RSS
Логотип
Баннер в шапке 1
Баннер в шапке 2

DeviceLock Endpoint DLP Suite

Product
Developers: DeviceLock (formerly Smart Line Inc.)
Last Release Date: 2021/03/24
Technology: IB - Information leakage prevention

Content

File:DeviceLock DLP.jpg

DeviceLock DLP has a set of local port and peripheral control capabilities - removable drives, printers, USB ports, and provides data control in virtual and redirected devices, Windows System Clipboard, network applications, and protocols used on monitored computers.

DeviceLock DLP Suite helps prevent accidental or intentional leaks of information by creating a controlled working environment that includes both enterprise computers and networks, as well as users' own mobile devices. DeviceLock DLP protects information from unauthorized copying, transmission through e-mail and instant messengers, unauthorized access through Wi-Fi and Bluetooth, and also allows you to detect data stored in workplaces in violation of corporate security policy.

With DLP DeviceLock, companies can continuously analyze and monitor the use of data transmission, storage, and printing channels as users work. Data control is carried out according to a wide range of parameters: formats, types of interfaces and devices, network protocols, transmission directions, time of day, etc. Depending on the properties of a group of users, the ability to copy or use removable media may be restricted in different ways, and for those at risk, a deeper level of control based on the analysis of content (document content, correspondence and other data) is established. Print texts can be controlled using DLP DeviceLock even if they have not been saved to the file system. The content of files transmitted through instant messengers and the content of the correspondence itself are also analyzed. A unique resident optical character recognition module helps prevent information leaks through the use of images (such as scans or photo images of documents).

2021: DeviceLock DLP 9.0 with updated User Files report

On March 24, 2021, Smart Line Inc, a representative in the field of developing protection against data leaks from computers, announced the official release of the next version of the DeviceLock DLP 9.0 software complex, designed to prevent insider data leaks directly on user computers.

Because 69% of data breaches are the result of intentional or accidental actions by insiders, DeviceLock DLP 9.0 will help organizations protect their data from the most common threat of data breaches.

Given the dependence of organizations on the use of data in everyday operations, data breaches can lead to serious consequences, including continuity violations, business processes fines from regulators, litigation, and damage to reputation. An independent study Ponemon Institute shows that the average damage from incidents related to internal data breaches increased by 31% over the past two years and as of March 2021 is more than 11 million. dollars

{{quote 'Data protection is the basic need of each organization, "said Olesya Yarmolenko, General Director of Smart Line Inc. - It is vital for businesses to protect themselves from accidental or intentional leakage of any data relevant to the organization - from intellectual property and trade secrets to confidential information about customers and employees. }}

With DeviceLock DLP 9.0, Information Security Services can granular control of user data activity, ensuring compliance with corporate data protection policies, IT security standards, and regulatory requirements, regardless of employee location. Built-in audit and event analysis tools can easily turn activity logs into useful analytics.

The DeviceLock DLP software complex is implemented in a modular architecture, allowing customers to choose the optimal combination of components of the DeviceLock DLP complex: the main stand-alone component of the DeviceLock Base can be supplemented with several additional components to expand the functionality of the DLP system. Another standalone product, DeviceLock Discovery, further reduces the risk of lost stored data by identifying unsecured data and protecting it through configurable corrective actions.

The added functionality of DeviceLock DLP 9.0 includes:

  • An updated optional component, DeviceLock User Activity Monitor (UAM), which allows you to record user actions using tools such as video recording of the user's screen, recording all keystrokes, saving information about processes and applications that were executed and started during recording. An important feature of the DeviceLock UAM component is the ability to activate monitoring of actions when a certain event occurs, for example, the operation of a content-dependent rule, the connection of an external drive, changing the state of a network connection, etc. DeviceLock User Activity Monitor allows you to significantly expand the evidence base when investigating information security incidents, simplifying the process of detecting suspicious user behavior and abuse of access privileges or data protection policies, resulting in reduced risks of data loss.
  • The updated User dossiers report, which significantly simplifies the audit of information security and increases the transparency of data flows and related actions through a statistical overview of user actions with a graphical representation. To monitor and evaluate various aspects of user behavior, User dossiers also provide statistical indicators such as the frequency of attempted unauthorized transactions, transmission, large amounts of data changing the nature of online activity, etc. User files can be extended with additional user account data obtained from the directory Active Directory or others. LDAP servers
  • Support for Elasticsearch databases in DeviceLock Discovery, extending the scope of scanning and discovery.

2020

Presentation of the second beta version of DeviceLock DLP 9

On June 17, 2020, it became known that the company DeviceLock released the second beta version of the DeviceLock DLP 9 software complex, designed to prevent insider data leaks.

In the following version of DeviceLock DLP 9 a beta 2 possibilities of the UAM component (User Activity Monitoring) giving an opportunity of monitoring of actions of the user are expanded and also the functionality of "the user files the" (User dossiers) allowing the Information Security Services to analyze its activity is optimized.

DeviceLock DLP 9

Among the UAM features is the "Pause while inactive" option, which allows you to stop monitoring user actions in case of inactivity. In addition, the stability and functionality of the keyboard input recording processes are improved, deficiencies in the password recording function are eliminated, and multiple improvements and fixes are added to the user interface.

User dossiers also include additional user information from the Active Directory directory or other LDAP sources. The Loyalty Indicator is able to compare user-specific key figures with the average of the selected group. You have also extended the range of user-visible activity to which the group indicator comparison option is added.

In addition, User dossiers includes lists of the most frequently triggered content-dependent rules, optimizes pre-processing processes to reduce response and display delays, and consolidates UAM component logs as part of a common server log consolidation mechanism. The mapping of custom domain names as identifiers for contacts has been added to the link graphs.

File:Aquote1.png
The self-isolation regime caused not only an increase in demand for tools to combat data leaks, but also showed us the directions for the development of the functionality of these systems, the importance of which had not previously been undeniable. In particular, we see a sharp increase in the number of incidents related not only to the activity of cybercriminals, but also to the incompetence of employees. At the same time, often companies and banks simply lack the resources to "manually" investigate such cases,

- noted the founder and the technical director of DeviceLock Ashot Oganesyan
File:Aquote2.png

Simultaneously with the DLP 9 beta 2 DeviceLock, an updated DeviceLock DLP 8.3 complex was introduced with improved control, messenger WhatsApp, social network Facebook web service Mail.ru and updated messenger control. ICQ

Also in the next version, the ability to control the Zoom video conferencing service was expanded, the impact on the performance of terminal servers was reduced when MAPI mail protocol was activated, Microsoft Excel and Adobe PDF file processing was optimized and OCWindows 10 version 2004 (20H1) support was implemented.

Testing with Zoom VCS and Skype Messenger

On March 30, 2020, it became known that the company DeviceLock Russian , the developer of the anti data leakages - DeviceLock system, DLP conducted additional testing of its solution when using services and. videoconferences Zoom messenger Skype

During the testing, the ability to block or resolve incoming and outgoing messages and files in the Zoom service, their real-time content analysis, event logging, alarm reporting, as well as shadow copying of transmitted data without reducing the performance in conferences of up to 100 participants were fully confirmed.

Monitoring the Skype messenger of all versions in the DLP DeviceLock includes monitoring both regular and "private conversations," checking chat and transmitted files for prohibited content before they are sent, and immediately blocking the transfer of confidential information if it is detected before it is sent.

As the founder and technical director of DeviceLock Ashot Ohanesyan said, the introduction of quarantine and a massive transition to remote work of employees have already led to a sharp increase in communications using video conferences and instant messengers.

File:Aquote1.png
Most companies are forced literally in a "fire order" to solve related issues of information security and corporate data protection, the risk of leakage of which when using instant messengers and access to data from home computers has increased sharply, he said.
File:Aquote2.png

Free licensing for the coronavirus epidemic

On March 23, 2020, it became known that the company DeviceLock will provide free of charge to everyone its products to protect corporate data when using terminal access for the period of the COVID-2019 coronavirus epidemic.

