DeviceLock is an Endpoint Data Leak Prevention (DLP) Suite which enforces data protection policies with awareness of both the context and content of data flows across endpoint channels. It provides multi-layered inspection and an interception engine for fine-grained control over a full range of data leakage pathways at the context level.
Content analysis and filtering can be applied to select endpoint data exchanges with removable media and PnP devices and with the network. Security administrators can match user rights to job function with regard to transferring, receiving and storing data on corporate computers. The resulting secure computing environment allows all legitimate user actions to proceed unimpeded while blocking accidental or deliberate attempts to perform operations outside of preset bounds.
DeviceLock Endpoint DLP Suite comprises a modular set of complementary functional components:
- DeviceLock Base Component: An entire set of context controls together with event logging and data shadowing for all local data channels on protected computers including peripheral devices and ports, clipboard, connected smartphones/PDA’s and document printing. DeviceLock also provides the core platform for all other functional modules of the product suite and includes its central management and administration components.
- NetworkLock: An add-on component which performs all context control functions over endpoint network communications including port-independent protocol/application detection and selective control, message and session reconstruction with file, data and parameter extraction, as well as event logging and data shadowing.
- ContentLock: An add-on component which implements content monitoring and filtering of files transferred to and from removable media and Plug-n-Play devices, as well as of various data objects of network communications reconstructed and passed to it by NetworkLock – like emails, instant messages, web forms, files, social media exchanges, and telnet sessions.
- DeviceLock Discovery: Separately licenced component which enables organisations to gain visibility and control over confidential “data-at-rest” stored across their IT environment in order to proactively prevent data breaches and achieve compliance with regulatory and corporate data security requirements.
- DeviceLock Search Server (DLSS): Separately licenced component. It performs full-text search in the central shadowing and event log database. DLSS is aimed at making the labour-intensive processes of information security compliance auditing, incident investigations and forensic analysis more precise, convenient and time-efficient.