All Features - Grayteq DLP

Request a Quote

LINE

All Features Grayteq DLP just grew even larger

LOADING ...

PLEASE WAIT!

Activity
Monitoring
Reporting
Center
File
Audit
Media
Audit
Action Driven
Alerts
Security
Orchestrator
Access Rights
Management
Event
Rule
Application
Rule
Document
Quarantine
Host Intrusion
Prevention
Endpoint
Protection
Locations
Printer
Rule
Encrypted Data
Transmission
Encryption
Encryptor
Cloud Share
Encryption
IM Services
Protection

Activity Monitoring Real-time surveillance. More than ever!

Activity monitoring does everything standard monitors do, and so much more. And unlike Event, Security or Application logging in Windows OS, Grayteq DLP lets you log and monitor any and every events that occur in your system running Grayteq DLP. And this surveillance goes on 24/7 in real-time. Anything happens, you get noticed immediately. Email sending, screenshoting, file events and interactions, IM messaging, file sharing and much more get logged continuously. You can see when anyone interacts with your corporate information on any way. Turn on Activity Monitoring. So nothing is left unnoticed, unmonitored and with Dashboard, nothing remains unsaid.
Key Benefits »

Find your focus
Monitor every interaction
in various ways

Comprehensive- ness
Record every
user actions

Test comes first
Use App Rule Test Mode
to outdate test systems

Picture it
Snapshot any actions,
irrespectively to their
classification

Get notified
Highlight and alert any
rule-violating attempts

Key Benefits

Real-time View and Screenshot

As Activity Monitoring’s name implies, it can show you what users do in real-time at the exact instant they perform an action - from programs being opened and closed, to file activity or email sending, displaying what users are doing in real-time, and create screenshots every time an unwanted action or attempt occurs for accurate remote visual monitoring and proof.

Connected vs. Disconnected

Deployed on the PC or laptop, Activity Monitoring works whether your employees are in the office or working remotely while network connection is not required. In case of your computer loses the connection to the Grayteq Security Server, your Grayteq Agent continues to log all user activities locally and these logs - according to their time-stamps - will be up-synced to the security server in a timely order.

For Every Location

As your colleagues’ location changes, their need for access changes as well. The possibility of setting different security rules up for different locations, by narrowing your collagues’ access availabilities while their notebooks are off of your corporate network, makes Grayteq DLP ideal for today's mobile workforce.
Learn more about Locations »

Privileged Users

System and local admins hold the keys to the kingdom with their limitless access to systems and workstations. The amount of damage admins gone rogue can create, requires increased scrutiny. No matter what Windows security classifications a user has, Grayteq DLP’s access right management is capable to overrule these settings, even local-, or domain administrators.

No undetected activities

While Grayteq DLP is embedded in the core or Windows, all user activities must go through Grayteq’s engine, making possible to log every user interaction and ensuring that all activities become visible. This is the end of the Hide’n’Seek era.
Contact us to learn more about Activity Monitoring »

More Features

Detailed Views

Have Deeper Insight

Log view is about to receive some great new features. In Log and Report detail views, you can easily learn all necessary information of a given action by just double-clicking on it, and finding out everything you want to know on the summary page. If you're looking for a specific section or detail of a log event, you can now browse in the summary page.

Enhanced Logging

Made For Logging

Grayteq DLP advances interaction and activity logging to a new level. Monitor, log, report and alert all any user interaction to your valuable corporate data, irrespectively that the given action meets the security rules, or even attempts to breach it. Archive your logs on a forced or on automated way to ensure that not a single log gets damaged or lost.

Admin Action Logging

Observe the Observers

Log all rule modifications and changes in a separated log that enables to insight security admins' interaction to rules. Admin action logging logs all Grayteq Admin made modifications, revocations and applications on any security rules.

Server Logs

Server Events in System Logs

DLP server logs are transferred into Windows event- and security logs, enabling the admins to track specific Grayteq server events directly from Windows logs. These might be server init, error or warning events.

Snapshot

Grayteq DLP provides you all information about any interaction that occurs in your system with all details that allows you to take the necessary steps. Do you need more? While a picture is equal with thousand words, Grayteq DLP’s snapshot is capable of making screenshot about any protected device and attaches it to the corresponding log element. This visual evidence enhances your logging capabilities by adding a real-time taken screenshots about any actions.

Contact us to learn more about Activity Monitoring »

Reporting Center Discover, Report and Act. The New Trinity.

While Activity Monitoring is designed to make all interactions visible, Reporting helps you to extract the very exact answer to a question you are looking for. And does it the easiest way. Reporting now enables you to generate highly detailed reports on any actions, timeframes, users, workstations, servers and many more. Find reporting aspects or focus you are interested in, set it up with a couple of clicks and leave the rest on Grayteq DLP. Even on your mobile devices.
Learn more about Reporting Center »

Automated notification
Receive security reports automatically, straight into your mobile inbox.