An important tool to combat the spread of COVID-19 worldwide is the relocation of staff to remote work. At the same time, the most popular way to provide access to corporate data is to organize terminal access to jobs or specially deployed cloud services, which allows employees to perform their tasks from any device.

However, many Russian organizations were not ready to create both the necessary IT infrastructure and to organize secure access to corporate data in this format, since with terminal access, data can be copied to a personal device or transferred to other devices connected to it, for example, external drives or printers. At the same time, the installation of protection systems directly on personal devices is practically unrealistic.

Considering complexity of the Russian companies of procedures of selection and purchase of the software existing in the majority and need of the fast transfer of employees to remote work, the DeviceLock company made the decision for the period of epidemic to provide to everyone the free license for the system of fight against data leakages of DeviceLock DLP including the specialized decision for work with terminal access - Virtual DLP.

As the founder and technical director of DeviceLock Ashot Hovhannisyan noted, in the conditions of the epidemic, and any emergency situation, information security is always the first to be hit. People make mistakes, panic, become defenseless to social engineering methods.

File:Aquote1.png
There are also those who believe that since control over them is weakened, you can earn a little selling what they have access to, for example, corporate information, because it is not known what awaits everyone tomorrow. In order for the company to remain operational, it is necessary to resist them, without complicating the process of work. This allows you to do the DLP system, "he added.
File:Aquote2.png

DeviceLock User Activity Monitor и модуль User dossiers

January 20, 2020 it became known that DeviceLock introduced the beta version of DeviceLock DLP 9.

This version of the Russian software to combat insider data leaks is available for download on the company's website.

Among the features that appeared DeviceLock DLP 9 - UAM (User Activity Monitor), which provides the ability to video the screen, logic keystrokes, as well as save information about processes and applications that were run and started during recording. Activation of UAM DeviceLock can occur when content-dependent rules are triggered, external drives are connected, the network connection state changes, and other triggers included in the DLP DeviceLock. This feature allows you to facilitate both the preliminary assessment of suspicious user actions and the collection of evidence when investigating information security incidents.

The second important update is the introduction of the User dossiers module in the Enterprise Server DeviceLock. This tool allows you to create a user profile that includes an assessment of their compliance with information security policies, as well as predictive analytics of possible data leaks based on changing the level and forms of user activity in the corporate network. The statistical review of online activity presented in User dossiers also helps to assess the time a user spent chatting in instant messengers or visiting certain websites, and identify procrastinator employees.

As the founder and technical director of DeviceLock Ashot Hovhannisyan noted, in order to successfully combat data leaks, DLP systems must go to a higher level.

File:Aquote1.png
We see that dozens or even hundreds of information security incidents occur every day in a large company or bank. The DLP system must not only stop them, but also automatically separate randomness or stupidity from attempts to intentionally steal data. Otherwise, many incidents simply will not be investigated by the information security service, which does not have the necessary amount of human resources,
told by Ashot Ohanesyan
File:Aquote2.png

2019

Japan's DLP Market Dominance 5 Years in a Row

On October 28, 2019, TAdviser learned that the independent institute for economic research MIC Research Institute, Ltd. (Japan) published a report on the results of a study of the current state and market prospects of cybersecurity and data protection solutions in 2019, in which the DLP DeviceLock was recognized as the best-selling software product of the EDPC class in the Japanese market. The 40% market share has been maintained for the DLP DeviceLock for the fifth year in a row.

DeviceLock DLP

According to the study, in 2019, the number of Japanese companies that chose DeviceLock DLP as a solution for protection data in environments virtualizations and remote access increased significantly. At the same time, there was a high increase in demand for the implementation of network communication control in these scenarios, primarily when working remotely with, and e-mail cloudy storages other network services using the NetworkLock component. Steadily high level of deliveries of the OEM licensed basic component of the DeviceLock DLP complex preset on corporate personal computers productions of corporation NEC (NEC Personal Computers, Ltd) is also noted.

Among the key reasons why Japanese consumers choose DeviceLock were the compliance of DeviceLock DLP capabilities with regulatory requirements, personal data protection laws and industry security standards.

File:Aquote1.png
The Japanese do not need to explain how important information security is, but the product must be adapted to their language and culture. We and our local partners have made great efforts to integrate the Japanese language and hieroglyphic system into the DLP DeviceLock, adapt the complex to the specific processes of Japanese companies and banks, and deploy a training and support system. This has borne fruit - for five years we have been the first in the Japanese market,
said the results of the study, founder and technical director of the company DeviceLock Hovhannisyan Ashot
File:Aquote2.png

According to JSC, Smart Line Inc the developer of the DLP DeviceLock, sales growth in the Japanese market in the first quarter of 2019 compared to the first quarter of 2018 amounted to 28%. Among the clients of the DeviceLock are the largest Japanese technology companies, such as (NTT more than 30 different divisions), Yaesu, Mitsubishi Space,,, Toyota NEC, Japan Yamaha, FUJI HP banks MUFG, The Shizuoka Bank, The Joyo Bank, Shoko Chukin Bank, as well as Central Japan Railway, Japan Company and more medical universities.

MIC Research Institute specializes in marketing research for clients such as Mizuho Bank, Sumitomo Mitsui Banking Corp., Bank of Tokyo-Mitsubishi, and issues reports on the state of IT and IB markets each year, based on actual sales volumes in Japan.

Postgres Pro and PostgreSQL Support

On October 22, 2019, it became known DeviceLock released an updated version of the DeviceLock DLP software complex, which includes an updated DeviceLock Enterprise Server module with Postgres DBMS support for storing and processing data on events that occurred in the controlled loop. Support was received by both the open DBMS PostgreSQL and the Russian advanced development Postgres Pro, which is part of the register of the Ministry of Communications and has a FSTEC certificate.

DeviceLock Enterprise Server is part of the DeviceLock DLP Data Loss Prevention Suite, designed to manage protection, including agent operation and distribution of DLP policies, as well as centralized shadow copy and event logging data collection and reporting from DeviceLock agents and the DeviceLock EtherSensor server.

According to the founder and technical director of DeviceLock Ashot Hovhannisyan, the company was pushed to support PostgreSQL and Postgres Pro by the performance indicators of the DBMS, as well as the growth of their share in the Russian market.

{{quote 'author = added Ashot Hovhannisyan' Recently, we received a large number of requests from our Russian customers for support of PostgreSQL and Postgres Pro and could not help but respond to their wishes. In addition, we see that the ecosystem of Russian software created by the Ministry of Communications begins to work, and the focus on supporting the developments included in the register becomes one of our strategic priorities, }}

File:Aquote1.png
The integration of Postgres Pro DBMS with application systems demanded by large enterprises and government customers is one of the priorities of our company. We expect that a partnership with one of the manufacturers of DLP solutions represented by DeviceLock will allow us to more effectively close the needs of customers both at the Russian and international levels,
commented on Ivan Panchenko, Deputy General Director of Postgres Professional
File:Aquote2.png

Renewal of FSTEC certificate

On July 8, 2019, it became known FSTEC Russia that it confirmed the results of the tests (inspection control) of the current version of the DeviceLock DLP Suite 8 software complex - one of the Russian anti-corruption systems. data leakages The validity of Compliance Certificate No. 3465 dated November 5, 2015 was extended until November 5, 2023.

Certification was carried out as part of inspection control in accordance with the current regulatory acts of the FSTEC of Russia and, in particular, the "Requirements for the control of removable machine storage media" (FSTEC of Russia, 2014). Based on the results of the tests, the DeviceLock 8 DLP Suite software product is recognized as complying with the 4th class of security control of removable machine media connection, the 4th level of control of the absence of undeclared capabilities, as well as the requirements for monitoring the content of transmitted information (DLP).

The updated certificate confirms that DeviceLock 8 DLP Suite can be used as part of automated systems up to security class 1D, as well as in HIPD, GIS, process and process control systems that process confidential information of any security classes (levels). When operating DeviceLock, DLP can implement security measures related to the use of removable storage media, control of the content of data transmitted from the information system, as well as the elimination of illegal transfer of information.

