient and affordable for companies that use domestic operating systems or plan to switch to them, "said Sergey Vakhonin, director of information security systems at Cyberprotect. - We paid special attention to seamless integration with the Cyber ​ ​ Files file exchange system. The joint use of Cyber Proteo and Cyber Files will allow organizations to bring information protection in the course of file exchange within the organization and with external counterparties closer to the concept of a secure file perimeter, which corresponds to modern trends in the development of information security in the Zero Trust model.

2023

Compatible with MyOffice Mail 2

On July 24, 2023, MyOffice and Cyberprotect announced the compatibility of the MyOffice Mail 2 mail solution and the Cyber Proteo DLP system. Read more here.

Cyber Proteo 10.0 with Linux Workstation Agent

On May 30, 2023, Cyberprotect introduced a comprehensive DLP class solution to protect against data leakage Cyber ​ ​ Protego 10.0. The system has an agent for Linux workstations, compatibility with current software and hardware, as well as a significantly expanded and improved arsenal of a number of functionality.

Cyber Proteo is an enterprise-class solution that provides comprehensive protection against data leaks from computers, servers, and virtual environments in organizations. One of the key features implemented in the latest version is access control and event logging when using USB devices and removable drives for Linux workstations. For these purposes, Cyber ​ ​ Protego can be used in the Alt Workstation 10 operating system.

Cyber Proteo developers continue to work to develop the compatibility of the complex with system and infrastructure, ON as well as hardware. The tenth version of Cyber Proteo adds support for current versions DBMS Microsoft SQL Server of 2022, including SQL the Server Express, 13, DBMS PostgreSQL 14, 15 edition, as well as the Russian DBMS Postgres Pro Standard versions 11 (11.5 or higher), 12, 13, 14, 15. Compatible with today's 11th or later generation systems processors Intel that support Intel CET. The developer also notes an improvement in the compatibility of Cyber ​ ​ Protego and, Kaspersky Endpoint Security implemented at the driver level. In addition, other improvements and corrections have been made to improve the overall stability of the product and ease of use.

The Cyber ​ ​ Proteo development roadmap is built in such a way that with each update it is possible to expand the possibility of our complex working in the software ecosystem of Russian developers, "said Sergey Vakhonin, director of information security systems at Cyberprotect. - With the new version, we took the first step in the Linux environment, and also expanded support for the PostgreSQL DBMS, on the basis of which many domestic solutions are implemented. This direction is one of the priorities in the development of the product, making it more universal and applicable in any customer infrastructure.

2022

Cyber ​ ​ Protego 9.4 with capabilities in terms of user control

The company Cyberprotect"" presented on November 1, 2022 an updated version of the integrated system protection from data breaches Cyber ​ ​ Protego (Cyber ​ ​ Protego) 9.4. The DLP Data Leak Prevention solution in this update has gained capabilities in terms of user control, provides official version support, and OS Microsoft implements a more flexible access control policy, including the separation of controls and notifications.

Among the most significant changes is the ability for clients to control the protocol SFTP widely used by network administrators post and the protocol. IMAP Detailed logging of mail received using the IMAP protocol will significantly expand the ability to investigate incidents information security by analyzing both outgoing and incoming mail communications.

The product also received a number of general changes. Starting from version 9.4, official support for Windows 11 and Windows Server 2022 operating systems (up to and including version 22H2) was announced, which allows updating to Microsoft OS on employee workstations without reducing the level of security of the organization.

Improvements affected the logging system. In particular, the Cyber ​ ​ Protego administrator can selectively determine the list of events about which information will be recorded in the server log. The legacy Agent Management Console has been removed from the suite of complex management tools, and all agent management is centralized and maintained at the server management task level or through Active Directory domain group policies.

Among other things, this version has optimized control over the use of the mail web service Gmail and, messenger WhatsApp improved the control mechanism SSL for connections, as well as a number of other improvements and updates.

The company continues to work on the development of the Cyber ​ ​ Protego DLP complex, and in release 9.4, a lot of attention was paid to expanding the control of network communications, improving the stability of the product, as well as optimizing centralized management of the solution. At the same time, official support for Windows OS versions and updating user communications control allow you to use Cyber ​ ​ Protego to comprehensively protect confidential data in your organization, noted Sergey Vakhonin, director of information security systems at Cyberprotect.

