Presentation is loading. Please wait.

Presentation is loading. Please wait.

GlobalCerts & SurfControl Only a layered approach can provide total risk management.

Published byHunter Chatt Modified over 9 years ago

Similar presentations

Presentation on theme: "GlobalCerts & SurfControl Only a layered approach can provide total risk management."— Presentation transcript:

1 GlobalCerts & SurfControl Only a layered approach can provide total risk management.

2 Who is GlobalCerts? Founded as Tovaris in Fall 1999 by team of information security and electronic mail experts Changed name to GlobalCerts in 2004 to better illustrate our corporate strategy Brought first S/MIME-compliant secure messaging gateway appliance to market in Fall 2000 Headquarters in Bedford, NH, and offices in Charlottesville, VA, Washington DC, Boston, MA, and Dublin, Ireland Privately held company with customers in the healthcare, insurance, banking, investment, government, legal and corporate spaces in U.S., Canada, and Europe

3 Turn-Key, ALL INCLUSIVE Secure Email & Secure Messaging Platform S/MIME Secure Messaging Automatic certificate lookup and harvesting Automatic encryption and decryption Digital signatures SecureMessenger SecureMail Gateway universal secure messaging feature Enables secure email to any recipient, requiring only: Standard web browser Email address SecureTier Scalable backbone network Connects SecureMail Gateway appliances Management and distribution of standard X.509 certificates (public keys) Automatic certificate lookup on every message S/MIMECompliant UniversalSecureDelivery GlobalCertificateNetwork

4 The Benefits & Advantages for Compliance with the GlobalCerts are Clear Turn-key email security with little to no user overhead No client software to load on each individual workstation Automatic encryption and decryption Send secure email to any recipient Little to no management burden Automated cert management - find and retrieve recipient certificates by default (automatically), on every message sent Integrate secure email with anti-virus, content scanning, etc. Link remote email locations quickly – within a couple of hours Ensures privacy with strong encryption, ensures confidentiality with symmetric key exchange, ensures integrity with a hash function and ensures non-repudiation with symmetric key exchange.

5 Who is SurfControl? Leading provider of enterprise threat protection Shields enterprises from known and emerging Internet dangers through Layered Threat Protection Redefined traditional “filtering” into a unified set of web, email and messaging security solutions Continuously filter inbound and outbound Internet traffic to eliminate spam, spyware, phishing, web and email abuse More than 20,000 customers worldwide

6 The Risk 80% of breaches originate within an organization and are carried out by an insider. Some may be malign, but more commonly they are ‘user error’ –hitting send by mistake. Information leakage is ranked right after spam as a major content issue facing corporations today. Today, enterprises need to protect not only external threats, but emerging internal threats regulating the need to control outbound content Information taken from research done by IDC.

7 What am I protected against? Violations of regulatory compliance –HIPAA –GLBA –Sarbox (See additional slides for full description of each) Violations of corporate email policy & best practices Loss/leakage of intellectual property Loss/leakage of confidential or customer information Inappropriate content

8 Regulatory Compliance Healthcare – HIPAA All Protected Health Information (PHI) must be secured to ensure privacy and confidentiality when electronically stored, maintained or transmitted. Email containing PHI sent across the Internet unencrypted puts a healthcare organization in jeopardy of public scrutiny, stiff fines, and in gross negligence cases can even include imprisonment.

9 Regulatory Compliance Financial – GLBA Under the Gramm-Leach-Bliley Act financial institutions must provide customers with a notice of privacy policies and must not disclose nonpublic personal information about consumers. GLB requires that the SEC establishes standards for protecting customer information. (Section 248.30) Any perceived threat or hazard to the security or integrity of customer records and information must be protected. This includes customer information in both storage and via email.