File:Aquote1.png
FSTEC certification is important for us, as it allows us to offer our solution to government entities and commercial companies working with confidential information. All these structures, judging by the state of the "punch" market and the databases that appear on sale with hundreds of thousands of client data records, badly need an effective DLP solution,
File:Aquote2.png

Ability to monitor Zoom video conferencing service. Job Search

On April 25, 2019 the DeviceLock company reported about updating of family of the DeviceLock DLP products. Among the most important functional changes are the control of the Zoom video conferencing service, as well as the Job Search function, which allows you to control the use of recruiting services.

Zoom control includes the ability to block or resolve incoming and outgoing messages and files, their content analysis, as well as event logging, alarm alerts, and shadow data copying . The blocking, logging and alarm functions for conferences and calls are also implemented. At the same time, the control of the transmitted data, including content analysis, takes place in real time, which makes it possible to guarantee block the transfer of confidential data. As of April 2019, the DLP DeviceLock controls the operation of the Zoom service online.

The Career Search feature allows you to control the blocking or permission of access, log, alert, and shadow copy, and content analysis of search queries, text messages, and files uploaded to recruiting services such as Rabota.ru, hh.ru, Yandex.Rabota, SuperJob.ru, and some Western job search sites. All this allows you to identify employees who are going to change their place of work, and, more importantly, in real time block them from uploading corporate documents to sections of the portfolio.

File:Aquote1.png
"The control of the Zoom service is a function that lies within the general concept of our product. "Job search" is a step from content control to predicting user behavior, that is, profiling, for which there is a great demand. Profiling not only makes it possible to understand what the employee thinks about, but also increases the efficiency of the DLP systems themselves. According to our research, employees about to quit are at risk due to possible illegal copying of data, for example, a customer database. By registering such an intention, they can be subject to stricter security policies and reduce the risk of theft of corporate information. "

Ashot Ohanesyan, founder and technical director DeviceLock
File:Aquote2.png

According to DeviceLock statistics, last year more than 50% of corporate data leaks occurred through the fault of insiders. Most often, personal data of customers were stolen, which are then used by competitors or enter the markets of spam mailings, in second place are copyright objects (texts, program code, images and videos), in third place are financial documents. At the same time, financial institutions and telecom operators working with large volumes of sensitive data are most at risk.

Japan Corporate Sales Growth 28%

On April 2, 2019, it became known that the company DeviceLock , a Russian manufacturer DLP of systems, summed up the preliminary results of work on international markets in the first quarter of 2019. The leader was where Japan sales growth DeviceLock DLP compared to the first quarter of 2018 amounted to 28%. Among the clients of the DeviceLock are the largest Japanese technology companies, such as (NTT more than 30 different divisions), YAESU, MITSUBISHI SPACE,,,,,,, Toyota Yamaha Japan NEC,, FUJI HP The banks MUFG Shizuoka Bank, The Joyo Bank, Shoko Chukin Bank, as well as Central Japan Railway Company, Japan Credit, more than a thousand universities and universities medical.

According to the founder and technical director of DeviceLock, Ashot Oganesyan the company is traditionally strong in the Japanese market. In particular, according to the study "Information Security Solutions Market Present and Future Outlook 2017 - Internal Leakage Prevention Solutions Edition," conducted by MIC Research Institute in 2017, DeviceLock DLP took first place in the Japanese market in terms of supply volumes among products of the Endpoint Device/Port class computers for prevention purposes. data leakages At the end of 2017, the share of DeviceLock in this segment amounted to 38.9%. In addition, the manufacturer of corporate personal computers, the Japanese corporation NEC, included in the kit pre-installed ON on computers of the "VersaPro" and "Mate" series OEM-licensed basic component of the DeviceLock DLP complex, designed to control peripheral devices on computers under management. OS Windows

File:Aquote1.png
Japanese companies are not only very technological, but also pay great attention to the preservation of client data, because any incident of this kind is not only direct damage, but also "face loss" to customers and competitors. And given the traditional secrecy of the Japanese, we can say that data protection is part of Japanese culture, "said Ashot Ohanesyan. - Therefore, among our clients in Japan there are all those who work with confidential and personal data - technology companies, telecom operators, hospitals, universities and city management structures. We, in turn, make every effort to ensure that the product meets the specifics and requirements of the Japanese market, including the ideal work of OCR components with hieroglyphic writing and syllabics.
File:Aquote2.png

Enhanced data collection and consolidation capabilities from geographically distributed system servers

In March 2019, the DLP DeviceLock update was released, one of the important changes of which was the expansion of the ability to collect and consolidate data from geographically distributed system servers.

In particular, in the new version, it became possible to create a hierarchy of storage servers to which Enterprise Server (DLES) DeviceLock that directly collect data from agents connect, as well as create schedules for transmitting information and routing schemes that take into account the load and state of communication channels. Such functionality is in demand by large Russian and foreign companies and banks with an extensive and geographically distributed branch network, in which part of the offices, in addition, have weak and unreliable connections to the corporate network.

According to the founder and technical director of DeviceLock Ashot Hovhannisyan, today many multifilial companies are forced to abandon the creation of a centralized system for collecting information about potential data leaks, since most DLP solutions generate a significant amount of traffic in this mode. When it comes to remote offices with weak links, they are limited to configuring DLP systems to a pre-prepared incident list and monitoring the system operation.

The updated DLP DeviceLock allows you to collect suspicious activity data and transmit it for later analysis at the lowest link load. In addition, pre-consolidation of incident information at the regional level enables information security officers to obtain data on leaks more quickly and to take measures to prevent them.

2018

25% increase in sales in the Arab market

On February 11, 2019, it became known that sales the Russian data leakages Data Leak Prevention systems DeviceLock DLP in the United Arab Emirates, Saudi Arabia Bahrain and other countries of the Arabian Peninsula in 2018 increased by 25% compared to 2017. Implementations were carried out state in institutions banks and large companies, and the Sultanate of Oman became the leader in the total number of implementations.

As reported, among those who chose products DeviceLock: the largest developer of Dubai - Emaar, as well as the Royal Office, the Ministry of Defense, the Secret Service and the Police of the Sultanate of Oman (Sultanate of Oman Royal Office, Sultanate of Oman Ministry of Defence, Sultanate of Oman Internal Security Service)Kuwait International Bank, General Directorate of Military Works and others.

File:Aquote1.png
With the digitization of data, there are leakage risks that are well understood by company and government executives. At the same time, due to the specifics of governance in the Arab states, the punishment for leakage can be very, very severe, so they do not save on protection systems. The choice of DLP DeviceLock, in turn, was due to our experience in this market, the wide functionality of the system, the ability to fully work with the Arabic language, including in image recognition, as well as the availability of local support carried out by a local certified partner DeviceLoc.

Ashot Ohanesyan, founder and technical director DeviceLock
File:Aquote2.png

Ability to monitor data leaks via Skype

October 9, 2018 Smart Line Inc (SmartLine Inc) announced the release of the next version of the DLP DeviceLock, returning companies the possibility of control data leakages through the popular. messenger Skype

Released at the end of August 2018, the Skype update, which includes the option of creating encrypted "private conversations," put this messenger out of control of most DLP systems for more than a month. The use of the Signal protocol, developed by the non-profit organization Open Whisper Systems, made all standard methods of intercepting messages impossible, including the replacement of certificates, known as the " man in the middle" attack.


DeviceLock solved this problem using a combination of network control and local agents that control the processes and file system of client devices. At the same time, the DLP DeviceLock implements not only logging, but also full-fledged control of "private conversations," including checking chat and transmitted files for prohibited content before they are sent and immediately blocking the transfer of confidential information if it is detected.

