Post on 13-Feb-2017
SaaS applicationsData repositoriesFile sharesUser generated
Classificationand protectionmechanism
Create Classify Protect
Human error, 52 percent—is sited as the leading contributor to data breaches.1
Data sheet
HP Atalla Information Protection and Control family summaryAutomatically classify and protect unstructured data persistently
In an era of increasing cyber threats and targeted attacks, organizations must now assume that their network has been breached. How can organizations then ensure data security and data loss prevention while protecting sensitive unstructured data such as documents and spreadsheets from improper access?
HP Atalla Information Protection and Control (IPC), a data classification solution, solves this complex data security issue by giving organizations the means to bring protection to the data itself. HP Atalla IPC applies data protection at the point where information is created and makes that protection persistent, so it follows the information wherever it goes. This secures sensitive data no matter where it actually resides.
The challenges of protecting unstructured information
Today, sensitive organizational data in spreadsheets, documents, presentations, and other files reside in multiple locations—for example, employee laptops or mobile devices, file servers, storage arrays (NAS and SAN), and cloud-based storage. Similarly, in today’s de-perimeterized environment, collaboration is crucial but sharing data necessitates exposing it at multiple levels. Traditional data protection solutions inhibit productivity by applying protection unnecessarily. Items classified as “sensitive” easily lose this classification if it’s not saved in a predefined format or network location, or if they are modified out of original content.
Today, this creates enormous challenges for enterprises that are struggling to understand where all their sensitive content lives. They also need to determine how to apply consistent data security policies to protect that sensitive information from falling into the wrong hands. There is even more complexity in federating these controls over information in various operating environments, where users interact with the data. It is becoming increasingly difficult to ensure data protection in enterprise computing today and it will be more so in the future.
Based on a recent study by CompTIA 2015, human error is the leading contributor to data security breaches at 52 percent. This is followed by end-user failure to follow data protection policies and procedures at 42 percent, general carelessness at 42 percent, failure to get up to speed on new threats at 31 percent and so on.
1 CompTIA 2015—Trends in information security study
2
Data sheet | HP Atalla Information Protection and Control family summary
Statistics like these are a constant reminder that organizations can benefit greatly from a data classification solution that “automatically” helps to eliminate the human factor of having to individually select or assign policies to individual documents. Users might not always remember to set proper data protection settings each time they create a file. Instead, a policy-driven solution that automatically classifies and protects data quickly brings immediate ROI and greater data protection to organizations.
Businesses need advanced data loss prevention and security capabilities to classify sensitive data, apply consistent policies to the valuable assets they identify, and to federate those data protection capabilities across a borderless enterprise. These challenges can be addressed with HP Atalla IPC.
Embed security at the point of data creation
Unlike traditional solutions that attempt to control users, channels, or storage, HP Atalla IPC protects data by uniquely embedding protection within the data itself, at the moment of creation or initial access of the information in its unstructured form. HP Atalla IPC agents on enterprise hosts instantly identify and classify all new, modified, or accessed sensitive data from any origin. This data, identified with extremely high accuracy, is persistently tagged, enabling comprehensive control over access and usage that continues to follow the data everywhere. Atalla IPC encrypts and applies usage rights by leveraging Microsoft® Active Directory Rights Management Service (AD RMS)/Azure RMS.
For email security, HP Atalla IPC extends the capabilities of AD RMS to enable Microsoft Outlook users to implement email protection easily. A key benefit of the HP Atalla IPC data loss prevention and data security solution is its capability to simplify email protection through AD RMS extensions for Outlook—an easy-to-use capability that runs within Outlook. Users can easily apply additional data protections such as—“View”, “Edit”, “Copy”, “Print”, “Save”, “Forward”, “Reply”, and “Reply All”, without any additional training.
The HP Atalla IPC data classification software family portfolio is packaged in 1-year term or 3-year term licenses with 24x7 support included. Customers can select HP Atalla IPC Enterprise or HP Atalla IPC Express as a base solution and then choose additional module functionality as required to build out the most effective data security solution for their organization.