Among the functionality of Cyber ​ ​ Protego are flexible options for configuring permissions and prohibitions for all current transmission channels, data advanced monitoring functions and alarm alerts, supported by content real-time filtering. time The solution is delivered in a modular form so that each customer can choose the functionality he needs in accordance with the needs data protection  for and real for budget  information security.

Cyber Proteo 9.3 with advanced capabilities to control various data leakage channels

On July 29, 2022, Cyberprotect presented an updated version of the comprehensive data leakage protection system - Cyber ​ ​ Protego 9.3. The DLP (Data Leak Prevention) class solution has received advanced capabilities to control various data leakage channels, including printers and instant messengers, and an important extension has been added to the user activity monitoring subsystem to collect evidence and proactively identify incidents. In addition, the improvements affected system performance and protection.

One of the most important improvements in the released version of the Cyber ​ ​ Protego DLP system was the expansion of device control capabilities. This System Agent feature allows you to set the Printer Whitelist. Thanks to this, Cyber ​ ​ Protego administrators can not only control the print channel as a whole, but also selectively exclude some printers from control.

Thanks to a thorough revision of the logic of content analysis, the developers managed to increase the speed of content-dependent rules based on keyword groups and regular expression templates. Sensitive data is now identified faster, which reinforces the real-time data protection thesis.

The developed function "Cyber ​ ​ Protego: Recording before the event" dramatically changes the approach to investigating incidents and identifying suspicious user behavior and abuse of access privileges or data protection policies. The UAM component has become available to record user actions that occur immediately before the onset of specified events, which can be, for example, identifying confidential data in files and messages, connecting a flash drive, printing an important document. This makes it possible to significantly expand the evidence base in the investigation of leakage and other misconduct.

Added the ability to use an enterprise SSL certificate. This allows administrators to choose which certificate will be used to monitor the traffic being transmitted.

Improved system manageability. Administrators can now copy any rows when viewing event logs, use alternate accounts to connect to agents when creating tasks on the server. In addition, Cyber ​ ​ Protego administrators, starting with version 9.3, have the ability to flexibly control the size of the event archive and shadow copies, as well as the contents of logs, through customizable tasks of automatically deleting outdated data, insignificant files and any other information.

From the point of view of controlled channels in the Cyber ​ ​ Protego 9.3 version, the control of the messenger WhatsApp post and web services was expanded and, Mail.ru Rambler as well as the work with by mail transmitted by was optimized. SMTP protocol macOS The user interface of the Cyber Protego Mac Agent installer and agent has been updated for users.

"The problem of protecting sensitive data and combating information leakage does not lose its relevance. We are actively developing our own domestic Cyber Proteo solution, which can provide control of various communication channels and intelligent protection of confidential information in companies of any scale. The presented version not only improves system performance and stability, but allows you to more accurately configure protection and collect an expanded evidence base, reducing the risks of incidents related to insider activities " - notes Sergey Vakhonin, Director of Information Security Systems at Cyberprotect

The functionality of Cyber Proteo includes centralized control of access to an almost complete range of data channels, flexible options for configuring permissions and prohibitions, as well as real-time monitoring and operational notification tools. The solution is delivered in a modular form so that each customer can choose the functionality he needs in accordance with the needs of data protection and the real budget for information security.

Inclusion in the Unified Register of Russian Programs

The comprehensive data breach protection system, Cyber ​ ​ Protego, is included in the Unified Register of Russian Programs Ministry of Digital Development Russia (entry No. 13712 of 01.06.2022). This was announced on June 15, 2022 by Cyberprotect. Now the DLP (Data Leak Prevention) solution of Cyberprotect becomes available for procurement to departmental and municipal organizations, and can also be used in the implementation of import substitution plans by companies with state participation and other interested organizations. Cyber Proteo allows you to manage the risks associated with insider activities and ensure the protection of important information in accordance with the requirements of the law and current information security standards.

Cyber Proteo is a data breach prevention solution with advanced real-time detection capabilities for critical information. Together with Cyber Proteo, organizations of any size can provide full traffic control on corporate computers, servers, and virtual environments. The arsenal of tools that underpin Cyber Proteo allows you to effectively prevent possible leaks, continuously monitor and log transactions with confidential data, as well as identify violations of the rules for storing important information and make recommendations for correcting the situation.