File:Aquote1.png
author '= Ashot Ohanesyan, Founder and Technical Director DeviceLock DLP '
In an effort to ensure the privacy of private users, messenger manufacturers create gaps in corporate protection systems. For a company that suddenly received a secure messenger at each workplace, there are only two options: simply prohibit its use or use the DLP system. The latter option is optimal not only in terms of capabilities, but also from the legal and ethical side, and also does not destroy the processes established in the company.
File:Aquote2.png

According to DLP DeviceLock statistics, in 2018, more than 50% of corporate data leaks occurred through the fault of insiders. Most often, personal customer data was stolen, which is then used by competitors or enters the spam mailing markets, copyright objects (texts, program code, images and videos) are in second place, and financial documents are in third place. In Russia, the service sector was and remains the least protected, where data losses are widespread, since most companies operating in this segment belong to small businesses and do not have either a budget or competencies to protect their information. Financial institutions and telecom operators operating with large amounts of sensitive data are also at risk.

Integration with Rutoken EDS Flash and Rutoken Disk

On July 3, 2018, Asset and Smart Line Inc announced the technological integration of their own developments to increase efficiency in solving the problems of preventing corporate information leaks: the DeviceLock DLP software complex, Rutoken EDS 2.0 Flash and Rutoken Disk. More details here.

DeviceLock DLP Suite 8.3

The DeviceLock company declared on June 19, 2018 official release of the program DeviceLock DLP complex in version 8.3 intended for prevention of insider data leakages.

The company DeviceLock noted the most significant functionality of DeviceLock DLP 8.3, which includes:

  • Content detection technology - "Document Fingerprints" used to inspect data transmitted through monitored devices and network protocols. This technology is based on comparing short alphanumeric hashes of inspected documents and files, also called digital prints or fingerprints, with hashes stored in a collection (database) of digital prints. This allows you to uniquely identify the contents of documents or files for various data security tasks.
  • Improve SMB network protocol monitoring. The most significant changes include the control of incoming files at the protocol permission level, the ability to monitor outgoing files by content at the content-dependent rules level for permissions.
  • Support of Boldon James classifier labels in composite documents, as well as MS Office documents of modern formats and PDF files as an extension of Document Properties content groups for content-dependent rules.
  • You can set user-defined document properties in Document Properties content groups and their values to search for the specified parameters in the corresponding user-defined properties of compound documents, as well as MS Office documents of modern formats and PDF files.
  • Optimized control messenger Skype for Skype 8.x and Skype 12.x versions.

2017

Inclusion in the Unified Register of Russian Software

Smart Line Inc On August 17, the company announced the inclusion of information about the DeviceLock software complex DLP in a single register of Russian programs for electronic computers and databases in the software class. information security This decision was made by the Expert Council for the Russian Federation to the software Ministry of Communications and Mass Communications of the Russian Federation on August 14, 2017 and approved by order No. 421 of the Minister of Communications of the Ministry of Communications of August 16.

The decision of the Expert Board confirms the compliance of the DeviceLock DLP software complex with the requirements for the participants of the software registry and the specified class of software. Inclusion in the Register confirms the Russian origin of Smart Line Inc products, which allows state customers to purchase DLP DeviceLock solutions as part of purchases under the import substitution program.

The DeviceLock DLP software package is included in the Unified Register of Russian Software
File:Aquote1.png
For more than a year, we have been waiting for a decision to include the DLP DeviceLock complex in the unified register of Russian programs for computers and databases, faced with bureaucratic obstacles and unfair influence of competitors at the level of the expert council of the Ministry of Communications, "said Ashot Ohanesyan, founder and technical director of DeviceLock. - For more than 20 years, we have been developing the DLP DeviceLock in Russia, bringing the product to the level of the world standard de facto in the field of peripheral control devices, and sold our solution around the world, while facing significant difficulties in a number of countries precisely due to Russian origin. In Russia, the DeviceLock DLP complex has been repeatedly certified by the FSTEC. Owing to wide circulation of DeviceLock in Russia, including among the organizations of public sector, and requirements for ensuring import substitution, expressed for our clients in need of presence of DeviceLock DLP for the register Russian ON, we persistently continued process, trying to obtain recognition obvious, and here at last DeviceLock is included in the Register. We expect that confirmation of Russian origin DeviceLock DLP will strengthen the position of DeviceLock in the Russian information security market, as well as lead to healthy competition and improve the quality of Russian solutions that position themselves in the DLP class.
File:Aquote2.png

Microolap Integration EtherSensor

On August 4, Smart Line Inc and Microolap Technology announced the implementation of transparent technological integration of their own solutions to optimize the solution of problems to prevent corporate information leaks, as well as increase the flexibility and breadth of capabilities of DLP technologies in identifying incident investigations. As a result, the first full-fledged hybrid DLP system was created, which allows combining various technologies for monitoring data transmission channels into a single whole.

By integrating the DLP DeviceLock DLP complex and the Microolap EtherSensor Network Traffic Capture and Analysis software platform into a single hybrid DLP system, organizations can simultaneously leverage the capabilities of two related solutions with partially overlapping functionality to provide DLP control of enterprise information in different scenarios. Product management is independent of each other, but a single event logging and shadow copy database is maintained, which allows you to identify and analyze information security incidents for the widest range of potential data leakage channels - from ports and devices to modern web services, centrally within a single solution.

Read more about the event here.

DeviceLock DLP has become a source of events for RuSIEM

On July 17, 2017, Smart Line and RuSIEM announced the technological integration of their own products to increase efficiency in preventing corporate information leaks and analyzing incidents.

As a result of integration, the DLP DeviceLock DLP complex acts for the event management system information security RuSIEM as a source of information security events[1]

DeviceLock DLP sends real-time operational information to SIEM systems via SNMP and SYSLOG protocols, and can duplicate event log entries. Alarm alerts can be created and sent to SIEM systems as a result of authorized and prohibited attempts to transfer data through various network communication channels, recording information on removable drives, printing documents to local and network printers, transmitting data in terminal sessions through the clipboard, etc.

The DLP DeviceLock settings help you set up alarm mode to send real-time operational information to SIEM when content analysis tools detect restricted access information in transmitted files and documents, chat rooms, and e-mail. In addition, SIEM systems can receive event information directly from the DLP DeviceLock logs.

For integration of DeviceLock DLP and RuSIEM the way of transfer of events from agents of DeviceLock DLP in RuSIEM through the SYSLOG protocol is chosen.

In addition to information from the DLP system, the RuSIEM analyzes and displays data from the intrusion detection system (IDS),, routers, and firewalls servers automated user workstations.

File:Aquote1.png
Recently, we have noted the growing interest of customers and system integrators in integrating DeviceLock DLP with SIEM class solutions. The integration of our DLP solution with RuSIEM will make mature analysis technologies available to customers in a single SIEM event system panel for a comprehensive range of data links controlled by DLP DeviceLock.

Ashot Ohanesyan, Technical Director DeviceLock
File:Aquote2.png

File:Aquote1.png
The complex analysis of the events intercepted and transferred to DeviceLock DLP to RuSIEM will allow to find and fix really important incidents in real time, to carry out quick context search on the network services and various devices used by users, to analyze a circle of contacts and the movement of critical data in combination with the analysis of other events of information security that certainly has to increase efficiency and performance of work of the Information Security Services.

Olesya Shelestova, CEO RuSIEM
File:Aquote2.png

DeviceLock DLP 8.2

On April 28, 2017, Smart Line Inc announced the release of version 8.2 of the DeviceLock DLP software complex.

Together with optimization, the product received a number of features and functions. In particular, the version contains a revised parser of network traffic, the capabilities of monitoring the virtual environment, e-mail and instant messaging services have been upgraded, a report has been created - the interactive link graph[2]

DeviceLock DLP 8.2 optimizes DeviceLock Virtual DLP technology to improve the variability of virtual environment control scenarios when using content inspection and filtering ContentLock in RDP/ICA/RDS/VDI sessions. In particular, the possibility of content analysis of files transferred to connected disks (Mapped Drives) has been added.