Display all details
Review all information about your security incidents.

On the road
Reports are visually optimized for higher readability, even on your mobile phone.

Report

With Report, you can easily extract all necessary details of any logged interaction or data access in a couple of clicks. Report allows you to create highly customized insights of your system with no relevant time and human resource consumption. Report is the easiest way to ad-hoc reporting of your data security.

Auto Report

Report’s enhanced feature is Auto Report that provides you the same level detailed security reports of your choice as Report with the advantage of scheduling. Do you want to have a comprehensive security report by 9:00am every Monday in your mailbox? You can have it with Auto Report.

Expiration Notification

Have you ever forgotten to renew a license and face its unpleasant consequences? Have you had to manage system breakdowns, service failures or worse, caused by some expired software licenses? Don't worry! Sometimes it happens to all. That's why License Expiration Notification of Grayteq DLP sends you recurring reminders starting from 90 days prior to any Grayteq license would expire, helping you to keep all Grayteq licenses up to date and avoid any unexpected events like security rule shutdowns, system failures, etc. You receive expiration reminder emails in 90, 60, 45, 30, 15 days prior to, and a final warning on the day of expiration.

File Audit The Eternal Cycle of File.

Is it problem for you to answer the questions: who did what, when, wherefrom or whereto, by what application with corporate files or documents? Whether it was copied or moved to other folders or locations, has been deleted, or just simply was renamed? File Audit answers these questions, delivering full file lifecycle analytics on any document from various aspects.
Key Benefits »

Find your focus
Create FLTs from various aspects

Go back in time
Find document's origin

Drill down deep
Follow every new branches

Existence does not matter
Make already non-existing issues visible (eg. at this point the file was erased)

Key Benefits

File Origin Report

By File Origin Report, you can easily find the original version of any of your files. File Origin Report auto-scans your activity logs and points to the first ever existing version of your selected file, “linking” the original file to your selected one.

Existence History Report

Create Existence History Report about any of your files with a single click and find all existences of your file over your whole corporate network. With Existence History Report, you can pinpoint every now-existing and previously existed locations of your specific file.

File Lifetime Report

With File Lifetime Report, you can build-up the full life cycle tree of any of your files. Create a File Lifetime Report (FLT) and Grayteq DLP will find the first occurrence of your selected file (no matter if it was renamed, moved, modified or even deleted through times) and draws you the “Family Tree” of your file where your can follow all modifications, moves, copies, renames and any other modifications in different life-lines. You easily can discover how many different versions of the same parent file exist in your system, under which names on which devices and storages, who did what and when with that specific occurrence of your file. File Lifetime Report is the most comprehensive life cycle trace you can have about your files.
Contact us to learn more about File Audit »

Media Audit Unmonitored Store-Age is over!

Media Audit brings together everything that occurred on a storage device in a bird's-eye view. Find out which storage was connected to which host; follow which users connected this storage, when and to which hosts, and what interaction occurred on them. Search for file interaction occurred during connection and simply click anything to instantly navigate to it.
Key Benefits »

Find your focus
Create SLTs in various aspects

Storage was here
Show every presence
of mobile storages

Let's see what
has happened
Display all file events occurred during connection

Key Benefits

Storage Connectivity Report

Generate Storage Activity Report about any removable devices connected to your system, having detailed insights about when the specific removable device were connected to a host and when removed.

File Operation Report

Pick any connection occurrence from Storage Connectivity Report and generate File Operation Report, detailing what kind of file activities happed during the specific connection, which files were moved or copied to and from the given device. Receive detailed report about all data moving and copying attempts that attempted to violate any upholding security rules and accordingly were rejected by Grayteq DLP. Simply choose a connection moment in your log, right-click on it and select File Operation Report and let Grayteq DLP do the rest for you.
Contact us to learn more about Media Audit »

DLP | Action Triggered Alert

Action Driven Alerts

Are You Ready for some Action?

Action Driven Alerts provides email notification experience, so you can read and interact with security breaches without distractions. Interaction Alerts notifies security administrators about any alert-trigger interaction irrespectively to their security clearance. No matter if an action meets security rules or even attempts to breach, Action Driven Alerts helps keeping you posted.

Enhanced authorization
Unauthorized actions are denied, monitored, logged and alerted
in real-time.

Real-time notification
Security personnel receives action driven alerts in real-time.

With all details
Review all information about the given security incident.

Triggered Alert

Trig 'em all

Setup which rule breaching attempt may trigger Alert on a new wizard page or simply right-click on a log event and select Alert to create alert if the given conditions are met.

Orchestrator for Desktop
Grayteq Security Orchestrator for Desktop provides you with full management and overview capabilities over your Grayteq DLP system.

The New Orchestrator
The New Orchestrator is designed to bring all management features of your Grayteq security system onto your Windows tablet.