Highlights
• Proven classification accuracy
• Multi-disciplinary classification mechanisms
• Optimized classification cycle
• Full analytics of data usage events
• Persistent protection wherever the data travels
Figure 1. HP Atalla IPC architecture overview
Atalla IPC agent in actionSource Destination
Captureevents
OpenSaveEmailUploadDownload...
Classifycontent
Managepermissions
Embedpolicy
Applyprotection
File repositories
Partner
Web
Storage
Devices
Usage data
Client apps
SaaS
Atalla IPC Management Server
Web
3
Data sheet | HP Atalla Information Protection and Control family summary
The HP Atalla IPC Product Suite
HP Atalla IPC products immunize data wherever and whenever it is created and throughout its entire lifecycle. HP Atalla IPC:
• Captures data upon creation from any source in the enterprise
• Classifies information accurately based on content and context
• Applies lifetime data encryption and usage rights to sensitive information per enterprise policies
• Tags and tracks information throughout its entire lifecycle
• Provides reporting and analysis to enable visibility to data at creation, usage, share, storage, and archive
The HP Atalla IPC product suite consists of these module options:
• HP Atalla IPC Enterprise
• HP Atalla IPC Express
• HP Atalla IPC Mobile
• HP Atalla IPC Data Interceptors
• HP Atalla IPC Scanner
• HP Atalla IPC Bridge
HP Atalla IPC Enterprise
HP Atalla IPC Enterprise utilizes an agent-based approach to capture, classify, and protect all information on the endpoint at the moment of creation and persists throughout the entire lifecycle of that information. It captures data (e.g., email, text, CAD/CAM design, MS Office files, audio, image etc.) as soon it is created from any source such as data generated by apps, Web, cloud, and file stores. The data is classified with a high level of accuracy based on user, context, and content, which are clearest at the moment that data is created. HP Atalla IPC Enterprise then applies appropriate encryption and usage rights for all file types used in their native applications, according to enterprise policies. This is achieved by using Microsoft AD RMS/Azure RMS as the primary Information Rights Management (IRM) protection. It keeps sensitive data permanently safe while in use or at rest in any on-premises or cloud repository, even when collaborating with external parties. HP Atalla IPC Enterprise is centrally managed and includes the full complement of analytics.
HP Atalla IPC Express
HP Atalla IPC Express is a powerful yet lightweight solution that automates unstructured data classification and deterministic protection of email, MS-Office documents, and PDF files. Atalla IPC Express shares the advanced technology of the Enterprise version, while addressing the requirements of enterprises that need to streamline compliance processes and optimize existing DLP and email encryption gateway deployments. Atalla IPC Express is a low-TCO and near-zero-configuration solution—true plug and play—especially beneficial to enterprises that do not have the support team in place to establish and manage detailed information-classification and protection policies. While offering robust data classification and protection capabilities, HP Atalla IPC Express can run as a stand-alone solution either with or without central management.
HP Atalla IPC enables the smooth assimilation of Information Right Management (IRM) and data encryption practices into business processes—without complex, lengthy, and costly integration.
4
Data sheet | HP Atalla Information Protection and Control family summary
HP Atalla IPC Mobile
HP Atalla IPC Mobile data protection enables enterprises to take advantage of today’s mobile workforce. It brings active immunization technology to handheld and mobile devices such as smartphones and tablets. With HP Atalla IPC Mobile, it is easy to receive and use encrypted emails resulting in higher productivity and better user experience. End users can work with enterprise-approved or their own preferred email applications and don’t have to learn any new applications.
HP Atalla IPC Data Interceptors
Context and content are clearest at the moment that new data is created. HP Atalla IPC offers a wide variety of built-in Data Interceptors for enterprise data sources, independent of users and devices, whether managed or not. Data Interceptors are clients or application add-ins that are installed inside or next to the services that create information.
Data Interceptors solve the challenges of data security by capturing data automatically upon creation and assigning data classification, metadata labeling, and more at the time of content creation or upload. By applying automatic encryption of sensitive content based on centrally managed policies, it delivers persistent security without reducing productivity or functionality.
