Expanding Digital Guardian’s Best in Class Data Visibility for Information Security Professionals
Digital Guardian was founded to protect intellectual property on the endpoint from purposeful theft or accidental loss. Since then we have significantly expanded that mission to include cloud inspection, network inspection, EDR, and UEBA, but the deep visibility into system, user and data events continues to be a reason why many organizations deploy Digital Guardian.
With our latest release, Digital Guardian has combined elements of endpoint and network inspection for even more granular visibility, analytics, and controls to protect sensitive data all while addressing where Google’s Chrome browser is heading.
Traditionally there were two methods of detecting network traffic: at the endpoint or on the network.
- Endpoint detection delivers deep visibility into the data on the device; Windows, Linux and Mac devices are the most common endpoints.
- Endpoint detection was previously handled at the kernel and file level coupled with the application layer injection.
- Network detection delivers broad visibility and control to a nearly limitless collection of endpoints, some of which where endpoint inspection isn’t possible or practical.
- Network detection is handled by the transmission layer, after the traffic leaves the endpoint.
Digital Guardian Technical Overview
In order to improve stability, Google is progressively eliminating the ability for 3rd party applications to inject code into the Chrome browser. Code injection has been used by antivirus and other security products to detect data loss, intercept and scan for malware, phishing pages, and other threats. However, code injection can present a risk if it is done for malicious purposes. It can also cause application instability.
To address this change, and expand Digital Guardian’s sensitive data visibility, a web inspection proxy implemented on the endpoint will now see the transmission layer data and be able to inspect and apply policies to this traffic. Digital Guardian connects the transmission layer visibility with our kernel and file visibility to both better detect data movements, but also more granularly control them. This includes SSL/TLS and because the inspection is at the transmission layer is application independent to remove the potential for conflicts.
In addition to the expanded data protection visibility, Digital Guardian is continued commitment to Microsoft compatibility. As outlined in this video with 3 members of the Digital Guardian leadership team, our CEO, our SVP of R&D, and our SVP of Global Services, delivering support for the latest Microsoft releases is paramount to our customers, this release delivers support for Windows 10 v1803 and Microsoft Office v1803. We joined forces with Microsoft to reduce the impact of OS and productivity applications, and enable organizations to upgrade as soon as possible after the Microsoft release to take advantage of new security or functionality features.
For more details about how to upgrade your Digital Guardian deployment to the latest version, please contact your account representative.
The Definitive Guide to DLP
- The seven trends that have made DLP hot again
- How to determine the right approach for your organization
- Making the business case to executives
The Definitive Guide to Data Classification
- Why Data Classification is Foundational
- How to Classify Your Data
- Selling Data Classification to the Business