Skip to main content




Compliant with Client Data Protection 
Requirements in 90 Days

About The Customer

A multinational company providing engineering, IT and staffing services to clients in a range of industries faced a demanding challenge; with a small security staff, they had to quickly develop, adopt, and rollout a new approach to data protection for an aerospace client – in less than six months.


The Business Challenge

The aerospace client had worldwide operations and was a major supplier to the U.S. Department of Defense. It shared sensitive information in multiple formats with its supply chain. As a defense contractor, some, but not all the data they used was subject to ITAR/EAR requirements. Under ITAR, specific design components and data may not be shared with non-US citizens, even if they are active in the manufacturing of components. 

The client’s requirements addressed multiple attack vectors, and consequently the potential for multiple solutions. This included Data Loss Prevention (DLP), network access control, removable media management, and Digital Rights Management (DRM). The company’s IT resources were fully utilized with existing operations. Sourcing, evaluating, and implementing multiple point solutions in the required timeframe was too big a task for the security team, and the risk of failure, and noncompliance, was substantial.


Critical Success Factors

  • Comply with ITAR/EAR requirements 
  • Secure sensitive, regulated data without adding IT and security overhead 
  • Support multiple use cases and attack scenarios 
  • Meet the aggressive timeframe for adoption and rollout


The Solution 

Fortra™’s Digital Guardian® worked with the firm to determine the best way to address the client security requirements and meet the tight deployment deadline with as little disruption to employee workflow as possible. Digital Guardian’s data aware solution – that protects the data directly while enforcing appropriate use – provided a single solution for all their data protection needs. Data loss prevention, network access control, removable media management, and ITAR-compliant features can all be managed with the Digital Guardian platform. Due to the aggressive deadline and limited internal resources, the firm chose Digital Guardian’s Managed Security Program (MSP). The MSP offering enabled the firm to focus on existing operations and rely on DG security experts to manage and monitor all threats to their data, from either inside or outside the organization. Because Digital Guardian classifications persist as data is used, ITAR-regulated information could be masked or displayed based on each individual user. The client’s requirements were unexpected, and therefore unbudgeted, but the decision to go with the MSP offering eliminated the need to adjust their capital budget. No new servers, capitalized software, or added IT personnel were required.


The Results 

  • Fully operational within 90 days
  • A single, managed solution for all data protection needs 
  • No additional IT or security overhead 
  • No additional capital expenditures 
  • Fully compliant with ITAR/EAR requirements

About Digital Guardian


  • Over 600 customers from across the globe
  • Industries served: Business services, education, energy, financial services, government, healthcare, manufacturing, retail, technology
  • Used by 7 of the top 10 patent holders


  • Endpoint, network, cloud and local data storage
  • Content, context, and user classification
  • Fully automated to fully manual classification
  • Over 300 data types, over 90 languages


  • Monitor log, prompt, justification request
  • Auto-encrypt, quarantine, move, block


  • System, user, and data level event visibility
  • Analytics that filter out the noise
  • Drag and drop incident management
  • Right click remediation in real time


  • Full visibility, analytics and controls across multiple operating systems
  • Mac
  • Windows
  • Linux


  • Managed Security Program
  • SaaS
  • On-Premise

See how Digital Guardian can protect your organization’s sensitive data and critical assets.