Data Interceptors can be deployed as:
• Data Interceptor for Exchange—provides classification and protection for incoming and outgoing mail and attachments, enabling secure collaboration with business partners and customers. With this version of Data Interceptor, enterprises can meet compliance requirements by enabling archiving processes to work with encrypted emails and attachments.
• Data Interceptor for OpenText—allows information classification and protection upon file check-in or check-out. Leveraging file properties of Enterprise Content Management Systems (ECMS) such as OpenText enables these Data Interceptors to classify information accurately by context.
• Data Interceptor for Application Servers—allow applications running on servers to classify and protect information as it is generated by the application, before it is saved to the server’s hard-drive or to another file store.
• Data Interceptor for SDK—provides custom data interceptor for enterprises’ own in-house developed services with software development kits (SDK).
HP Atalla IPC Scanner
The agent, installed on an enterprise server, crawls through legacy data files on network shares and file stores, identifying, classifying, and protecting valuable data automatically. It is able to scan the enterprise’s entire data repository continuously, delivering immediate and significant value from pre-existing information, or it can act as an additional layer for information created and uploaded to file stores on a continuous basis.
HP Atalla IPC Bridge
HP Atalla IPC Bridge enhances productivity and improves data center ROI by allowing critical IT services, such as indexers and scanners to run unimpeded—transparently granting them access to data that is already encrypted, while still maintaining tight data security. The easily integrated HP Atalla IPC Bridge agent is installed on the server where the service executes, for example, on a SharePoint indexer server or on a network AV scanner. It automatically grants clear and trusted access to the service, enabling it to use the protected content, avoiding the tedious and productivity-hindering steps of decrypting and re-encrypting.
About HP Security
HP enables organizations to take a proactive approach to security, disrupting the life cycle of an attack through prevention and real-time threat detection. With market-leading products, services, and innovative research, HP Enterprise Security also enables organizations to integrate information correlation, application analysis, and network-level defense. Additional information about HP Enterprise Security can be found at hp.com/go/esp.
5
Data sheet | HP Atalla Information Protection and Control family summary
HP Atalla IPC Management Console for easy management, monitoring, and auditing
All HP Atalla IPC products create real-time logs managed in one location, enabling comprehensive management and analytics. The Web-based HP Atalla IPC Management Console provides a single-pane view of all classification and data immunization policies and activities enterprise-wide, with a single policy that controls all HP Atalla IPC components—endpoints, mobile devices, data interceptors, scanners and bridges. It delivers real-time clarity and visibility over all sensitive information across the enterprise—who is using information, where it is stored, how it is being used, and how HP Atalla IPC is classifying and protecting each data item. Enterprises can quickly obtain comprehensive auditing and forensics for regulatory compliance purposes.
HP Atalla IPC also provides detection of anomalies and the analysis of threats before they happen by leveraging powerful analytics. HP Atalla IPC analytics utilizes sophisticated online analytical processing (OLAP) and forensic analysis to keep enterprise security policies aligned with real-world usage. Real-time behavior-anomaly detection flags potential insider threats. By quantifying internal and external exposure based on data location, usage, and users, HP Atalla IPC analytics enables enterprises to map their information assets and understand where information is created, used, stored, and shared both within and beyond the perimeter.
Summary
The HP Atalla IPC suite of products enables every enterprise to benefit from our innovative and persistent data immunization technology. HP Atalla IPC accurately classifies and protects all enterprise data throughout its lifecycle: creation, usage, collaboration, storage, and archival. Enterprises can select and apply the solutions that meet their compliance, intellectual property protection, and other security requirements.
• Complete, next-generation data-loss prevention (DLP) from the moment of data creation
• Effective protection against insider threats
• Compliance with industry and government regulations regarding data security and confidentiality
• Accurate mapping of all information assets and pinpointing of risk—where information is created, used, stored, and with whom it is shared
• Secure information collaboration and BYOD both within and beyond the enterprise
• Establishment, management, and control of information-protection policies via a central management console
• Comprehensive auditing and forensics capabilities to detect anomalies and analyze threats
Contact your HP sales representative to help you tailor the perfect HP Atalla IPC solution to your business needs.
Professional services for data classification and protection
Professional services are provided primarily by our HP partner, Secure Islands. In addition to providing advanced technology solutions, HP and Secure Islands provide a range of professional services around data security for HP Atalla IPC.