The ability to control e-mail and instant messengers has also been expanded: the ability to use sender and recipient identifiers in messengers as parameters of content-dependent rules, as well as the addresses of senders and recipients of e-mail for SMTP, MAPI, IBM Notes and mail web services. This feature allows you to set allowed recipients and senders, while preventing data transfer from or to unauthorized contacts, noted in Smart Line Inc.

Added data report DeviceLock Enterprise Server: Relations Chart. The report allows you to visualize and view connections between users within your organization and with external users, detected by network protocols and services:

Added support for OS AppleOS X v10.12 (Sierra) for DeviceLock for Mac Agent and support for Microsoft SQL Server 2016 for DeviceLock Enterprise Server.

DeviceLock Enterprise Server provides a management role in the DLP DeviceLock complex - the ability to use an unlicensed component to install agents and manage DLP DeviceLock policies on the LAN.

File:Aquote1.png
Data breaches continue to be a serious threat to organizations in 2017, and DeviceLock DLP is still one of the functional and relevant types of data breaches due to the release of version 8.2. DeviceLock DLP 8.2 is the culmination of a 20-year history of continuous development and optimization of our software package.

Ashot Ohanesyan, founder and technical director DeviceLock
File:Aquote2.png

2015

Certificate of conformity of the State technical regulation system of Kazakhstan

The software package DeviceLock 8 DLP Suite, which includes components DeviceLock, NetworkLock, ContentLock and DeviceLock Search Server (DLSS), received at the beginning of 2015 the certificate of compliance of the State system of technical regulation of the Republic of Kazakhstan No. KZ.7500818.05.01.00080 dated November 24, 2014.

The certificate certifies that the DeviceLock 8 DLP Suite software is certified for compliance with the safety (quality) requirements established in CT PK GOST R ISO/IEC 15408-3-2006, and can be used to protect confidential information in automated systems with the first level of information security trust.

2014

DeviceLock Endpoint DLP Suite 8.0

Smart Line Inc announced in January 2014 the release of the first beta version of the DeviceLock Endpoint DLP Suite 8 software, designed to prevent insider data leaks and begin open beta testing. The most significant product functionality is enhanced by the new DeviceLock Discovery Server component. DeviceLock Discovery Server is a separately licensed server component of DeviceLock Content Security Server designed to scan user computers and storage systems computers located both inside and outside the corporate network to detect security policy violations. DeviceLock Discovery Server detects servers files and data stored on workstations that are treated as confidential, identifying different types of content according to rules predefined by the administrator. In addition, Web Access (OWA) based web mail service monitoring has been added to the capabilities of Microsoft Outlook the DLP system.

  • NetworkLock: Added Microsoft Outlook Web Access (OWA) based web mail service monitoring. Using the OWA Servers option in the Service Options settings, you can specify by enumerating the addresses (URLs) of certain servers that will be treated as OWA servers by the NetworkLock subsystem.
  • NetworkLock: In the Protocols White List rules, the Log Event and Send Alert parameters are now available for all supported network protocols and services.
  • NetworkLock: Improved overall system performance when processing HTTPS connections using a mask in the Network Protocol White List rules for SSL.
  • NetworkLock: Improved control of the Dropbox file exchange and synchronization network service.
  • DeviceLock: A new DeviceLock Discovery Server component has been added. DeviceLock Discovery Server is a separately licensed server component of DeviceLock Content Security Server designed to scan user computers and storage systems located both inside and outside the corporate network to detect security policy violations. DeviceLock Discovery Server detects files and data stored on workstations and servers that are treated as confidential, identifying different types of content according to rules predefined by the administrator.
  • DeviceLock: The "Log Event" and "Send Alert" flags set in the Network Protocol White List rules and content-dependent rules now take precedence over similar flags set in the network protocol and device audit and alarm settings.
  • DeviceLock: New feature: The Shadow Data Access option added to the Administrators DeviceLock list settings allows you to restrict access to shadow copy data only to users for whom this option is enabled. The new option applies to DeviceLock Service, DeviceLock Enterprise Server, and DeviceLock Service for Mac.
  • DeviceLock: A new type of administrative alert has been added: "Notify if Service is uninstalled," which is triggered by the agent removal event. DeviceLock
  • DeviceLock: Added new audit and shadow copy log reports: "Top printed documents," "Top active processes' and 'Top copied files by extension'.
  • DeviceLock: A new parameter 'Report TS Devices as regular devices' has been added to allow reports to treat redirected TS Devices as normal physical devices.
  • DeviceLock: Improvements have been made to the Service Settings Editor and Group Policy Editor console to allow an administrator to switch between Mac and Windows policy editing modes through the appropriate items in the context menus of the DeviceLock Settings node.
  • DeviceLock: General improvements have been made to the control, audit, and shadow copy functionality of Clipboard, Printer, and MTP device types to prevent potential conflicts in localized (non-English) versions of Windows.
  • DeviceLock: The DeviceLock Service Agent for Mac now fully supports the 'Log policy changes and Start/Stop events' parameter specified in the Service Options settings.

DeviceLock 8.0.56551 RC1

On June 6, 2014, Smart Line Inc, the world leader in the development of data leakage protection from computers, announced the release of the first release candidate version of the DeviceLock DLP Suite 8 software complex and the start of open beta testing.


List of adjustments and additions:

  • NetworkLock: Improved control of network file sharing and synchronization services OneDrive, Google Drive, Dropbox and Amazon S3.
  • NetworkLock: Improved control of Outlook Web Access (OWA), Hotmail, Gmail, GMX.de and web.de. mail services
  • NetworkLock: Cosmetic changes have been made to the logging of mail web services and network file exchange and synchronization services to exclude non-informative entries in audit logs.
  • NetworkLock: Support of network service of file exchange Narod.ru owing to closing of this service is turned off.
  • NetworkLock: Many general improvements in the control of the MAPI protocol and the Skype service.
  • NetworkLock: Improved FTP logging and shadow copy functionality.
  • ContentLock: Added the function of indexing metadata in Adobe Photoshop files.
  • ContentLock: Improved file and document support for XLS, DOC, XLSX, DOCX, PPTX, RTF, EML, RAR, MBOX, DBX and PST formats in content-dependent rules.
  • ContentLock: Fixed version 8.0 Beta 2 error causing the OCR analysis to fail to the operating system Windows in 2000.
  • DeviceLock: The "Show policy for Mac" and "Show policy for Windows" options are added in the Service Settings Editor and Group Policy Editor console. Using these options, an administrator can hide DeviceLock policy settings that are not supported on the Mac or Windows platforms for which the policy is currently being set.
  • DeviceLock: Add Remove ContentLock Policy and Remove NetworkLock Policy flags to the Service Settings Editor console. Using these flags, the administrator can create policy files (.dls) that completely remove all parameters related to the ContentLock or NetworkLock components that have been transferred to the DeviceLock agents in some way.
  • DeviceLock: New function: Log Only. This feature allows DeviceLock and Windows to continue working normally, even if the driver code is interfered with DeviceLock with Enable Unhook Protection enabled. In this case, instead of generating a fatal error event, only an entry in the audit log will be made to identify the interference.
  • DeviceLock: Significantly improved print performance for PDF files when shadow copy is enabled for Printer devices.
  • DeviceLock: Added a new type of audit log report: "Top printed documents."
  • DeviceLock: There is a memory leak in the print channel interception procedure, which occurred in some cases on terminal servers.
  • DeviceLock: Addressed issue where drives redirected to an RDP terminal session are unavailable when content-dependent rules are set for TS Devices.
  • DeviceLock: Fixed a rare problem that resulted in the inability to "safely remove" removable USB drives when content-dependent rules have completed checking content written to the device.
  • DeviceLock: Fixed a rare issue with version 8.0 of Beta2 that caused an error to appear in the DeviceLock Management Console when trying to view server logs at high load.
  • DeviceLock: Addressed issue where the source GPO cannot be viewed in the RSoP interface for some DeviceLock Agent Options.
  • DeviceLock: Addressed issue that caused the Copy files per channel shadow data report to fail if the total shadow copies for the selected interval exceeded 4 GB.
  • DeviceLock: Fixed a rare problem in the DeviceLock Enterprise Manager console that caused "The network path was not found. (53) "when scanning a remote computer with the" Report PnP Devices "plugin.
  • DeviceLock: Fixed a problem that caused the Report Protocols configuration in the Report Permissions/Auditing plugin of the DeviceLock Enterprise Manager console to function incorrectly.
  • DeviceLock: The problem resulting in impossibility of remote connection to DeviceLock Agent for Mac is fixed if on the Mac computer the service "Open Directory" was started.
  • DeviceLock Search Server: Improved support for synonymous text search. Added support for the Russian language, as well as updated English dictionary.
  • DeviceLock Search Server: Addressed issue where the sender name is not displayed in the document settings for shadow copies of files sent in Web mail services messages on the search page.
  • DeviceLock Search Server: The error leading to unforeseen completion of work of DeviceLock Search Server at indexation of some specific files is eliminated.
  • Discovery: Added a new action to fix "Encrypt" violations. The Discovery Agent will sequentially encrypt files using Encrypted File System capabilities when content-dependent rules are triggered.
  • Discovery: Added Discovery Log Viewer. This log contains various events specific to Discovery Server - such as start/stop events, database updates, task report generation events, etc.
  • Discovery: DeviceLock Discovery Agent now adds itself to the Windows Firewall exception list.
  • Discovery: The speed of the report generation task is significantly improved.
  • Discovery: Fixed a version 8.0 Beta 2 issue that prevents auto-completion of scan tasks in agent-free mode if the remote computer is unavailable or has incorrect credentials.
  • Discovery: Fixed the 8.0 Beta 2 issue of displaying incorrect "Scanned Objects" values when viewing a list of scanned computers when file containers were scanned during the task.
  • Discovery: Fixed a rarely seen 8.0 Beta2 error that caused scan tasks to stop unexpectedly.
  • DeviceLock: Many improvements have been made to the DeviceLock Management Console interface.
  • DeviceLock: The updated console interface DeviceLock WebConsole now contains all recent changes made to the DeviceLock Management Console.
  • DeviceLock: Addressed common compatibility issues with third-party software: VMware Workstation, Kaspersky Endpoint Security 10, McAfee VirusScan Enterprise and various McAfee products using the mfetdik.sys driver.