DLP | Security Orchestrator

Orchestrator for Desktop

Everything can be easy

On top of visual enhancements and new features integrated, Security Orchestrator's log, rule, report, audit and management display capabilities were radically enhanced. When you need a little more room for your logs, archives, rule wizards or setups, the new Security Orchestrator layout lets you use your display spaces more effectively and quickly navigate among them. You can rearrange, add and remove space to or from any displayed element with ease. Moving windows from one their original location to floating state is as easy as restoring the original layout. With its optimized Security Orchestrator surface, Grayteq DLP enables easy-to-use security rule management, transparent security log views and analysis, while re-organized features make Grayteq DLP the handiest Grayteq Solution ever.

Your security
in one place
Manage your data security from a single console, having all features managed, monitored and maintained single handedly.

Categorized features
All settings, features and functions are categorized, making navigation and selection easier.

Role-based Administration

Cover all protected info

Role-based administration (RBA) is a feature introduced in Security Orchestrator. RBA provides Grayteq security administrators with an easy way to implement the security model that allows them to assign and manage administrative permissions by assigning which actions they are able to perform using security roles, which options and system components they can manage through the Orchestrator, and which features they can access and administer. Based on their security administrative permissions, the Security Orchestrator console has been significantly enhanced to provide administrators with a streamlined view that is customized to their specific role—showing only what they need to do their job. Gain fine-grained control over what your Grayteq administrators can see and do to your DLP system, to selected security features, resources and rules in your organization.

Category View

Categorize Your Security

In Security Orchestrator all new and old features are integrated into category views, enabling faster, more efficient and targeted browsing amongst them. Monitoring, Auditing, Endpoint Protection, Data Protection, Operation Controls and System Fine Tuning categories are easing the navigation and help you to find whatever feature you are looking for.

Rule Lock

Save from being interrupted

Grayteq DLP locks a rule while being edited by an admin making other admins unable to interact with it. Usually an admin may interfere with another admin's work by attempting to open or modify the same rule in the same time. This interference and its possible consequences are prevented with Rule Lock.

Test Mode

Test Mode functionality of Grayteq DLP has been extended to all Grayteq DLP security rules. By this extension, you can test all your security rules on your live environment without allowing your new security rules pose any risk to your everyday operations and work. When Test Mode is on, an orange log event shows to your security administrators, which user actions would be denied if your current security rule would not be executed in Test Mode. By using this enhanced testing technique, you It security personnel may test new security rules on your live systems until they become sure that the application of the rule has the required effect on your system. When tests are done, you can easily turn your new security rules live by a single click.

Manual Archive

Free Storage Space, now!

Your real-time logs consummate more storage space than you want and scheduled archiving is afar? Force interaction log archiving by a single click on the menu bar and clear-up space for interaction logs on the DLP Server.

Scheduled Archive

Save Logs Regularly

Setup archiving schedules to ensure automated log archiving by archive size, number of archived elements or archive timeframe. The more regular automated archiving results the more protection on all-time logs against being lost, damaged or broken.

Host ID Priority

Prioritize Your Hosts

In host list, arrange and filter hosts by selecting primary identifier. Primary IDs can be NetBIOS, IP or DNS names. All fields can be switched on or off except the all-time first priority one.

License Stash

Save Your Licenses

Revoked or unused licenses can now be transferred back to a license stash wherefrom can be re-distributed to new workstations or servers for the remaining license periods.

Remote Agent Uninstall

Unwise Installation with a Click

With appropriate Grayteq admin rights, you can now uninstall agents from remote. No more on-site agent uninstallation is needed. Just simply sit in front of the Security Orchestrator, select Agent to remove, click uninstall and Grayteq DLP does the rest.

Auto Backup

Be backed up for all times

Backup security server config and license files. Scheduled save for the Config and License files, to ensure smooth restore in case of any system failures in one move.

Third-party databases

Use Grayteq DLP’s own indexed and encrypted database to store your security logs, or if you run your corporate SQL, Oracle or Syslog system, then route your logs into your centrally managed third-party database system and use your own data storing and analytics method. Beware of that while Grayteq DLP’s own database system is encrypted and protected against being modified, overwritten or deleted, third-party databases are modifiable.

Supported third-party databases are:

Microsoft SQL Server (up to SQL Server 2012 R2);
PostgreSQL Server in unicode mode;
PostgreSQL Server in ANSI mode;
Oracle Database Server (10G and 11G);

Some supported SYSLOG systems:

HP OpenView;
IBM Tivoli;
Cisco MARS;
Novell Nsure Audit;

Printer Rule

On top of setting up Positive and Negative Log Filter, Event Rule for Normal and Removable Media, Application Rule, Snapshot and Quarantine rules, Printer Rule setup were added to right-click rule creation options. Just right-click on a log event and create whatever rule you like by using the log's stored information as presets.

