Security giant Check Point has announced a data leak prevention (DLP) system with a neat trick up its sleeve. If it detects that sensitive data is being misused, it tells users through pop-ups.
The company is convinced that its first DLP system, Check Point DLP, can remove the incredible complexity that it plausibly identifies as a major hurdle to widespread implementation of the technology beyond specific niches.
The UserCheck system is designed to let users self-educate themselves on corporate data policies, but will tell them if a policy is being broken in real time, either using a pop-up or sending an email. Direct feedback for users is innovative as the majority of DLP systems notify remote IT staff, who will likely react only after potentially sensitive data has been lost, rendering its use moot.
The key is how the system identifies that a policy is being broken, or that data has been exposed, and this is where customers no doubt will need more detail. Check Point says that the core is the MultiSpect software engine that inspects traffic in realtime to work out who is using what data in what way and, if necessary, where it is being sent.
The DLP comes with 250 pre-defined policies built to protect common vulnerable information types as designated by compliance regimes such as HIPAA, SOX, and PCI DSS being moved across HTTP, FTP, and email/SMTP. Custom data types can be built using a scripting interface.
It can sense in any Latin-based language plus Hebrew, Russian and Thai, and looks for specific types of data such as social security numbers, bank PINs and account numbers.
"Data loss prevention is a universal business challenge. At some point, we have all sent an email with sensitive information to the wrong recipient," said Check Point CEO, Gil Schwed. "By combining innovative technology with our UserCheck remediation solution, Check Point DLP enables businesses to enforce corporate policies and educate users while preventing intentional and unintentional data loss."
Check Point DLP can be bought on the company's dedicated appliance or run on an 'open' server. Pricing has not been announced.
Separately, the company has applied a similar realtime principle to its new SmartEvent Software Blade, which can analyses event data from Check Point IPS and firewalls.
Last month, Check Point announced a VPN-on-a-stick system that lets road warriors carry VPN access and security settings around swith them on a USB stick.