CurtainTM e-lockerWe safeguard your information!

© Copyright 2001-2011 Coworkshop Solutions Ltd. All rights reserved.

CURTAIN – Security challenges

CURTAIN – How we safeguard your information

CURTAIN – Deployment

Agenda

Data leakage

Multiple Layered Security Control

Perimeter-based security solutions: Intruder Prevention, Firewall & VPN, Web & Email Filtering, Antivirus , Anti-spam.

Security challenges

Comprehensive External Security Control

Expensive and difficult to implement and manage these layered defenses. Still, It cannot protect internal document.

Security challenges

Security Challenges besides External protection: Internal Protection

Security surveys

35% report attacks from an internal source, compared to 2004 (14%) and 2003 (10%) in the financial industry (2005 Global Security Survey, Deloitte Touche Tohmatsu)

More than half of the computer threats come from within the organization (CSI/FBI Security Survey 2005)

Latest security surveys show the significance and trend of Internal Security Breach

– 52% (Insider breach) VS 48% (Hacker breach)

Security surveys

Because it is not easy to discover insider copies information to external devices

Insider breach should be higher than 52%

8

But once user getsREAD rights, he owns the document.

The problem

Most systemsalready have built-in security access control.

9

Print

Print screen

Save to USB disk

Copy to mini PC (by LAN cable)

Copy & paste

Email

ICQ, MSN, QQ

Upload to FTP server

More…

Once the user gets READ rights, he can…

The problem

Numerous mass storage mobile devices & wireless connectivity to exploit

New technologies

Widely use of Peer-to-peer (P2P) software, such as Foxy and BT

Administrative security policies and procedures are NOT enoughfor the Trusted Community

Control USB port

Control Internet access

Control usage of printer

Control data sharing

Some companies try to prevent data leakage by:

Traditional ways

Question: Is it the way out? Definitely, NOT!Expensive & difficult

Inconvenient (No Internet, No email, No USB…)

The most important is: Not a complete solution!

Smart users can copy data through a cross cable

Curtain e-locker is an InformationRights Management (IRM) system that prevents sensitive informationfrom leaking out of the company.

Curtain e-locker is a complete solution

to stop the Information Leakage!

A complete solution

CURTAIN – Security challenges

CURTAIN – How we safeguard your information

CURTAIN – Deployment

Agenda

File Rights:

control Save Anywhere

control Send

control Print

control Print Screen

control Copy and Paste out

control New Document

It changes “Uncertainty” to “Company Practice”

A complete solution

Curtain Protected

CurtainPolicyServer

Fileserver

Architecture

Servers Workstations

Curtain Protected

Server protected directories

Local protected directory

It forms a Protected Zone. All unauthorized actions are prohibited

Curtain client must be installed, in order to access server protected directories. A local protected directory will be created.

Protected Zone

Demo screens

Unauthorized actions (i.e. Save As, Print, Send To) are Disabled

All Rights can be configured by System Administrators

Curtain e-locker with SolidWorks

Curtain e-locker with SolidWorks EPDM

Users can access sensitive files by using the native application (not through a third party file viewer)

Curtain supports over 50 applications, includes MS Office, Adobe Acrobat, AutoCAD, Photoshop, CorelDraw, and etc.

Curtain has been extending the coverage to support more applications

Application-level protection does not change user behavior. Users still use native application for reading & editing

Application-level protection

We will cover more applications continuously. Please refer to our corporate website for the full list.