Log Filter

Millions of security-irrelevant actions happen when we work on our computers. Applications’ internal activities and calls, Windows system and network events that are necessary to fulfill the users’ interaction requests, but users have nothing to do with. For saving log storage and network broadband, Grayteq DLP decides whether the given action is relevant or not and accordingly sends it up to the Security Server, or filters it out at the moment of creation.

Rule Group

The assignment of your security rules into groups, makes rule assignments to new hosts a drag-and-drop-easy action. In Grayteq DLP, any rules can be combined into a rule group, no matter if they are Event Rules, Quarantines, EDTs, Encryptions or anything else. Set unique name for every rule group and manage your system the easy way.

Access Rights Management

Grayteq DLP allows you to easily and competently manage user accounts and user groups across every department. Whether it is importing a user or a user group from Microsoft Active Directory, editing a current user account or assigning additional privileges, by its build-in wizard system, Grayteq DLP actively helps you save time, effort, and energy through every step of the way. The use of role-based settings enables users to quickly and accurately grant permission to curtail excessive permissions and help meet compliance requirements.
Key Benefits »

Groups and Individuals
Set access rights for groups and individuals in clicks.

Various Options
Set different options from automated snapshot creation through Encrypted Data Transmission to advanced Alert.

Users and Paths
Define Users with Access (Allowed Users) and Users with data export rights (Outbound Users) for a path, or a set of paths.

Key Benefits

Manages all types of user access rights, irrespectively to their Windows classification;
Manages all types of host access rights with the capability of overruling any Windows permissions;
Easily assigns access rules to users or user-groups by using templates;
Easily assigns access rules to hosts or host-groups by using templates;
Drag-n-drop assignment of any access right management rule without the need of host restart;

More Features

Temporary Rights

Assigning and revoking temporary rights with Grayteq DLP is one-click simple. You can easily assign a start and end date for any access right rule, automatically withdrawing all access rights at the expiration data/time. This feature makes Grayteq DLP’s Access Rights Management especially beneficial for such organizations where a large number of temporary staff is employed, making it difficult to keep up with each user’s rights.

Overrule Windows Rights

By using Grayteq DLP’s Access Rights Management, you can easily define protected areas within your corporate infrastructure, where entry is denied for even the highest-ranked Windows users like local-, and domain administrators. Setup your protected data security zone and keep your highest priority data secure from everybody.

DLP | Event Rule

Event Rule

It's Up to You.

Any user-activities, interaction or their combo may threaten your valuable data in given circumstances, or even the most harmful-alike actions can meet the upholding rules, causing no damages. Event Rule blocks unwanted activities and smoothens allowed operations. Manageable user activities and file interaction are Create, Read, Modify, Copy, Move, Copy and Paste, Drag-n-Drop, Delete, Print or Send.
Key Benefits »

Easy to set
Setup Event Rules by a couple of clicks.

Pick your choices
Include events to control, while excluded ones remain uncontrolled.

Easy to apply
Apply Event Rules on a single Host, a Host Group or on your whole system.

Narrow your controls
Make your Event Rules more specific by setting Users, Paths or Applications.

Advanced versatility
Enable additional options like Severity, Snapshot and On/Off Network application.

Key Benefits

Create and apply unique event rules for all known types of file interactions, users, hosts and groups also;
Manage events by creating rules for specific file-extensions and applications;
Use wildcards^EP1 and environmental variables^EP2 for generating general rules;
Set severity level for each event rule from Info to Severe;
Apply different Event Rules for various Locations;

Contact us to learn more about Event Rule »

EP1 - Wildcard is a star (*) character that can be used for replacing any character, or string.
EP2 - Environment variables are a set of dynamic named values that can affect the way running processes will behave on a computer. For example: %SystemRoot% that means C:\Windows in default windows installation.

Application Rule

Categorize Your Apps!

Games, unauthorized browsers, instant messengers and other unwelcome applications can impact your business with their drain on employee productivity. Social media tools that are meant to aid people staying connected can also be a distraction. Create White-, Gray-, and Blacklists for all applications and decide how applications should operate or even being rejected. Whitelisted applications run smoothly, while unwanted or known harmful applications are denied by Blacklists. For millions of unlisted applications, setup Graylist actions to manage apps from not known sources or with no security clearance.
Learn more about Application Rule »

Browse it
Browse and set your apps to manage.

Get sorted
Sort your apps to black-, or whitelist. Manage the unlisted with graylist.

Optional elevation
Severity, Snapshot, On/Off Network rule application and automated alert elevate your application security.

App Rule Test Mode

Test Systems are overdue

Do you like the new Application Rule feature, but have no experience in managing applications on this way? Are you worried of applying an app black listing rule in your live environment, but have no test environment to test the given rule properly? No need to hesitate prior to applying and Application Rule in live environments anymore. App Rule Test mode enables to apply rules without any unexpected consequences. Turn test mode on and Grayteq DLP acts like the App Rule would be in force, without de facto denying the application to run and risking system breakdowns or application failures occurred by a mis-set rule.

