Start with Least Privileges - We keep this topic central, because for us security starts with least privileges. Get a bi-directional view of permissions across Windows, NAS, UNIX/Linux, Exchange, and SharePoint. Sandbox and commit changes in a single pane of glass. Report on them in minutes and automate distribution of those reports. Set up real-time alerts on permission changes or escalations and accessed or deleted critical files, folders, sites or mailboxes. Our data classification and data owner identification technology is integrated in this governance framework. You might want to have a look at our privileged account management page as well.
Classify your Information - If you wish to protect sensitive information, first you need to know where that data resides. Data classification technology helps you find sensitive files; it provides visibility into the content of data across file systems and SharePoint sites. We integrate that information in our least privilege management solution to answer the more difficult questions: who has access, who is using it, who owns it, where is it at risk, which data is stale and so on. Our solution provides a prioritized list of those folders with the most exposed permissions AND containing the most sensitive information. It provides recommendations on how to effectively limit access without disrupting business processes. In addition, we have a data classification solution for endpoints, which is described below.
Identify Data Owners - Detect data owners and enable them to decide who should have access to their resources. Our technology helps you identify these data owners. This is done by analysing all access events on Windows, SharePoint, Unix/Linux, EMC Celerra, NetApp filers and Exchange. In addition, Active Directory metadata is used to quickly point IT in the right direction. Apply business logic to access request and approval workflows. Remember that IT is not closest to the resource, data owners and managers are.
Caused by people & process issues
Isolate Most Critical Servers - Dynamically isolate and protect cross-platform systems. We leverage your existing Active Directory infrastructure and native support of IPsec in a policy-based software solution. This provides the ability to seamlessly block un-trusted systems from communicating with trusted systems and to selectively encrypt your critical data-in-motion. Do not let your most critical systems depend on the weakest link in your environment.
Think about Self Encrypting Devices - Although we are not an encryption expert (and have no ambition to become one), SEDs have caught our attention. Software-based encryption has become a commodity offered by the big players in the market (e.g. have a look at McAfee Complete Data Protection or Sophos SafeGuard Enterprise). Frankly, you don’t need a partner like Metastore for this. Hardware-based encryption on the other hand, is an innovative technology, where you might need our assistance to get it on the company security roadmap. We realise that we are probably early with this one, but we believe SEDs will become mainstream in the near future. We aim to stay innovative and do what others don’t. Hardware-based encryption is a lot faster and the surplus cost of SEDs is negligible. Once you start equipping your organisation with SEDs, we are here to provide you with the software to manage them centrally. Prepare yourself for the future.
Guard your User-held Devices - Until now we have mostly been talking about data residing on servers, but what about other endpoints? Indeed, more than 60% of corporate data lives not on servers but on user-held devices like laptops and tablets. These devices are vulnerable by definition. We can bring you the technology to manage these endpoints from a single console whether they are on or off your network, online or offline. Our data protection suite is modular to fit your requirements granularly.