At RSA Conference 2015 TITUS launched TITUS Classification Suite 4, a significant new release of its flagship data identification and information protection suite.
Already in use by the French Ministry of Defense and others, the new solution uses content and context to automatically classify and protect information as it is handled by users, and allows manual and guided classification for maximum flexibility and user engagement. Fine-grained policy control and comprehensive metadata capture also leverages overall security investment, improves data management and increases regulatory compliance.
The suite offers organizations a new flexible policy engine that can apply complex rules to protect information without getting in the way of business process or requiring users to remember specific security policies. Administrators can set up policies to, for example, classify email based on recipients; protect email based on the content or classification of attachments; classify and protect documents based on content, filename or location; or prevent printing of sensitive documents to non-secure printers. Customizable, easy-to-use alerts warn users of special information handling conditions or possible impending security violations.
“We’ve said it before, and we’ll say it again — data classification matters. In compliance-based strategies, there are two types of data to classify — regulated and nonregulated. Compliance is not security. It does not capture sensitive (nonregulated!) data like corporate confidential communications, intellectual property, marketing plans, or board meeting minutes. All of the nonregulated data would be left out in the no-man’s land of ‘low risk data,’ which it clearly isn’t,” said Forrester Research, Inc. in the report, “Twelve Recommendations For Your Security Program In 2015” (March 2015).
The suite also integrates with data loss prevention (DLP) solutions, allowing enterprises to optimize security policy, focus on high-risk areas, and capture retention-related metadata for informed archiving or deletion. New integration capabilities, such as with the Intel Security Data Exchange Layer (DXL), will allow organizations to enhance their behavioral analytics and reporting capabilities, which can help them uncover malicious insider threats.
With TITUS Classification Suite 4, enterprises can:
- Identify unstructured data—Identify the business value of unstructured data at the time of creation, so an organization knows what data it has and how it should be protected.
- Raise security awareness—Automatically add visual markings and handling instructions to email and documents to raise user awareness about the sensitivity and business value of corporate information.
- Engage end users—Promote a culture of security by making users aware of their responsibilities and provide targeted, interactive education so that security becomes everyone’s responsibility.
- Apply content protection—Apply persistent protection to email and documents with Microsoft Rights Management Services (RMS) and S/MIME.
- Optimize DLP and other security solutions—Increase the accuracy and effectiveness of data loss prevention (DLP) solutions with data classification.
- Improve data management—Capture retention-related metadata as users create and send information, so that an organization can make informed decisions about archiving, storage, retention, and deletion.
- Reduce mobile risks—Mitigate the risks of mobile information sharing by extending the benefits of classification to the mobile workforce.
- Uncover insider threats—Report on user behavior to detect policy education gaps and inadvertent or malicious insider activity.
The suite is comprised of TITUS Message Classification for Microsoft Outlook, TITUS Classification for Microsoft Office, and TITUS Classification for Desktop. TITUS Classification solutions for Mobile and Outlook Web App (OWA) are also available.