Whitelist Plus

Free Your Apps

Application Rule Whitelist Plus is an extra option for releasing quarantine breaching applications in special circumstances. While Grayteq DLP's main focus is on providing data loss prevention for all applications, irrespectively to their function or manufacturer some of them, like some mail clients need special attention and care to keep their efficiency and functions work on the proper way. That's why WhiteList Plus is needed. For more information about Application Rule Whitelist Plus please, consult with DLP User's Guide.
Learn more about Whitelist Plus »

DLP | Document Quarantine

Document Quarantine

Meet the Challenge!

Setting up access rules to valuable corporate information or even keeping domain administrators away from highly classified management files is not self-evident. Protecting trade secrets, know-hows and management documents from even the highest Windows-provided access rights is a challenge. Quarantine is special document protection, enabling you to create isolated storage spaces, wherein Windows provided access and interaction to the information can be overruled.
Key Benefits »

Easy to set
Quarantine your corporate Intellectual properties in clicks.

Options to set
Set various options from snaphot throught Encrypted Data Transmission to creating Alert in the easiest way.

Simplify it
Set or modify any security properties by simply clicking on it.

Key Benefits

Full range access rights management both for the protected area and information within;
Even the highest Windows rights can be overruled;
Setup individual protection for all information within the Quarantine protected area by setting up access-, use-, transfer- and print rules for users, user groups and applications;
Setup Encrypted Data Transmission rule for the quarantine protected information.
Learn more about Encrypted Data Transmission »
Quarantine provides instant and automatic protection for all files even if they are created within the Quarantine area or being moved or copied into. This protection enables you to setup security rules for such information that are unavailable at the moment of the rule creation, of even don’t exist at all;
Activate real-time Alert for any Quarantine breaching attempt with a single click.
Learn more about Alerts »
Describe Locations individually for each Quarantine, where protection shall apply.
Learn more about Locations »

More Features

Snapshot Protection

Snapshot protection were enhanced by applying Screen-On Layers on protected information to save from being screenshoted. Screenshoting is disabled on every screen appearances of protected information, while creating snapshots on unprotected documents, files or information remain uninterfered.

Learn more about Document Quarantine »

Host Intrusion Prevention

Beyond Border Protection

Host Intrusion Prevention (HIP) safeguards your business against intrusion threats that may otherwise be unintentionally introduced or allowed by desktops and laptops. Host Intrusion Prevention is easy to deploy, configure, and manage. HIP delivers software-based separation for shares to control access and interaction. Access to shared information can be defined upon information and user classifications.
Key Benefits »

Communication Control
HIP ensures uninterfered communication between computers in the same protection zone.

Access to Shares
Access for computers in different protection zones to each other's shares is denied.

Strenghten Your Infrastructure
HIP protects your infrastructure from any unauthorized connections.

Key Benefits

Stops unauthorized remote browsing in your valuable information;
Thwarts advanced hybrid and application-level attacks against your shared files;
Enables regulatory compliance through protection of confidential data;
Protects against theft or leakage of intellectual property because of undesired access;
Provides information about most attacked hosts to Grayteq Dashboard analytics tool;
Server-less operation. No security server connection is needed for true Host Intrusion Prevention;

Grayteq HIP’s (Host Intrusion Prevention) operation is based on a Q&A basis. At any remote connection attempt, Grayteq Agent initiates a special challenge-response-type authentication to the caller workstation and approves access to shared information upon successful authentication only. At the moment of connection, both caller and recipient workstations must have running Grayteq DLP agent installed with at least one common Intrusion Identifier applied.
Contact us to learn more about Host Intrusion Prevention »

DLP | Endpoint Protection

Endpoint Protection

Your Corporate Border Guard.

Secure Floppy or ZIP Drives, CD/DVD/Blue Ray writers, Infrared, Bluetooth, IEEE1394 Firewire, Wireless (WiFi) adapters, COM and LPT ports, Microsoft® and Novell® shares USB and PCMCIA devices in an easy-to-manage solution. Grayteq DLP seamlessly integrates the essential data loss prevention tools you need into a single, high performance agent with a single management console; the Security Orchestrator provides protection without slowing you down.
Key Benefits »

Endpoint Independence
Protect your corporate intellectual property from unathorized copying, moving or being leaked on any endpoint devices.

Enhanced Authorization
Unauthorized copy or move of protected information is denied, monitored, logged and alerted in real-time.

Storage Independence
No matter where you store your information, endpoint protection saves it from being exposed or distributed to unauthorized.