10 Regulatory Compliance Enterprises-Sarbanes-Oxley Act (Sarbox) Sarbox was created to restore investor confidence in US public markets, which was damaged by business scandals and lapses in corporate governance. Under Sarbox good corporate governance and ethical business practices are no longer optional niceties. Email is a key corporate infrastructure that, per sections 302 and 404 need to be further controlled. When email leaves an organization it is in clear text and there is no way to “control” the integrity of the information in that message.

11 The Joint Solution The joint solution from SurfControl & GlobalCerts provides seamless content-forced encryption, allowing for tighter enterprise-wide content protection and compliance enforcement. Users don’t do anything differently to send/receive email Administrators don’t manage complex systems Recipients don’t change the way they receive secure messages Sensitive information stays confidential, protected and compliant

12 Joint Solution Architecture

13 Who is using our Joint Solution? –Iowa Health System: 10,000+ users (Case Study Available) –Compass Bank: 800+ users –Holmes Murphy: 500+ users –Blue Ball National Bank: 500+ users –Lincare: 1000+ users –Harris County Hospital 4,000+ users

Download ppt "GlobalCerts & SurfControl Only a layered approach can provide total risk management."

Similar presentations

Symantec & IMlogic January 2006. 2© 2006 Symantec - CONFIDENTIAL Contents Intro Vision Key Benefits Product Strategy Business Strategy Roadmap.

Symantec & IMlogic January © 2006 Symantec - CONFIDENTIAL Contents Intro Vision Key Benefits Product Strategy Business Strategy Roadmap.
Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.

HIPAA Security Presentation to The American Hospital Association Dianne Faup Office of HIPAA Standards November 5, 2003.
Security Controls and Systems in E-Commerce

Security Controls and Systems in E-Commerce
IT Security Policy Framework

IT Security Policy Framework
1 Proofpoint, Inc. Proprietary and Confidential ©2010 Proofpoint Protection/Privacy Offering Proofpoint Privacy Accurately detect ePHI in e-mails Integrated.

1 Proofpoint, Inc. Proprietary and Confidential ©2010 Proofpoint Protection/Privacy Offering Proofpoint Privacy Accurately detect ePHI in s Integrated.
1 Effective, secure and reliable hosted email security and continuity solution.

1 Effective, secure and reliable hosted security and continuity solution.
The World Internet Security Company ID Management in e-Health February 2007.

The World Internet Security Company ID Management in e-Health February 2007.
Meganet Corporation VME Office 2004. Meganet Corporation Meganet Corporation is a leading worldwide provider of data security to Governments, Military,

Meganet Corporation VME Office Meganet Corporation Meganet Corporation is a leading worldwide provider of data security to Governments, Military,
IAPP 2004. 2 CONFIDENTIAL Insider Leakage Threatens Privacy.

IAPP CONFIDENTIAL Insider Leakage Threatens Privacy.
Www.cleo.com Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.

Steve Jordan Director. Industry Solutions 05/05/14 Managing Chaos: Data Movement in 2014.
Confidentiality and Privacy Controls

Confidentiality and Privacy Controls
Presented by: Dan Landsberg August 12, 2011. Agenda  What is Social Media?  Social Media’s Professional Side  Benefits of Social Media  Regulatory.

Presented by: Dan Landsberg August 12, Agenda  What is Social Media?  Social Media’s Professional Side  Benefits of Social Media  Regulatory.
2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)

2 An Overview of Telecommunications and Networks Telecommunications: the _________ transmission of signals for communications (home net) (home net)
Lisa Farmer, Cedo Vicente, Eric Ahlm

Lisa Farmer, Cedo Vicente, Eric Ahlm
Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.

Client/Server Computing Model of computing in which very powerful personal computers (clients) are connected in a network with one or more server computers.
Chapter 12 Network Security.

Chapter 12 Network Security.
Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.

Sophos / Utimaco Data Loss Prevention Peter Szendröi, SOPHOS Nordics Jan 20, 2010.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.
8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

8.1 © 2007 by Prentice Hall 8 Chapter Securing Information Systems.

Similar presentations

Ads by Google