2013

DeviceLock 7.2 Endpoint DLP Suite 7.2

Smart Line Inc announced on May 27, 2013 the release of the product update DeviceLock 7.2 Endpoint DLP Suite, a software complex designed to prevent insider data leaks from user computers and servers of enterprise information systems.

The new version of the software product DeviceLock 7.2.48899 includes a significant number of improvements and fixes compared to the previous version 7.2.46662.

This version of the DeviceLock is much more convenient for Russian-speaking users - the program is completely Russified. Compared to the previous English version, 7.2.46662 added the ability to block TeamViewer and RDP connections, expanded content groups and added new ones. Many internal improvements have been made to the agent and server DeviceLock, a number of errors have been eliminated, and the capabilities of the NetworkLock module have been improved.


Smart Line Inc announced in early 2013 that the DeviceLock Endpoint DLP Suite version 7.2 was certified and can use the Windows 8 logo. After the official release of version 7.2, the DeviceLock complex can be installed on any computers and laptops running Windows 8 to protect against insider data breaches. that many companies are considering deploying Windows 8 in their IT infrastructure, we considered it necessary to make sure that DeviceLock continues to be an effective DLP tool in the new operating system, "said Hovhannisyan Ashot, technical director of DeviceLock.

Also program DeviceLock Endpoint DLP Suite complex successfully passed all necessary tests according to the tests developed by VMware and can be used for integration with Wednesday virtualizatsiiVMware View. Such an environment includes secure hosting for the BYOD (Use of Personal Devices for Business Purposes) model, which provides remote access to enterprise applications and data to employees using various mobile devices connected through VMware View's Mobile Secure Desktop application. DeviceLock provides control over data transferred between applications published on the virtualization server and devices redirected to remote workstations, including printers, USB drives, clipboard, and network protocols.

DeviceLock 7.2 enables information security services to respond to data breaches in a timely and timely manner through SMTP or SNMP alerts when critical events occur to peripherals, interfaces, and network protocols. This feature gives users the DeviceLock flexibility to control users by simply using the alarm capabilities built into the DeviceLock or by seamlessly integrating into the existing SIEM infrastructure and log management.

DeviceLock 7.2 allows to provide control of data transmission in such popular and unsafe network services as service of instant messages Skype™, social network Facebook, network file exchange services, and without the need for total blocking of these services, but with a possibility of selective volume of use according to requirements of business communications and business processes of the companies. In addition, DeviceLock 7.2 Endpoint DLP Suite offers IB services unprecedented data loss prevention capabilities with MAPI mail protocol, providing granular context control combined with content filtering methods for Microsoft Exchange mail communications for both mail messages and attachments - directly on workstations. The implementation of MAPI protocol control turns DeviceLock into a strategic component of information security for enterprises using or planning to use cloud solutions based on Exchange, when the mail server is controlled by a third party and cannot block unacceptable mail messages, if necessary due to business or regulatory requirements.

DeviceLock Endpoint DLP Suite 7.3

On September 25, 2013, Smart Line Inc announced the release of a new version of DeviceLock Endpoint DLP Suite 7.3.

The new version provides extensive device control capabilities on workstations running Apple OS X Lion and OS X Mountain Lion operating systems, which allows organization information security services of any scale to unify DLP policies as for Windows computers, and for Mac computers in the simplest and most convenient way - from the snap-in DeviceLock in the Group Policy Management Console for Microsoft Active Directory.


New in the complex

On November 18, 2013, Smart Line Inc announced a significant increase in the ability of the DeviceLock Endpoint DLP Suite to solve data loss prevention problems.


Control novelties

The new version of the complex controls the synchronization of data between workstations and smartphones connected to them using the popular Media Transfer Protocol (MTP) and other mobile devices.

The new feature helps users DeviceLock control, block, register, receive shadow copies and alarm alerts about the facts of unapproved data transfer from corporate computers to USB-connected mobile devices running Android and Windows Phone operating systems, due to the fact that the MTP protocol is the standard for file exchange via USB interface. Transmission attempts and shadow copies of the transmitted data are recorded, and real-time alarms can be sent to the security administrator to the enterprise SIEM system using standard SMTP and SNMP protocols.

"The uncontrolled synchronization of MTP data between enterprise computers and locally connected personal and Android Windows Phone employee devices was recently noted by our customers as a significant risk of data leakage," says Ashot Oganesyan the founder and technical director. DeviceLock "Adding the ability to monitor and control MTP communications on protected workstations in addition to the already implemented control of protocols, iTunes ActiveSync, WDMC and HotSync, we significantly increased the level of resistance to data leaks in the software complex, DeviceLock DLP which demonstrates the desire of our team to create the best DLP solution for organizations of any size and profile."

The new version of the product extends the scope of agent-controlled DeviceLock platforms with support for operating system Apple OS X 10.9 Mavericks. DeviceLock users using Mac computers can now safely upgrade their operating system to the latest solution from Apple without the risk of data loss from uncontrolled local ports and peripherals. The DeviceLock Agent for Macs provides the necessary level of device control in the simplest, most versatile and scalable way - through domain group policies. Microsoft Active Directory

2012

Certification of the FSTEC of Russia

The DeviceLock 7.1 Endpoint DLP Suite, which includes the components DeviceLock, NetworkLock, ContentLock and DeviceLock Search Server (DLSS), received in early 2012 the FSTEC of Russia compliance certificate No. 2611 of 05.04.2011. This certificate certifies that the DeviceLock 7.1 software complex is certified for compliance with the requirements of the following FSTEC (State Technical Commission) of Russia technologies: "Security . Criteria for assessing the security of information technologies "- according to DBM2 and" Protection against unauthorized access to information. Part 1. Information security software. Classification by level of control of absence of undeclared capabilities "- by 4 level of control.