Key Benefits

Centrally manages security rules regarding use of removable devices (e.g., USB flash drives), media (e.g., DVDs/CDs) and various types of connections (e.g. FireWire, Bluetooth, PCMCIA) using a flexible whitelist approach;
Protects valuable corporate data being copied to unprotected removable devices/media;
Prevents harmful intrusion via removable devices/media, adding a layer of protection to your network (e.g. control executable at endpoints)
Provides the visibility, forensics and reporting needed to demonstrate compliance with applicable laws;
Integrates with all Grayteq DLP modules;

More Features

Removable Media Rule

Removable Media Rule enables you to extend Grayteq DLP’s data protection capabilities to your removable medias like USB thumb drives, External HDD’s or anything similar that Windows assigns a letter to. Removable Media Rule provides you with all Event Rule control features over your removable media devices.
Read more about Event Rule »

Device Rule

Grayteq DLP’s Device Rule enables you to apply special security rules over your endpoint devices. Endpoint devices to control are:

Floppy, ZIP Drive, A Drive and other Floppy type devices;
CD/DVD/BlueRay Writer Devices;
Infrared based Devices;
Bluetooth Devices;
IEEE 1394 Firewire Disks;
Wireless Adapters (Microsoft Wireless Zero Configuration - WZC);
Serial Port based Devices;
Parallel Port based Devices;
Network Devices(Microsoft Windows Network);
Network Devices(Novell Network);
USB Storage Devices;
PCMCIA Adapters;

Storage Rule

All data protection features can be assigned to a specific removable media device by recognizing the device by its serial number, hardware ID or mount point. Storage Rule allows you to set any devices to Normal mode, where no data transmitting restrictions are applied over the specific device, or set to Blocked, where the storage device’s mounting to the host is denied, making all data flow impossible to and from the storage, or set to Read-Only, where the storage is enabled to bring data into your system, but all data transmission to the given device is denied.

In absence of media

No matter if your removable devices are not present at the moment of the creation of endpoint protection rule, while all unique details (Hardware ID, serial number, Manufacturer name and type) are already registered in Grayteq DLP’s media database.

New Storage Action

Setup general security measures for all unknown media. You can set what action Grayteq DLP shall take with an unknown media at its time of connection. You can deny access to the media by denying its mounting, can handle it as a read-only device, enabling data being copied from the media or allow all data transfer from and to the media.

Type and Destination

By Grayteq DLP’s endpoint protection, you can set security rules by specifying what types of data can be moved or copied from or to a removable media and what actions can one take with those files. (e.g. You can create a rule that denies any executable file being copied and executed, or specify data that cannot be copied to a removable media without hardware encryption)

Locations

For all cases. For all places.

Do you want to strengthen your security rules while a notebook leaves the protected corporate infrastructure? You have to provide various security rule settings for your subsidiaries or you need to enable your colleagues’ access to your corporate network from remote locations via VPN? You need to setup unique security rules for different networks? Grayteq DLP Locations is especially designed to solve such problems by allowing you to extend your data security over the corporate perimeter with different security rule setups for different locations.
Key Benefits »

Safety when connected
Some security rules are for office use only.

Bring safety home
Corporate information may be taken home for off-business hours work that requires special protection rules.

Locations
No matter, where you want your rules applied, pick your choice by a single click.

Key Benefits

Auto-apply different security settings and rules depending on your location, no matter if in the office or on the road;
Automated location recognition and rule application;
In case of connection-loss to the security server, Disconnected Rules get auto-applied;
Apply special security rules when Connected on VPN;
Setup application-locations uniquely for all circumstances (while Connected, Disconnected, When on VPN, At Places);
Assign individual rules to specific IP ranges or gateway MAC addresses;

Functions

Apply when Connected

Factory default Location, Connected makes all ‘Apply when Connected’ security rules applied and enforced automatically, when your Grayteq DLP protected device is connected to your Grayteq Security Server. These rules are applied irrespectively to your device’s current IP address.
Learn more »

Apply when Disconnected

Built-in Location Disconnected makes all ‘Apply when Disconnected’ security rules auto-applied and enforced immediately when your device loses its connection to the Grayteq Security Server by any reason. No matter if there is a network breakdown, a gateway shuts down or simply your colleague leaves your wireless network range with her notebook.
Learn more »

Apply when on VPN

When your colleagues have to access the corporate network from a remote location, the most widespread secure connection solution is some form of Virtual Private Network (VPN). By Locations, you can provide access to your corporate network via VPN for your colleagues while apply strengthened security rule than if they were hardwired to your network.
Learn more »

Apply at Places

If you have to setup different security settings for different sub-networks within your corporate infrastructure, then Grayteq Locations makes it a couple-of-click easy for you. Simply specify IP Address range and the gateway’s physical address (MAC Address) as a Location and apply unique rules on your devices while connected to that gateway and have dynamic or static IP address from the specified range.
Learn more »

Connected
Protection in the office

All can agree that company proprietary information; trade secrets and other valuables are protected the most while inside the corporate infrastructure. Grayteq DLP Locations enable you to automatically and immediately apply your internal security rules while a device connects to your corporate network. With Connected Location settings, you can define your basic data security rules that are to be applied on every connected Windows devices, irrespectively to what range the device receives IP address from or which gateway it connects to. The only application condition for Connected Location rules being applied is that the device must have active connection to your corporate Grayteq Security Server.
Have question? Ask us! »

