PortAuthority tightens its data security net
Version 5.0 tracks data in motion, at rest, and in use
I appreciate when a vendor succeeds at developing a very good application. But what I find more admirable is when a vendor recognizes the deficits in its solutions, makes no excuses, and quickly goes back to the drawing board to make that app excellent.
Such is the case with PortAuthority Technologies. Although no slouch as an ILP (information leak prevention) system, PortAuthority 4.0 had some usability and functional lapses when I last looked at it. PortAuthority 5.0 corrects the major issues I uncovered, pushing it to the top of the class in this category.
I take this stand because of four main ways PortAuthority 5.0 has improved. First, security is improved, as it now catches accidental and intentional data leaks over networks, examines file repositories for confidential information, prevents data from being copied to removable media, and integrates with DRM (digital rights management) systems. Second, the Web-based user interface is simpler to use, with only a few clicks now required to review and act on policy violations. Third, you now receive 150 prebuilt policies, which universally apply to data at rest, data in motion, and data in use; moreover, the system easily switches from auditing to prevention mode. Last, PortAuthority re-engineered its appliances, making them more reliable (with built-in fail open network interface cards) and more powerful, which gives enterprises better scalability.
My tests involved the Enterprise Manager MX appliance, which handles networks with as many as 10,000 users, as well as P-500 Protector appliances, which sits on the network edge, distributing the data monitoring, enforcement, and discovery workload when you’re configuring large global networks.
No complete ILP solution will be installed overnight, but PortAuthority 5.0 should reduce IT staff workload compared with competitive offerings. That’s because Manager servers merely connect to any network hub or switch as do the Protectors, which the main appliance automatically recognizes.
PortAuthority retains an MMC (Microsoft Management Console) snap-in to manage policies; sitting on top of this are still policy wizards for deploying the system quickly. In a few clicks I’d selected prebuilt policies for U.S. federal regulations, corporate governance, and intellectual property (such as patent information).
Yet policy management is easier and more detailed. The system integrates with Active Directory and LDAP servers; this enabled me to assign policies quickly by user, group, department, or other characteristics. Drilling down into the policy settings, I could now set real-time alerts. Importantly, I individualized notifications for system administrators, security officers, and end-users based on severity. For instance, what’s considered an unintentional mistake (perhaps putting one Social Security Number in a message) could send a warning to the end-user; malicious violations would trigger a message block and send an immediate e-mail to your compliance team.
Other advanced features let me enforce variations of a policy by geography -- which is important when you must comply with international regulations.
Another aspect of policy setup is identifying confidential or private information in database tables. PortAuthority 5.0 guided me through connecting to a SQL database and specifying rules; as before, fingerprinting happened fast, with about 1 million records analyzed in 10 minutes.