Products Solutions Customers News Services Resources Company  
Recognition
Webcasts & Podcasts
Press Releases
In The News
About Orchestria
Solutions Overview
Products Overview
Partners
Orchestria 6 Brochure

Endpoint Control Brochure

A Data Loss Prevention Solution Requirements Roadmap Whitepaper

Information Protection Comes to Compliance Whitepaper
News & Events | Press Releases

Orchestria Forecasts Shift to Information-Centric Security

Focus efforts on protecting data itself, not infrastructure, says industry pundit
New York, NY - April 03, 2008

Orchestria, the leader in Information Protection and Control software, has identified a significant trend missed by security providers that publicized 2008 industry predictions at the beginning of the year. According to Orchestria, corporate security officers are increasingly shifting focus away from infrastructure-based security to concentrate on safeguarding information itself, no matter how, by whom, or where it’s being used.

“Information is essential to a thriving enterprise, the basis of all business, and one of your most important assets. Companies require the safe and efficient exchange of mission-critical information to and from literally any location,” observes Gijo Mathew, Orchestria VP of Solutions. “Protecting the infrastructure and guarding structured information stored in databases is only a preliminary step toward information-centric security. More critical is safeguarding sensitive unstructured data in documents or messages that are then sent by instant messaging, e-mail, posted on the web, or otherwise manipulated and exchanged.”

Complete information protection and control – knowing where content is located, identifying its risk level, and applying appropriate actions to manage it – goes beyond simply monitoring and reporting violations. Enterprises need to actively prevent data from being misused. Mathew identifies three attributes of information-centric data loss prevention (DLP):

Business cooperation: A true information-centric DLP approach requires open dialogue with and buy-in from the business. It is impossible for IT security or IT operations to unilaterally determine the value and risk of every piece of data in the organization. Information protection and control decisions need to emerge from tight collaboration between IT and the business. Ultimately, the business is the owner of the information with IT playing the critical role of security advisor and enforcer. That’s why businesses should also participate in the management and remediation of incidents.

Precision in detection of breaches: An effective DLP solution must classify data to recognize and differentiate among the gray areas in a company’s proprietary information. This requires analyzing data across several dimensions, including business context, the identity and hierarchy of the author, sender, and recipient, and the content-around-content of a message or document.

Application of appropriate policies: Even companies in the same industry have diverse policy needs, so users need to have extremely flexible, detailed actions that can be refined to understand the intent of use and respond appropriately to specific risks.

Mathew points out the shortcomings of traditional infrastructure security solutions, which can’t be counted on to keep companies in compliance with regulations governing the protection of data. “Last year’s T.J. Maxx data loss event saw a massive amount of personal customer information leaked, which violated PCI requirements. Instead of waiting for a breach to happen and reacting after the fact, an optimal data loss prevention solution should also be able to proactively prevent the misuse of information.”

Mathew concludes, “As companies make the subtle shift to protecting the use of information in the enterprise, data loss prevention solutions will become even more important. By focusing on protecting data, rather than just the infrastructure that guards it, organizations will be able to control the use of their information, generate more business, reduce costs, and meet or exceed regulatory requirements.”

About Orchestria
Orchestria is the proven leader in Information Protection and Control software – designed to substantially mitigate the risks of uncontrolled electronic actions such as message, Web and file activity. The company’s Intelligent Control Layer provides the key underlying capability to effectively automate four converging and ultimately overlapping corporate functions, including Data Loss Prevention, Compliance, Legal, and Information Classification.

Orchestria’s technology ensures that employees who intend to do damage are stopped, while empowering employees who inadvertently breach policy to correct their actions before they do harm.

Deployed across more than 250 companies in 33 countries worldwide, Orchestria intelligently analyzes and actively controls more than 80 million electronic actions every day. The company has 40 patents granted or pending in the field of Electronic Control. For more information, visit www.orchestria.com.

For more information:
Ann Dalrymple
Topaz Partners
+1 781 404 2432
adalrymple@topazpartners.com

Trevor Chamberlain
Orchestria
+1 212-364-5313
trevor.chamberlain@orchestria.com
Resources  |  Contact Us  |  Customer Support Copyright © 2008 Orchestria Corporation
Legal Disclaimer  |   Terms of Use  |   Privacy Policy
Orchestria.com: Communications policy control including control instant messenger, hipaa solutions, sarbanes oxley and basel 2 e-mail compliance.

Communications Policy Control | Orchestria.com | E-mail Communications Control