• Quick Start Program
• Onsite Data Protection Consulting and Implementation
• Microsoft AD RMS, Azure Rights Management Consulting, Planning, and Implementation
• Data classification and information protection training
About Partner—Secure Islands
Secure Islands develops and markets advanced Information Protection and Control (IPC) solutions for the borderless enterprise. Offering policy-driven classification and protection for unstructured data. Secure Islands lays the foundation for sensitive information security in enterprises as they shift from perimeter defense to persistent protection. Secure Islands’ holistic approach literally redefines information security and assists the enterprise in regaining control by identifying, classifying, and protecting sensitive information throughout its lifecycle.
6
Data sheet | HP Atalla Information Protection and Control family summary
Specifications for HP Atalla IPC
Licensing terms: 1-year and 3-year term licenses, with 24x7 support
OS requirements for HP Atalla IPC Agent Windows® 7 (32- and 64-bit)
Windows 8/8.1 (32- and 64-bit)
Windows 10 (32- and 64-bit)
Windows Server® 2008 (32- and 64-bit)
Windows Server 2008 R2
Minimum hardware requirements for IPC Agent CPU: Intel® Pentium® III 1 GHz or faster
RAM: 512 MB
Disk space: 250 MB
Network connection: TCP/IP for remote access
Microsoft Office supported by HP Atalla IPC Microsoft Office 2007
Microsoft Office 2010
Microsoft Office 2013
Web file download protection support Web client/browser of any type (HTTP/HTTPS)
OS requirements for HP Atalla IPC
Management Server Platform
Windows 7 (32- and 64-bit)—for a proof of concept only
Windows Server 2008 (32- and 64-bit, excluding Core edition)
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Minimum server hardware requirements for HP Atalla IPC Management Server Platform
CPU: Quad-core CPU
RAM: 8 GB
Free Disk space: 100 GB
Network connection: TCP/IP for remote access
7
Data sheet | HP Atalla Information Protection and Control family summary
Specifications for HP Atalla IPC (continued)
HP Atalla IPC Remote Desktop Services (Citrix®/terminal services) support
Windows Server 2003 (32- and 64-bit)
Windows Server 2008 (32- and 64-bit)
Windows Server 2008 R2
Windows Server 2012
Windows Server 2012 R2
Database requirements Microsoft SQL Server 2008 R2 or Microsoft SQL Server 2012 Standard or higher with full text indexing installed. For reporting and dashboard features (HP Atalla IPC Analytics), you must install SQL Server Analysis Services (SSAS) and SQL Server Reporting Services (SSRS).
For data analytics: SQL Server Integration Services (SSIS), SSAS, and SSRS
OS requirements for HP Atalla IPC Mobile Microsoft Exchange Server 2010 Service Pack 2 and higher Microsoft Exchange Server 2013
Supported platforms for HP Atalla IPC Mobile iOS 6 and above
Android 2 and higher
BlackBerry OS 5/6/7/10
Windows
Additional notes Microsoft AD RMS is supported today as the primary Information Rights Management (IRM) protection platform for HP Atalla IPC. Support for additional IRM platforms to be added at the sole discretion of HP.
Rate this documentShare with colleagues
Sign up for updates hp.com/go/getupdated
© Copyright 2014–2015 Hewlett-Packard Development Company, L.P. The information contained herein is subject to change without notice. The only warranties for HP products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. HP shall not be liable for technical or editorial errors or omissions contained herein.
Citrix is a registered trademark of Citrix Systems, Inc. and/or one more of its subsidiaries, and may be registered in the United States Patent and Trademark Office and in other countries. Intel and Pentium are trademarks of Intel Corporation in the U.S. and other countries. Microsoft, Windows, and Windows Server are either registered trademarks or trademarks of Microsoft Corporation in the United States and/or other countries.
4AA5-5353ENW, September 2015, Rev. 2
HP Atalla IPC support
HP Atalla IPC support services are available 24x7.
Learn more at hp.com/go/AtallaIPC
Data sheet | HP Atalla Information Protection and Control family summary