Disconnected
When you leave your office

All can agree that company proprietary information shall leave the corporate perimeter sometimes. Your field colleagues must take such information with them that are necessary for their everyday tasks outside the office. Disconnected Location automatically enables your “for-out-of-office” set of security rules over your data stored on your laptops, applying strengthened data loss preventions settings until the device returns to the protected corporate environment. Disconnected Location rules automatically turn on in any case of connection loss to the Grayteq Security Server no matter if a network element goes down, or if it’s a larger network breakdown or the device simply disconnects from your corporate network by leaving the building.
Have question? Ask us! »

On VPN
Work from home protected

Nowadays the wide-spreading concept of Home-office enables your colleagues to work for you without leaving their homes. This means that you have to provide secure remote access for your colleagues to your corporate network. This is what Virtual Private Network (VPN) is designed for. But you may put your VPN-enabled connections into the elevated-risk category, because you cannot be sure that what kind of security leaks your colleagues have on their home computers. This is, when On VPN Location comes to the screen. By adding On VPN Location to a set of security rules, you can make sure that when your colleagues’ computers connect to your corporate network via VPN, these rules auto-apply and all VPN-related restrictions become in force. On VPN rules turn on immediately, when your colleagues’ home computers connect to corporate network (have active connection with your internal Grayteq Security Server) and receive a preferred or dynamic IP address from your VPN-dedicated IP range. On VPN Location works with all known VPN clients and technologies.
Have question? Ask us! »

Places
Various settings for various places

Sometimes there are special security needs for different places, sometimes you have to set unique security measures for a specific corporate division, or deny access to a sub-network of a given department for laptops that are anyway authorized on other gateways in your infrastructure. This is when Places Locations may help you out by allowing you to assign security rules to specific Gateways and/or IP address ranges. These rules become active depending on which network gateway the laptop connects to and you have another option of making differences between various IP ranges within the same gateway also. Grayteq DLP Client identifies network gateways by their unique Media Access Control address (physical address or MAC address) making impossible to avoid security rules by faking authenticated IP addresses on unknown network devices.
Have question? Ask us! »

DLP | Printer Rule

Printer Rule

Extended Printer Security

It is common that there is not enough to electronically store, send or use a file, but it is needed in hardcopy. At these times, we automatically click on print icon and the document gets printed from the printer. But how can you decide whether printing a document is allowed for the given user? By Grayteq DLP’s Printer Rule, you can monitor, control and follow every print of a document or in case of unauthorized printing attempt; it is easy to deny printing and alert security personnel. Just simply right-click on any logged event in Security Orchestrator and create Printer Control in seconds that enables you to define who can print, what document can be printed and to which printer.

For selected printers
Approve those printers, where the
given information can be printed.

Stop the unauthorized
Printing to unauthorized printers is
set and denied instantly.

By the settings of Printer Rule, you can setup unique printing rules, where a particular user may print a specific document on a specific printer only, while this printing can be limited by time frame as well. With this time frame, you can control that your colleagues shall not create hard copies about sensitive documents uncontrolled, out of business hours. Creating a Printer Rule may happen by using the standard security rule wizard, or by clicking on a specific activity log element.

Naturally, alert may be set for rule violation attempt on a Printer Rule as well, when you or your security personnel may receive immediate and automatic alert about. Learn more about alert in Action Driven Alerts chapter.
Printer Rule may be created not just for physical printing devices and printing may be controlled for any virtual printers, PDF writers or even Internet faxing applications.
Learn more about Printer Rule »

DLP | Encrypted Data Transmission

Encrypted Data Transmission

Encrypted Data Transmission applies strong encryption on transferred data within the boundaries and beyond. Encryption is enforced for both in- and outbound communications. EDT encryption protects your corporate data while on the road, ensures access for authorized recipients only, and applies transparent decryption and secure storing on recipient workstations and notebooks.
Key Benefits »

Key management
All keys are centrally managed, stored and administered.

Various options
Manage all important settings and options on a single console.

Encrypt instantly
Simply right-click on file and encrypt it in a click. Then transfer it on the way you want and leave the rest on Encrypted Data Transmission.

