Minimize Data Loss Via Transparent, Unified Endpoint Protection

Data loss is a hydra with many heads

Tivoli Beat. A weekly IBM service management perspective.

The question "How can we keep mission-critical data from leaving the organization in unacceptable ways?" is getting harder to answer every year.

Among other significant factors making things more complex:

IBM Endpoint Manager for Core Protection: Multifaceted data loss prevention from a single point of control

It was with exactly this situation in mind that IBM last year released IBM Tivoli Endpoint Manager for Core Protection—a powerful security solution specifically designed to secure endpoints and minimize data loss in a variety of different respects in a centralized policy-driven manner.

"IT team members can assess at a glance the organization's total endpoint security posture—the percentage of endpoints that haven't yet been properly configured, patched, and/or updated—as well as pinpoint the specific endpoints that need more work."

The IBM Endpoint Manager family features a straightforward graphical user interface, accessible from any standard Web browser, which reflects key information about the security status and configuration of endpoints.

Using it, IT team members can assess at a glance the organization's total endpoint security posture—the percentage of endpoints that haven't yet been properly configured, patched, and/or updated—as well as pinpoint the specific endpoints that need more work.

The way the solution handles the endpoint device is similarly elegant. Once the single agent has been deployed—and it supports both Windows and Mac OS X-based endpoints—that agent communicates automatically with the server and a cloud-based protection network.

Instead of relying solely on signature files that are stored on the endpoint, the endpoint can continually obtain the most current information about new malware from the cloud-based service. In tests, this capability has been shown to protect a stunning 100% of known malware—an eye-opening figure appealing to any IT manager.

Task-based, data-based, and file-based protection via a dedicated data loss component

Added power comes via special data loss prevention capabilities that allow managers to create policies that reflect the differences that exist among job roles. The solution can be configured to prevent data copying by certain employees while permitting it for others, even if both groups of employees have access to that data.

What's more, this solution also delivers special power for administrators who may need to block data transmission to a variety of alternate channels, like printers, CD/DVD drives, and network drives. And beyond the channel being blocked, the solution allows managers to specify the data they need to stop from being transmitted.

Once they create a list of blacklisted data—specific keywords, for instance, or company credit card numbers, or social security numbers—the solution can automatically detect when a given endpoint is attempting to transmit matching data and stop that from happening.

The same capability applies to files as a whole—particular named files, or files with any particular cluster of traits such as size or type, can be blocked.

Granular power to protect against risky e-mail, Web sites, removable storage, and user behavior

Additional protection against data loss stems from the fact that Endpoint Manager for Core Protection can also assess target destinations for both e-mail and Web sites—comparing, for instance, the site that is listed in an e-mail just received by an employee against a list of millions of continually updated sites that are seen as high-risk. This is useful to reduce the odds that data-transmitting malware might inadvertently be installed.

Should employees try to visit such a site in any way, whether deliberately or without realizing they're going there, the solution will simply block the visit (and thus prevent an unfortunate outcome such as the silent installation of Web-hosted malware on that employee's endpoint).

IT managers struggling to cope with data loss that occurs via removable plug-and-play devices, such as USB thumb drives, will find the solution's granular device control attractive. Using it, they can restrict such devices in a way that they themselves define and control—preventing, perhaps, certain vendors or models of removable drives from working, or only allowing certain vendors or models to work at all.

Together, all these capabilities combine to significantly help drive down the total amount of business data that leaves the organization in unacceptable ways, while also providing:

Additional information

Recent Articles

Contact IBM

Considering a purchase?

Pulse Comes to You


Pulse Comes to You (PCTY) 2012 delivers the experience, value, and education of Pulse 2012 around the world with local events. IBM Executives and Industry Leaders will share how Integrated Service Management can deliver the Visibility Control Automation™ needed to deliver differentiated services and build competitive advantage on a Smarter Planet.

Find cities and dates

Featured community


Leverage and contribute to the collective wisdom around Tivoli

Engage the community