Office Applications– Adobe Acrobat– Adobe Reader– Microsoft Word– Microsoft Excel– Microsoft PowerPoint– Microsoft Access– Microsoft Visio– Microsoft Internet Explorer– Windows Media Player– Notepad– Microsoft Paint– Cognos Impromptu– WinRAR– QuickBooks– FileFinder– Macro Express– Kodak Imaging for Windows– Windows Picture and Fax Viewer

Supported applications

Graphics Design– Adobe Illustrator

– Adobe Photoshop

– CorelDRAW

– JewelCAD

– Jewelry Database

CAD/CAM– AutoCAD

– AutoCAD LT

– Ansoft Maxwell– Autodesk DWF Viewer

– Zhong Wang CAD (中望)– DWGeditor

– eDrawings

– Gerber AccuMark

– Matrix– MasterCAM

– Pro/ENGINEER

– Rhino

– Perfactory Systems– SolidWorks

– SolidWorks Viewer

– SolidWorks Enterprise PDM

– Unigraphics NX

– Volo View Express

Online/Offline controls – “Sensitive data can be used”:

Users can download sensitive information to local protected directory, and go out for meeting or business trip

Information in local protected directory is still protected by Curtain e-locker, even the PC is offline

Users can edit files in local protected directory. When they come back office, they can upload the latest version of files back to servers

Online/Offline protection

– ONLY when the PC is online

– ONLY when the PC is online within a period of time (e.g. 2 hrs)– Even the PC is offline

Protect first draft – if this feature is enabled, user must save newly created document to protected zone. This feature protects information at the point of creation

Smart copy & paste control:

– Copy & paste in-between documents in protected zone is allowed

Personal local protected directory

Smart protection

– Copy data to protected zone is allowed

– However, copy data from protected zone to other locations is prohibited

Smart screen-capture protection:

– Only window of sensitive data is dimmed

Screen-dump software is also blocked

Screen capture protection

– Users still enjoy the convenience of screen-capture for non-sensitive data

Encrypt sensitive file first –the encrypted file can be copied out of protected zone.

Send the encrypted file to colleague

Colleague simply double-clicks the encrypted file – the file will be automatically decrypted to protected directory for viewing or editing.

Secure file sharing (internal)

Encrypt sensitive file with password – the encrypted file can be copied out of protected zone.

Your business partner can encrypt the file by entering correct password – the file will be automatically decrypted for viewing or editing.

Secure file sharing (external)

Copy/Send the encrypted file to your business partner – the sensitive file is encrypted in USB drive or Email.

Secure “Print to PDF”

Secure generation of PDF file

– Users can convert sensitive documents to PDF format by using the function of print-to-pdf.

– However, the pdf file can be only saved to protected zone. It makes a good balance on convenience and security. Users can generate pdffiles, but data still cannot be leaked out of the company through this channel.

User-friendly Client Interface – Windows Explorer-like interface and all columns can be sorted

User-friendly interface

Policy droplet– Users can click the droplet to view their rights to the document

Clear message –Curtain provides clear message to users, so that they know what they can do to the controlled document

Multi-lingual – Curtain supports English, Traditional Chinese, and Simplified Chinese.

Multi-lingual Support

Switch between languages –Users can switch between languages themselves. There is only one installer for all languages.

Fully localized – All prompts, bubbles, and messages from Curtain are shown in selected language.

Auto patch update – Patches are automatically applied to clients

Easy administration

Admin can define different rules to clean up files in users’ local protected directories, such as daily, weekly, N days, and etc

Housekeeping

Central audit log is available in Policy server. It logs activities to sensitive files

Central audit log

Allow some users to print protected documents out. e-locker will log below information.

• Date / Time

• User / Workstation

• Result (Allow, Deny, etc)

• Application

• Printer

• Filename / Title

• No. of Pages

• Snapshot of printouts

Print log

Allow some users to print protected documents out with self-defined watermark

• Date / Time

• User / Workstation

• IP address

• Page number

• Self-defined sentence

Adjustable

• Margins

• Font colour

• Font size

Watermark

– Select protected document(s) and right-click to select “Send Request”

– After fill in the form (e.g. Request reason), the request will be sent to approver

– Approver can approve or reject the request

– The whole approval process will be logged in Audit Trail

Send Request

If an unauthorized user needs to share a protected document with external parties, the user can submit a Request for approval.

