Compliant with Client Data Protection Requirements in 90 Days

Download PDF Version

About The Customer

A multinational company providing engineering, IT and staffing services to clients in a range of industries faced a demanding challenge; with a small security staff, they had to quickly develop, adopt, and rollout a new approach to data protection for an aerospace client – in less than six months.

The Business Challenge

The aerospace client had worldwide operations and was a major supplier to the U.S. Department of Defense. It shared sensitive information in multiple formats with its supply chain. As a defense contractor, some, but not all the data they used was subject to ITAR/EAR requirements. Under ITAR, specific design components and data may not be shared with non-US citizens, even if they are active in the manufacturing of components.

The client’s requirements addressed multiple attack vectors, and consequently the potential for multiple solutions. This included Data Loss Prevention (DLP), network access control, removable media management, and Digital Rights Management (DRM). The company’s IT resources were fully utilized with existing operations. Sourcing, evaluating, and implementing multiple point solutions in the required timeframe was too big a task for the security team, and the risk of failure, and noncompliance, was substantial.

Critical Success Factors

  • Comply with ITAR/EAR requirements
  • Secure sensitive, regulated data without adding IT and security overhead
  • Support multiple use cases and attack scenarios
  • Meet the aggressive timeframe for adoption and rollout

The Solution

Fortra™’s Digital Guardian® worked with the firm to determine the best way to address the client security requirements and meet the tight deployment deadline with as little disruption to employee workflow as possible. Digital Guardian’s data aware solution – that protects the data directly while enforcing appropriate use – provided a single solution for all their data protection needs. Data loss prevention, network access control, removable media management, and ITAR-compliant features can all be managed with the Digital Guardian platform. Due to the aggressive deadline and limited internal resources, the firm chose Digital Guardian’s Managed Security Program (MSP). The MSP offering enabled the firm to focus on existing operations and rely on DG security experts to manage and monitor all threats to their data, from either inside or outside the organization. Because Digital Guardian classifications persist as data is used, ITAR-regulated information could be masked or displayed based on each individual user. The client’s requirements were unexpected, and therefore unbudgeted, but the decision to go with the MSP offering eliminated the need to adjust their capital budget. No new servers, capitalized software, or added IT personnel were required.

Technology dashboard

The Results

  • Fully operational within 90 days
  • A single, managed solution for all data protection needs
  • No additional IT or security overhead
  • No additional capital expenditures
  • Fully compliant with ITAR/EAR requirements

 

INDUSTRY

  • Technology

ENVIRONMENT

  • 110 endpoints protected
  • Microsoft Windows
  • Protect regulated and unregulated client data

CHALLENGE

  • Extremely short timeframe for deployment and rollout
  • Contracts dependant upon meeting client requirements
  • Scarce internal security and IT operations resources
  • Bundle DLP, network access control, removable media management, and DRM
  • Federal ITAR/EAR requirements

RESULTS

  • Fully operational within 90 days
  • A single, managed solution for all data protection needs
  • No additional IT or security overhead
  • No additional capital expenditures
  • Fully compliant with ITAR/EAR requirements

Data Types We Protect

Social Networks
SOCIAL NETWORKS
  • Login Credentials
  • Personal Information such as Pictures, Profile Data
internet-advanced-technology
INTERNET & ADVANCED TECHNOLOGY
  • R&D Data
  • Customer Contracts
  • Source Code
  • Patents
saas
SAAS
  • Personally Identifiable Information (PII)
  • Source Code
  • Login Credentials
  • Business Processes
TELECOMMUNICATION
TELECOMMUNICATION
  • Personally Identifiable Information (PII)
  • Privacy Data
  • R&D Data
  • Network Design
  • Patents

About Digital Guardian

INSTALLED BASED

  • Over 600 customers from across the globe
  • Industries served: Business services, education, energy, financial services, government, healthcare, manufacturing, retail, technology
  • Used by 7 of the top 10 patent holders

DISCOVERY AND CLASSIFICATION

  • Endpoint, network, cloud and local data storage
  • Content, context, and user classification
  • Fully automated to fully manual classification
  • Over 300 data types, over 90 languages

EDUCATE AND ENFORCE

  • Monitor log, prompt, justification request
  • Auto-encrypt, quarantine, move, block

ACTIONABLE ANALYTICS

  • System, user, and data level event visibility
  • Analytics that filter out the noise
  • Drag and drop incident management
  • Right click remediation in real time

OPERATION SYSTEM SUPPORT

  • Full visibility, analytics and controls across multiple operating systems
  • Mac
  • Windows
  • Linux

DEPLOYMENT

  • Managed Security Program
  • SaaS
  • On-Premise

See how Digital Guardian can protect your organization’s sensitive data and critical assets.

SCHEDULE A DEMO
REQUEST PRICING