Many Russian companies require proven security and infrastructure support solutions that guarantee the full range of service and stable operation of all functions, regardless of external circumstances. The presence of Cyber ​ ​ Protego in the Register of Russian software is a significant argument for using a data leakage prevention system in such organizations, "said Sergey Vakhonin, director of Cyberprotect information security systems. - Together with other solutions of "Cyberprotect," also included in the Register of Russian software, we can provide full protection of information both from leakage and from loss, as well as support for the organization's infrastructure, allowing government agencies and businesses to focus on their main activities without downtime and data loss.

The functionality of Cyber Proteo includes centralized control of access to an almost complete range of data channels, flexible options for configuring permissions and prohibitions, as well as real-time monitoring and operational notification tools. Cyber ​ ​ Protego TS technology for controlling data transmission in terminal sessions has no full-fledged analogues in the global market. The solution is delivered in a modular form so that each customer can choose the functionality he needs in accordance with the needs of data protection and the real budget for information security.

Cyber Proteo with updated user interface

On April 15, 2022, Cyberprotect announced the release of Cyber ​ ​ Protego, an updated version of the data breach prevention solution.

The software package received an updated name - Cyber ​ ​ Protego (Cyber ​ ​ Protego) according to the strategy for the development of the company's product line. The update also affected general system changes and improvements related to network communications control.

General changes:

• updated user interface, renamed some parameters and components;
• servers Management Server reports on to data audit and shadow copy logs have been translated into Russian the language.

Control of network communications:

• significantly improved control messenger WhatsApp when using current versions of the WhatsApp client for; Windows
• improved control, and social networks Vkontakte Schoolmates others;
• improved control of the Skype messenger in case of simultaneous use of the application by several users;
• improved support for the Viber messenger in terms of controlling transmitted images;
• optimized control of file exchange and synchronization service Uploadfiles.io.

With the help of Cyber ​ ​ Protection, enterprise information security services can perform granular control of user actions with data, ensure compliance with corporate data protection policies, IT security standards and regulatory requirements, regardless of the place of work of employees.

2021: "Acronis DLP Protection" version 9.0

On November 24, 2021, the company Cyberprotect (formerly Acronis ITProtect)"" presented to Russian the market with a solution for preventing data breaches "." Acronis DLP Protection This enterprise-class solution provides comprehensive protection against data breaches , and computers servers enterprise environments virtual. The expansion of the product line and the entry into the DLP market supports the previously announced strategy of Cyberprotect, aimed at developing comprehensive cyber protection solutions for the Russian market, not limited to solutions for. backup

Cyberprotect presented a solution to prevent data leaks on the Russian market

The product "Acronis DLP Protection" version 9.0 is developed on the basis of source code the key technology partner "Cyberprotect," the company. Acronis The prototype solution is the Acronis system. DeviceLock DLP 9.0 The software package is built in modular to architecture components, licensed optionally in various combinations, which allows customers to flexibly choose the configuration of the DLP solution according to their requirements for the and. " safety budget Acronis DLP Protection" uses various methods of control - both data contextual and based on real-world content analysis, time providing protection against information leaks for the minimum cost of purchasing and maintaining the complex.

"An important feature of our product is the ability to prevent data breaches in organizations, including those that have switched to remote or hybrid mode of operation. As independent research shows, more than 70% of data breaches at enterprises are caused by deliberate or accidental actions of employees themselves. Given the rapid growth of critical data in all organizations, such incidents can lead to irreparable consequences. More and more organizations are choosing solutions that can not only track, but also prevent leaks. We have made corrections and improvements to our version of the product, and also retained the possibility of a classic licensing model with a permanent license for Russian customers, "- says Sergey Vakhonin, director of DLP at Cyberprotect.

With Acronis DLP Protection 9.0, Enterprise Information Security Services can granularly monitor user activity with data, ensure compliance with corporate data protection policies, IT security standards, and regulatory requirements, regardless of where employees work. Built-in audit and event analysis tools make it easy to turn activity logs into useful insights.

Technologies and products DeviceLock have been known in the Russian and international markets for more than 20 years, they provide, according to information the company, the protection of more than four million computers around the world information in the systems of more than five thousand organizations. Earlier, Acronis acquired the developer of DLP systems DeviceLock and launched the Acronis DeviceLock DLP 9.0 solution on the international market, which became the basis for the Acronis DLP Protection 9.0 system of Cyberprotect, Acronis technology partner in. Russia