Office:Users can work with sensitive information within protected zoneUsers cannot copy files out by all meansInformation is SECURED

A complete solution

USB disk (e.g. copy files to home PC):Files are encrypted in USB diskIf USB disk is lost, information is still SECURED

Home:Users can work with sensitive information within protected zoneCurtain e-locker can also prevent data leakage thru P2P software, such as Foxy and BT

CURTAIN – Security challenges

CURTAIN – How we safeguard your information

CURTAIN – Deployment

Agenda

Curtain e-locker ClientInstall on each machine to be protected thru local or remote (Silent install) install

Curtain e-locker Policy ServerInstall on server-side. Admin can define policies centrally.

Curtain e-locker Server Plug-inInstall on server(s) you want to protect. For example, if you want to protect shared folders in 5 File servers, you need to install the plug-in in the 5 servers.

Basic components

Basic architecture

For example:

Curtain e-locker ClientIntel Pentium or above processorWindows 2000/XP/2003/Vista/Win 7

(both 32/64-bit)128MB RAM (Recommended 256MB RAM)50MB Hard Disk (in NTFS) for installationTCP/IP network

Curtain e-locker Policy ServerIntel Pentium or above processorWindows 2000/XP/2003/2008/Vista/Win 7

(both 32/64-bit)128MB RAM (Recommended 256MB RAM)60MB Hard Disk (in NTFS) for installationTCP/IP network

System requirements

Pricing model

Install base of Curtain e-locker client (i.e. workstation), no Server license

Curtain modules

For example:License:

100 x Curtain office suite license

20 x Curtain universal license (cover all modules)

First year software maintenance & upgrade is included

Implementation service charge is not included

Secure information EVERYWHERE

Software Development Kit (SDK) is available

Curtain e-locker can be used to secure third parties solutions or your self-developed system

ERP,DMS, orin-house systems

Curtain Protected

CurtainPolicyServer

Architecture

Servers Workstations

Curtain Protected

Backend system is protected

Only secure client can connect to protected backend system

All unauthorized actions are prohibited

Curtain client must be installed, in order to connect to protected backend system. A local protected directory will be created.

Protected Zone

Some of our customers

Some of our customers

採用Curtain e-locker已有三年多的新興光學集團控股有限公司，對這個系統的表現非常滿意，該集團的資訊科技部經理李樹勳先生認為：“…在產品開發部全面採用Curtain e-locker後，這方面的問題已獲徹底解決；我們現正考慮把Curtain e-locker應用到其他部門和層面上。”

What our customers say

凱溢珠寶營運部經理鄧育文先生表示：“Curtain e-locker不僅能有效保護伺服器上的檔案，並可應用到網上文件管理系統(Web-based DMS) ，這絕對有助企業跟上檔案移植到網絡的趨勢，而無須擔憂資料保安問題。”

寶雲號行政經理章志豪先生認為Curtain e-locker真正能夠保護公司機密資料免被外洩，適合需要處理敏感資料的各行業。”資訊系統部主管張東升先生相信：“Curtain e-locker是一套令系統管理者感到自豪的程式， 只須幾個簡單步驟就完成設定需要保護的檔案類型；同時也給我百分百信心，肯定資料檔案不會透過任何途徑外洩。”

What our customers say

Our partners

Over 100 resellers in the Greater China

Awards “IT Excellence Award”

Asia Finalist in the Best Security of the GSC 2010

Finalist for the 2010 Red Herring 100 Asia Award

Partners

IBM Certificates

One of Seven Authorized ISV Solutions in Fu Dai program

SolidWorksSolution Partner

Coworkshop was established in 2001.

Office in Hong Kong and ShenZhen

Awarded in 2001 by Hong Kong Science and Technology Parks (HKSTP) to be a member of the Incu-Tech Program.

Supported by the Hong Kong Government – Innovation and Technology Fund in the years of 2003 and 2004.

About Coworkshop

About Coworkshop

About Coworkshop

Sensitive information can be leaked out of the company without your knowledge. When you know the leakage, it is already too late.

Let Curtain e-locker protect your valuable

information!!!

Conclusion

Thank You