Infowatch Traffic Monitor

Infowatch Traffic Monitor

Infowatch Traffic Monitor is a centralized Data Loss Prevention (DLP) system which monitors ongoing activities on the network to protect if from any data leaks which may arise from internal malice. It proactively supervises incoming and outgoing channels of data stream and identifies threats through its superior analytic design.

A product of InfoWatch, a conglomerate based in Moscow, InfoWatch Traffic Monitor’s parent company leads Data Loss Prevention markets for DLP in Russia and the CIS and is present in 20 countries with more than 2000 clients

 

Features:

InfoWatch Traffic Monitor overlaps three different aspects of data security in a single go. These include Monitoring, Blocking and Investigation.

Monitoring:

The principle tough job for a threat detection solution is monitoring of course; with an enterprise that has more than a hundred thousand employees, monitoring each and every one of them for malicious activity is a huge task. The higher the number of employees, the higher there is a chance of foul play. 

InfoWatch Traffic Monitor monitors Emails, Instant messaging applications (sms and internet based both), web resources (Web mail, social media, blogs and cloud storage), storage devices (USBs, modems, external/internal HDD and mobile devices) and user actions on their designated nodes. It carefully watches over the secondary data channels like printing, screen captures, keyloggers, audio or visual recording and WiFi connections and shared network storage.

Blocking:

There are certain channels of data communication that are either not required by enterprise or could be a host to invasive tactics. Social media and access to websites on personal networks could be blocked by InfoWatch Traffic Control. It also blocks access to external storage devices like mobile phones plugged in to your network as well as having a potential to block local and network printers. On similar lines, screen captures, copying to clipboard and launching of certain applications which can be used for data transmission could be banned by InfoWatch Traffic Monitor.

Incident Investigation:

Not only does Traffic Monitor monitor and block certain channels, it also keeps a record of wrongful data transmission for the usage in legal and enterprise proceedings. For example if a scanned image of confidential data is detected by InfoWatch then it  will not only notify the administrator but will also file it out for the record including the credentials of the person involved. This can be used for formally charging the perpetrator with proof.

    InfoWatch Traffic Monitor Benefits

    • Is applicable to any enterprise with any number of employees whatsoever. Could be taken to work for up to 300,000 employees at a single time.
    • Does not require changes to enterprise hierarchy or operations because InfoWatch Traffic Monitor is flexible to attach with any category of companies: financial organizations, telecommunications and insurance companies etc. It can also be used by different departments: from legal to procurement to management professionals alike.
    • Reduces the host company’s data loss risk which could translate to cost cuts in finance, better reputation throughout the industry and zeroing of legal risks.
    • Monitors conditions while the business is going on as usual. The restrictions are only applied to risky communication channels and for sensitive data transmission.
    • Internal and external communication can be filtered out through the platform.
    • Traffic Monitor gives instant access to details of any suspicious activity and singles out the node and forwards to admin.
    • Over watch of employee working which could improve corporate culture and increase productivity when social media and entertainment outlets are cutoff.
    • Collects evidence for incidents investigation. And this forensic storage does not only work for only incidents but for every communication exchange. An administrator can look back and find anything missed or if they want to look for any other discrepancy not monitored by Traffic Monitor.

    Architecture 

    • InfoWatch Traffic Monitor includes modules which can be blended with different proportions for different clients. A client will only pay for the features they are using which makes this architecture more economic than before.
    • A control module for data transfer and communication channels which is the central module and communicates with all other modules named as InfoWatch Traffic Monitor.
    • InfoWatch Device Monitor is a module which looks over email, web usage, text and internet messaging, internal and external hard drives as well as printing of data and relays the information to Device Monitor.
    • InfoWatch Crawler is a module for monitoring information in shared network storage and document workflow systems which are not employed by the system. It also scans for document repositories and just like Device Monitor, relays it to Traffic Monitor module. 
    • InfoWatch Forensic Storage archives all processes going on in the organization including all incidents and records of leaked information as a data dump to support legal and enterprise proceedings. It coordinates directly with the administrator as well as with Traffic Monitor.
    • InfoWatch Vision makes real time visual analysis of data and information relayed directly to the administrator.

    With 2263 leaks reported in the year 2018, it is essential for an enterprise to have security measures in place for prevention of data loss and confidential leaks that can harm the reputation as well as the financials of the company. InfoWatch Traffic Monitor could come in handy for your enterprise in this regard.