DeviceLock 7.1 Endpoint DLP Suite is a DLP-class software package running Windows operating systems designed to protect and administer local and network computers by preventing uncontrolled user actions when communicating through computer ports, removable media devices, network protocols, and communication applications.

The certified version of DeviceLock 7.1 Endpoint DLP Suite can be used to protect confidential information in automated systems up to and including 1D security class and personal data in information systems up to and including 1st class.

Citrix Ready Certificate

Smart Line Inc announced in the fall of 2012 that the DeviceLock Endpoint DLP Suite has successfully passed all the necessary tests according to tests developed by Citrix and can be used to integrate with the Citrix XenApp environment. Such an environment includes secure hosting for the BYOD (Use of Personal Devices for Business Purposes) model, which provides remote access to enterprise applications and data to employees using various mobile devices connected through the Citrix Receiver mobile application . DeviceLock provides control over data transferred between applications published on the virtualization server and devices redirected to remote workstations, including printers, USB drives, clipboard, and network protocols.

DeviceLock Endpoint DLP Suite 7.1

The DeviceLock 7.2 Endpoint DLP Suite provides comprehensive control over Skype communications from enterprise computers. DeviceLock allows you to selectively allow or block chats and file transfers to Skype, allow or prohibit voice and video conversations between Skype users based on the identifiers of the conversation participants. The content of data transmitted through Skype is analyzed in real time, if a policy violation is detected, the transmission of an outgoing instant message or file will be blocked, and an alarm message (alert) will be sent to the DeviceLock administrator by email or SNMP. Shadow copies of transmitted and received messages and files are stored in a centralized database for subsequent forensic analysis.

DeviceLock Endpoint DLP Suite 7.2

The DeviceLock 7.2 suite provides the broadest capabilities for content filtering and preventing data leaks from enterprise computers - be they laptops, workstations, servers, and even virtual workstations. The DeviceLock Endpoint DLP Suite includes three software components - DeviceLock, NetworkLock, and ContentLock - that jointly protect against data breaches from organizations of all sizes for the widest range of threats. These include threat vectors such as:

  • Transfer of corporate data through connected to work computers, smartphones iPhone, and others, Android BlackBerry players iPod and tablets, iPad digital cameras, CD/DVD ROM media, disks with an interface, USB SD media, Compact Flash and other types of removable drives;
  • Transfer of enterprise data to cloud storage (File Sharing Services), such as Dropbox, Google Drive, SkyDrive, RapidShare, Yandex.Disk and iFolder.ru
  • Leakage of corporate information from workstations through social networks, Skype and other messengers, mail web services, e-mail and document printing channel;
  • Data leakage from workstations via FTP/FTPS network protocols, HTTP/HTTPS and others.

2011

DeviceLock Endpoint DLP Suite 7.0

Smart Line Inc, a developer of data breaches from computers, announced in March 2011 the launch of sales of its version of DeviceLock 7.0 Endpoint DLP Suite, a software complex designed to prevent insider data breaches from user computers and servers of corporate information systems.

In addition to the mechanisms for controlling access to peripheral devices and local interfaces implemented in the basic module - DeviceLock 7.0, the complex is supplemented with two fundamentally new functional components: NetworkLock and ContentLock. NetworkLock allows you to control user communications through popular network applications, including email and webmail, instant messengers, as well as social networks Twitter, Facebook, LiveJournal, MySpace, etc. In turn, ContentLock provides filtering of data content when it is copied to removable media and when it is transmitted over network I/O channels. Aggregate functionality, combined with optional module licensing, allows Smart Line to offer Russian organizations an optimal price-quality solution to protect against data leaks from computers of corporate information systems, the company said.


According to the developers, efficient parsing and content analysis technologies ContentLock ensure the extraction and filtering of text content of more than 80 file formats and other types of data when they are copied to removable media and transmitted through other computer I/O channels. Using deep batch analysis methods, the NetworkLock module allows you to detect and monitor network protocols and communication applications regardless of the ports they use, reconstruct messages and sessions with the allocation of transmitted data and files for their operational analysis, performs centralized shadow copying and event logging.

In addition, DeviceLock 7.0 Endpoint DLP Suite integrates with MicrosoftWindows To Go removable media encryption built into OS BitLocker 7. As a result, users are able to use the standard Windows 7 tool at no additional cost to protect data when it is stored on removable memory devices, access to which is controlled by the DeviceLock.

The application of DeviceLock content filtering technologies to the shadow data copy function fundamentally increases its efficiency and scalability for all I/O channels, including removable media and plug-n-play memory devices, network communications, data synchronization with locally connected smartphones, data exchange through the clipboard, as well as the document printing channel, noted in Smart Line Inc. DeviceLock 7.0 users can set rules for filtering the content of data copied to the shadow, thus saving only parts of them in the logs that are informative for the tasks of information security audit, emergency investigations and their forensic analysis. At the same time, the requirements for the capacity of shadow copy storage and the throughput of communication channels when transferring them to the central base of logs are reduced by orders of magnitude, DeviceLock the company emphasized.

According to Smart Line Inc., the fundamental principles of DeviceLock 7.0 development were ensuring high scalability of the solution, flexibility of its management, ease of installation and operation. Configure content filtering policies and monitor computer network communications from the Windows MMC GUI. When you use the DeviceLock Group Policy Manager Console, a dedicated MMC plug-in for Windows Group Policy Object Editor, all the functions for installing, managing, and maintaining executive agents DeviceLock are centralized through Windows Group Policies in the Active Directory domain.

Components of the DeviceLock 7.0 Endpoint DLP Suite complex are licensed according to the functional-modular principle. The basic module for controlling access to peripheral devices and interfaces of DeviceLock 7.0 computers can be used independently. Optionally, licensed components ContentLock and NetworkLock can be purchased in addition to DeviceLock 7.0, but independently of each other, which will provide users with a gradual and cost-effective expansion of the functionality of their DLP solutions in accordance with real needs. Since the installation package DeviceLock 7.0 includes all components of the complex, activating optional licenses will not require reinstalling any parts of it, noted in Smart Line Inc.

DeviceLock Endpoint DLP Suite 7.1

In September 2011, Smart Line Inc announced the release of a new version of DeviceLock 7.1 Endpoint DLP Suite, a software complex designed to prevent insider data leaks from user computers and servers of enterprise information systems.

What is new in DeviceLock 7.1.33781 compared to version 7.1.32972:

  • NetworkLock: Added support for the Rambler Mail mail web service
  • NetworkLock: Improved support for Gmail, Yahoo! Mail, Mail.ru, Gmx.de and Web.de mail services
  • NetworkLock: Improved support for social networks VKontakte, Classmates, MySpace, XING, Twitter, Facebook and StudiVZ
  • NetworkLock: Improved support for the Opera browser. Warning message no longer displayed when connecting to HTTPS resources
  • NetworkLock: Added SOCKS4 and SOCKS5 proxy support for normal and SSL connections
  • NetworkLock: Improved FTP/FTPS support for HTTP proxy connections
  • NetworkLock: Improved support for instant messaging services Agent Mail.ru and QIP 2012
  • NetworkLock: Improved HTTPS file transfer
  • NetworkLock: Improved shadow data copying for files larger than 500 MB
  • ContentLock: Added new content groups: 'Cellular Operator Call Log' and 'Internet Slang Abbreviations'
  • ContentLock: Expanded content group 'Financial Statements'
  • ContentLock: Now, when applying content-dependent rules to PDF files containing attachments, all attachments are extracted from the PDF file and analyzed as self-contained files
  • ContentLock: Improved content analysis mechanism for MS Word and MS Excel documents. Now the fields' Content status', 'Content type', 'Company' and 'Manager' are extracted and analyzed from the document
  • ContentLock: Fixed memory leak in agent DeviceLock when processing content-dependent rules for PDF files
  • ContentLock: Fixed an error that caused the service to crash DeviceLock when applying content-dependent rules for some MS Visio documents
  • ContentLock: Resolved an error that caused the SMTP protocol to be unable to process enable content-dependent rules
  • DeviceLock: Added integration with Sophos SafeGuard Easy drive encryption. DeviceLock Defines encrypted Sophos SafeGuard Easy drives (USB flash and other removable media) and applies special "encryption policies" to them. Using such policies, it is possible, for example, to allow the write of only encrypted data to removable devices and to prevent the write of unencrypted data
  • DeviceLock: Added printer 'pdfFactory Pro' to the list of supported virtual printers
  • DeviceLock: Resolved an error in DeviceLock Enterprise Manager that prevented remote DeviceLock agents running on computers running Windows Vista/7 from being scanned
  • DeviceLock: Resolved an error in the DeviceLock service that prevented the search server from indexing shadow copy files that the user sent to Floppy disks
  • DeviceLock: Fixed an error in DeviceLock Enterprise Manager that prevented the onboard viewer from opening files stored in the shadow log
  • Many internal improvements have been made to the agent DeviceLock
  • Multiple user interface enhancements.

