Advanced Endpoint Security Data Connectors-Charlotte January 2016 BUFFERZONE Advanced Endpoint Security Data Connectors-Charlotte January 2016 Company Confidential

Users Endpoints Are the Biggest Attack Surface Breaches increased 48% in 2014 (PWC) Threats are more sophisticated Most start at the endpoint The biggest attack surface And the hardest to control Users take risks Browsing the web, opening email attachments, connecting to public WiFi And they just want to work – security is not their top concern

More Protection with Higher Productivity We need to protect users from advanced threats And $1 of prevention is worth $1,000,000 of detection But security should not lower productivity Restrict employee access to information Get in their way with alarms and blocks Weigh IT down with investigation and reimaging Gartner: Prevention is more cost-effective than detection But how do we make it work?

Today’s endpoint protection Most companies have only AV and other signature based protection Application Control/Whitelisting Detection based protection- Behavior based Policy – no access to external storage, no internet browsing

Detection Is Never 100% Accurate Threats are constantly changing IT is overwhelmed by non-stop alarms, investigation and remediation User productivity is constantly interrupted Gartner: Prevention is more cost-effective than detection But how do we make it work?

BUFFERZONE Advanced Endpoint Security You can’t detect all threats. But you can contain them with BUFFERZONE. Isolates browsers, email, removable media, Skype and more Increases user productivity with unrestricted internet access Protects against drive-bys, zero-days, advanced malware…w/o updates Reduces alarms, enables users to work while IT investigates Provides valuable data for incident investigation and forensics

Safe Browsing BUFFERZONE enables employees to browse the net safely When the user browses to an untrusted location, the browser opens in the container (red) Anything that is downloaded (intentionally or not) is stuck inside the container IT can define trusted sites – e.g. SharePoint They are automatically opened in a different window, outside the container

Safe Removable Media Open any external media safely inside a container USB memory, mobile phones, cameras… Any file is opened inside a container Users can view, edit and even save files back to the removable media without risk Blocks auto-runs

Safe Email Attachments Attachments are opened in a dedicated container separate from one used for web browsing Provides protection from all types of malware, including phishing attempts and targeted attacks It is “locked-down” to prevent any exfiltration of data Employees can securely open attachments that contain personally identifiable information (PII) or other sensitive data, without risk of data leakage

How it Works

Dimensions of Isolation

Demo How it works animation User experience demo LANDESK management demo

BUFFERZONE in the Enterprise

Using the Bridge to Extract Files Users should view and save most files in the container Optimal from the security perspective If the user accidentally downloads malware it will be trapped inside the container and cannot infect the rest of the organization The BUFFERZONE Bridge is used to: Extract files from the container – e.g., to share them with another person or upload to an application Move files between the internet and email containers

Three Bridge Options Basic bridge Extracts files from the container Part of the standard product Secure Bridge Extracts files and then processes them to disarm and disable potentially malicious content Optional addition Compliant Bridge Extracts files and scans them with up to 3 antivirus engines to provide compliance with regulatory standards

Secure Bridge – How it Works Downloaded files are automatically sent to the bridge server Disarms malicious content in seconds Makes invisible microchanges to file structure and metadata that destroy exploits Extracts text, formatting and safe components Supports Microsoft® Office, RTF, PDF, images, archives Optional – multiple AV scanners

Endpoint Intelligence Organizations need better endpoint data to: Determine if an alarm indicates a real breach Identify attacks that have spread across the organization BUFFERZONE collects over 40 types of events: Registry alterations, file system activity, network activity and more Shares directly with SIEM and other analytics platforms

Click a logo for more info Management Certified integration with LANDESK and McAfee Install, update, manage policy and more Can also be managed through Microsoft GPO On-premise BUFFERZONE management server for smaller installations Setup wizard for small installations Easy to manage for thousands of endpoints Click a logo for more info

The BUFFERZONE Advantage Isolates all types of threats Configurable bridge Valuable intelligence Protects off-network devices Protection from advanced threats Easy to manage, no updates required Reduces false positives Complements existing security products Lower Total Cost of Ownership (TCO) Unrestricted access to the internet Access to removable media Continue working while alerts are verified Transparent User Experience

Thank You www.bufferzonesecurity.com