Key Benefits

Centrally manages encryption keys for all protected information;
Sets key status (enabled, disabled or revoked) and applies encryption on any information;
Remotely distributes, applies or revokes encryption keys on hosts, users or their groups;
Denies every decryption attempts in case of failure of proper recipient identification and authentication;
Enforces advanced storing, by automatically moving decrypted information to a protected environment during the decryption;
Key level classification for stopping unauthorized key usage by users with inappropriate security classification;^EDT1

EDT1 - Under development. Expected release date: Q2 2015

Encryption

Encrypt Your Storages

Data stored in an unprotected state on your laptop and desktop PCs puts your organization at risk of becoming the next data breach headline. Only strong encryption of all data on hard disks counters the threat of losing critical intellectual property and customer or competitive information and provides a "safe harbor" from the high-profile public disclosures and costly remediation mandated by privacy laws. Encryption enables on-the-fly strong encryption on all business-critical information protecting against being accessed or used by unauthorized. Vault protects and prevents corporate information from accidental data loss and assures protection for desktops and laptops against unauthorized access, meets government directives and regulations, offers full audit trail and provides scalable, single console management for easy deployment and administration.
Key Benefits »

Define it
Setup your folders to encrypt and DLP will do it for you, rapidly.

Manage it
Encrypt key management, assignment and revocation is centralized into a single console.

Key Benefits

Manages data and devices individually by file, device type, brand or model with uniform set of rules;
Eliminates the need for multiple device management and encryption tools;
Delivers unified file and device encryption, access and audit rules in a true single agent;
Provides complete audit of data level and device usage to meet compliance and forensic needs;
Automated and centralized key management via rule for easy management;

Encryption’s industry standard encryption capabilities are built upon the integrated key management system that ensures full-time, automated (on-the-fly) and user-transparent encryption for protected information. You can manage all encryption keys from Security Orchestrator, Grayteq’s single-console security management application. Digital time-stamps are also used to ensure non-repudiation of collected and reported activity data. This integrated server and agent encryption system eliminates the need for separate PKI/key management systems and the overhead that comes with them.
Learn more about Encryption »

More Encryption Features

Removable Media Encryption

Protection On-the-Go

Removable storage devices are now common in offices everywhere and any external places where today’s mobile workers go. The proliferation of inexpensive USB thumb drives, portable hard drives, digital cameras, mobile phones, personal digital assistants (PDAs), and CD/DVD burners puts organizations’ data and business at risk. Encryption addresses the operational issues that enterprises encounter when deploying a solution to protect data on removable storage devices from loss or theft, enabling organizations to benefit from the productivity gains associated with removable storage without putting data at risk. Encryption–delivering the capability to encrypt data by rule on any storage device or media, allowing employees to safely transport and use data on portable media. To speed adoption and acceptance, enterprises also need to ensure a non-disruptive user experience that protects data while having minimal impact on the way employees work.
Learn more about Removable Media Encryption »

Full-Disk Encryption

Full Protection in clicks

Encryption from Grayteq provides your organization with comprehensive, high performance full-disk encryption for all data (user files, swap files, system files, hidden files, etc.) on desktops, laptops, and removable media. This easy-to-manage full-disk encryption technology protects data from unauthorized access, providing strong security for intellectual property, customer and partner data. Grayteq Security Orchestrator simplifying deployment, rule creation and distribution and reporting can centrally manage protected systems.
Learn more about Full-Disk Encryption »

In case of your encryption passphrase or encryption key being corrupted, leaked or damaged, full disk recovery and new encryption key assignment can be done in clicks. Encrypt your whole disks with Encryption and no need to be afraid of your data being leaked anymore.
Learn more about Encryption »

File Share Encryption

Share Your Files Securely.

You must be sure that your corporate data stored in shared file servers, even in the cloud is secure before using shared physical or cloud storages, servers, data warehouses as a real productivity tool. File Share Encryption allows you to copy, move or even drag and drop unencrypted files into cloud stored sharing folder for automatic and transparent encryption. From this moment, automatically encrypted files enjoy Grayteq DLP Document Quarantine protection against being removed from this location and retain their encrypted status, allowing only authorized users to view sensitive data.
Learn more about File Share Encryption »

DLP | IM Services Protection

IM Services Protection

Skype, AIM, Live Messenger, Yahoo Messenger and similar products and services are available for everyone. Instant messaging is free. Grayteq DLP keeps it free by safeguarding uninterfered instant messaging, while protects corporate information from being leaked. IM Protection is designed to make difference between standard chat messages and corporate information and while protects chatters' privacy, keeps business information within the company.

Keep chatting
Chatting is not harmful, until important information is not leaked through. Harmless chatting goes on, since corporate intellectual property is kept safe.

As you can see in the screenshot above, IM Services Protection provides smooth communication during an instant messaging (chat) session wherein participants chat about general things, while when a sending attempt of a protected document or even a Copy-and-Paste attempt of any protected information into the chat application is detected, Grayteq immediately identifies the data leakage threat, denies it, creates a log element with all details of the attempt and alerts security personnel on on-demand basis.

Read more about Grayteq DLP’s alerting capabilities in the Alerts chapter. You can setup white-, and blacklist for instant messengers within your organization by creating Application Rule. Similar to other Grayteq protection features, IM Services Protection is application-independent, so you don’t need to vote one messenger or the other. Select and enable more instant messengers within your organization.
Learn more about IM Services Protection »