Components of the DeviceLock Endpoint DLP Suite complex are licensed according to the functional-modular principle. The basic module for controlling access to peripheral devices and computer interfaces can DeviceLock be used independently. Optionally, licensed components ContentLock and NetworkLock can be purchased in addition to DeviceLock, but independently of each other, which will provide users with a gradual and cost-effective expansion of the functionality of their DLP solutions in accordance with real needs. Since the installation package DeviceLock includes all components of the complex, the activation of optional licenses does not require reinstalling any parts of it.

FSTEC Certificate of Russia

Altex-Soft announced the receipt of FSTEC Certificate of Russia No. 2611 of 05.04.2011 for the software complex DeviceLock 7.1.

DeviceLock 7.1 is certified for compliance with the requirements of the following guidelines of the FSTEC (State Technical Commission) of Russia: "Security of information technologies. Criteria for assessing the security of information technologies "- according to DBM2 and" Protection against unauthorized access to information. Part 1. Information security software. Classification by level of control of absence of undeclared capabilities "- by 4 level of control.

DeviceLock 7.1 is a software package running Windows operating systems designed to protect and administer local and network computers by preventing uncontrolled actions by users when exchanging information through computer ports, removable media devices, network protocols and communication applications.

The certified version of DeviceLock 7.1 can be used to protect confidential information in automated systems up to and including 1D security class and personal data in information systems up to and including the 1st class, Altex-Soft said.

DeviceLock Endpoint DLP Suite Migration Program

Using the program, users of a number of products for controlling access to peripheral devices and local ports of computers (device/port control) as well as data leakage protection based on content-aware endpoint DLP will be able to switch to the use of a technically advanced and commercially profitable DeviceLock 7 software complex on free or preferential terms. According to the terms of the program, the transition is possible from the most recent version of a legally used version of a competitive product included in the qualification list, or from any version of a qualified product if the user has a valid contract for its support and maintenance.

"Depending on the version and support status of the competitive product, members of the program will be able to obtain a license for the basic module DeviceLock 7, implementing mechanisms for controlling access to peripheral devices and local interfaces of protected computers; including integration with removable disk encryption built into Windows 7 BitLocker To Go ® with a 70% discount, "explained Hovhannisyan Ashot, founder and technical director of Smart Line Inc. Secondly, qualified participants of their choice are provided with a free license for one of two fundamentally new functional components of the DeviceLock Endpoint DLP Suite: a module for monitoring and filtering content ContentLock or a module for monitoring network communications NetworkLock™. At the same time, they will also be able to purchase the second component with a 70% discount, eventually receiving a full-featured complex DeviceLock 7 on exclusively preferential terms. Of course, free technical support, including version upgrades, will be provided for all newly used DeviceLock Endpoint DLP Suite components for the duration of the contract to support the competitive product from which the organization switched to DeviceLock. Finally, it will be possible to switch to DeviceLock 7 with a large discount for those with a contract to support a competitive product - within a month of its termination. "

The Bakotek Group of Companies, an exclusive distributor of DeviceLock in Ukraine, announced in November 2011 that the DeviceLock 7 DLP Suite software complex received an expert opinion from the State Service for Special Communications and Information Protection of Ukraine. Thus, DeviceLock was actually the first full-fledged DLP system that passed the State Examination of the GSSSZI in Ukraine, the company noted.

"The need for solutions to protect against data leakage in the public sector is constantly growing, especially after the entry into force of the Law" On Protection of Personal Data. " At the same time, state organizations cannot use the means of information protection without the corresponding conclusion of the GSSSI. The expert opinion of the DeviceLock for the first time makes it possible for Ukrainian state organizations to use a full-fledged DLP solution to protect data from leakage, "commented Badah Evgeny, director of the Bakotek group of companies.

The conclusion of the GSSSI is a confirmation by experts in the field of communication and information protection declared by the manufacturer of the software product functionality. The implemented services meet the requirements of the document ND TZI 2.5-004-99 "Criteria for assessing the security of information in computer systems against unauthorized access" and provide the level of guarantees G-2.

2010

Beta DeviceLock 7.0

In July 2010, Smart Line Inc announced a beta version of DeviceLock 7.0, which will provide organizations with the ability to monitor data transfer with filtering of their content on all I/O channels of corporate computers, including network communications.

In addition to the DeviceLock access control mechanisms for peripheral devices and local interfaces supported in previous versions, two fundamentally new functional components are implemented in version 7.0: ContentLock - the content monitoring and filtering module and NetworkLock - the network communication control module.

According to the developers, the main advantage of DeviceLock 7.0 is that it allows you to implement full protection against data leaks economically and rationally, gradually increasing the functions of content analysis from their sufficient level to more complex capabilities, while significantly reducing the time and labor costs of configuring and maintaining the DLP solution.

Content analysis technologies ContentLock extract and filter the text content of data when it is copied to removable media, as well as transmitted through other I/O channels of computers. The functions of the NetworkLock module include the detection and monitoring of network protocols and applications regardless of the ports they use, the reconstruction of messages and sessions with the allocation of transmitted data and files for their operational analysis, event logging and shadow copying of data.

Sharing ContentLock and NetworkLock allows DeviceLock 7.0 to control sessions and filter information content of the most popular network applications and protocols, including e-mail and attachments, web access, webmail services and social networks, Instant Messaging, file exchange over FTP and FTP-SSL protocols.

In addition, DeviceLock 7.0 integrates with BitLocker To Go removable media encryption built into Windows 7. Thus, users are able to use the standard Windows 7 tool without additional costs to reliably protect data when it is stored on removable memory devices, access to which is controlled by DeviceLock. The application of DeviceLock content filtering technologies to the shadow data copy function increases its efficiency and scalability for all I/O channels, including removable media, network communications, data synchronization with mobile devices, and document printing channel. Users of DeviceLock 7.0 are given the opportunity to set filtering rules for data copied to the shadow by its content, storing in the shadow copy database only those documents that are important for the tasks of information security audit, emergency investigations and their forensic analysis.

The quality of the product is DeviceLock indicated by the fact that the product received an expert opinion in the Republic of Belarus and is used in the Minsk Central Customs Department. DeviceLock will allow the Minsk Central Customs Department to organize reliable control of access to devices for receiving, transmitting or processing data. In addition, VTB Bank has 24 DeviceLock installed on more than 5,000 computers, and in 2009 the bank extended technical support for DeviceLock for the next year. Smart Line Inc also announces that the largest postal hub in Russia - the Main Center for Trunk Mail Transportation - a branch of FSUE Russian Post controls employees' access to external drives and devices using DeviceLock. The product DeviceLock also selected by Lenta, one of the largest store chains in Russia, to provide reliable protection against information leaks.

Notes