Support Center

  • The solution concept is based on the innovative C.A.F.E. management principle and includes all devices and data paths. The intelligent and central management allows for the easy installation and administration of functionality. Protection is ensured with a high degree of transparency for the users, but mostly in the background to not interrupt users‘ workflows – an important factor to achieve users’ acceptance of the security concept.

    Risk: Data losses
    Any company, independent of its size and industry, is exposed to data losses through intentional theft or the negligent handling of data and risks know-how losses, competitive disadvantages, penalties and also major image damages `in case of notifiable data losses (§ 42 a BDSG).

    Risk: Malware
    Malware is malicious code that can be infiltrated into the company through a variety of data paths. Malware may destroy data (traditional viruses), but also transfer data elsewhere (Trojans) – again, this results in data losses. Often, malware is used for industrial espionage purposes. While most people think that antivirus software or a firewall is able to protect them against malware, this approach does not go far enough, since infected devices (mobile media, USB sticks, smartphones etc.) may also infiltrate malware into the company.

    Risk: Liability
    The Data Protection Act provides for high penalties in case certain kinds of data are lost – and no company can ignore the related risks. However, companies do not only face liability risks based on data protection regulations, but also through copyright infringements or incompliance with licensing regulations, if the corporate IT is used by their employees for private purposes.

    Risk: Productivity losses
    Employees who use corporate IT devices, for instance, to play PC games, edit their holiday pictures, download music or movie files or chat in social networks, do not only expose the company to liability risks, but also cause higher costs due to productivity losses, a factor that is often highly underestimated.
    The C.A.F.E. management principle developed by EgoSecure solves these problems through the intelligent combination of the following functionality:

    Control
    Defines which user is authorized to use which data paths. Only those employees who need sensitive data for their work have access to these data.

    Audit
    Logs provide evidence if users violate laws and regulations to ensure that they handle data with care – an important requirement to ensure IT compliance.

    Filter
    Separates critical data types from uncritical data types and blocks data types that are not wanted within the company.

    Encryption
    The C., A. and F. components ensure that only authorized employees have only access to data and applications which are relevant for their work. 100-percent all-round protection is provided by encrypting authorized data, since encryption also protects against intentional data theft or the negligent loss of data
  • InfoWatch Traffic Monitor Enterprise is a comprehensive solution for data protection, loss prevention and monitoring the transmission of sensitive information outside a company, as well as for the protection of the company from internal threats.

    InfoWatch Traffic Monitor Enterprise Key Features


    • reventing the leakage of personally identifiable information and customer data bases
    • protection against leaks of sensitive data
    • intellectual property protection
    • identifying intruders, disloyal employees, persons engaged in espionage, conspiracies, sabotage
    • investigation of information security incidents


    InfoWatch Traffic Monitor Enterprise protects your company from internal threats:

    Insider Activity

    1- The insurance company consultant sends its clients' lawyers information on outstanding claims. He also informs a competitor about VIP- contracts indicating the size of the insurance premium and the time remaining on current contracts.
    2- InfoWatch Traffic Monitor: detects any clients' personally identifiable information or any information for insurance claims and contracts sent to an external email address. The security officer or an authorized person will promptly receive information about the incident.
    3- Technologies used: interception of outgoing mail, template analyzer, filled forms detection, stamp detection.


    Conspiracies

    1- «A Bank loan consultant negotiates with clients for approval of a loan with "special conditions". He also messages with the consultant of a competitor bank regarding provision of information about mortgage contracts for a bribe, in order to poach the clients later (by providing more favorable terms and conditions).»
    2- InfoWatch Traffic Monitor: detects this conspiracy by detecting and analyzing the consultant's personal correspondence via e-mail, instant messaging, Skype, etc. The security officer or an authorized person will promptly receive information about the incident.
    3- Technologies used: interception of outgoing mail, linguistic analysis.


    Poaching Clients

    1- A corporate account manager is about to resign, and so he copies contacts from the client database and suggests to his clients that they switch to a competitor (his new employer).
    2- InfoWatch Traffic Monitor: detects the copying of the database and any suspicious correspondence with clients, and also the employee's intention to resign. The security officer or the authorized person will promptly receive information about the incident.
    3- Technologies used: detection of information copied to external media, DB uploading detection, monitoring visits to on-line job sites.


    Identifying Corrupt Schemes

    1- A tender is announced for the purchase of expensive equipment in a large company. The acquisition manager engages in correspondence with one of the suppliers, negotiating a meeting with him during out of office hours. The majority of all corrupt schemes are simply discussed openly via personal e-mail (@ gmail.com, @ outlook.com, etc.), Skype or instant messaging.
    2- InfoWatch Traffic Monitor: detects suspicious correspondence via e-mail, instant messaging, Skype, etc.
    3- Technologies used: text messaging detection, linguistic analysis.

    Industrial Espionage

    1- A production engineer at the manufacturing company sends design documents, specifications, plans and calculations for a new project to a personal e-mail address.
    2- InfoWatch Traffic Monitor:
    detects any secret documents as part of the network traffic flow, even if the employee sends them as pictures, images, or photos.
    3- Technologies used: Traffic monitoring, OCR, linguistic analysis.


    Theft of Personally Identifiable Information

    1- An employee of a mobile phone shop delivers scans of personal IDs to his accomplice at a bank to carry out fraudulent loan processing.
    2- InfoWatch Traffic Monitor: detects the sending of personally identifiable information, scanned IDs or completed forms or questionnaires. All this information will be saved in the Forensic Storage database for further investigation of the incident and to provide evidence in court.
    3- Technologies used: traffic monitoring, passport detection, filled forms detection.


    Disloyal Employee

    1- A valued employee has become negligent in his work, constantly printing documents, and copying information to removable media.
    2- InfoWatch Traffic Monitor: detects the employee visiting job search websites, sending out his resume daily, using the company's infrastructure for private purposes, printing confidential documents, and copying sensitive information and a customer data base onto a USB drive.
    3- Technologies used: copying to external media detection, DB uploading detection, monitoring visits to on-line job sites, email monitoring, monitoring of printing activity.


    Working for Competitors

    1- The manager of a trading company constantly prints out the company's price lists, and sends out special prices for projects and tenders to third-party addresses. Competitors always indicate a slightly lower price than that stated by your company, and so constantly win tenders.
    2- InfoWatch Traffic Monitor: detects printing of confidential data
    3- Technologies used: Monitoring document printing, traffic monitoring, linguistic analysis, filled forms detection, stamp detection.



  • You simply go to the website, load your source code and immediately receive a result that does not need a computer science degree to understand. You find the nasty surprises left by insider programmers within minutes.

    There are no expensive installations and unwarranted expenses for external code auditing.

    The product is Static Application Security Testing (SAST) code analyzer. Because of an integrated code normalizer it does not require special code preparation and is, theoretically compatible with any business application programming language. At the moment InfoWatch APPERCUT supports ABAP/4, Java,PeopleCode. We also available for additional language normalizer development, should your company require it.

    The system contains a regularly updated database of digital fingerprints of known backdoors. It instantly compare the application code to the fingerprints and does not require the application to actually compile. InfoWatch APPERCUT ignores all overall program logic and scans whole applications as well as code snippets, up to single lines, equally effectively.


    Why it’s important

    In 90% of the cases, large and medium enterprises tailor business applications (such as ERP, CRM, billing, automated banking systems, etc.) to their particular needs. These, of course, include internal standards and business process compliance, as well as integration with the existing IT infrastructure. After this process, the finished system barely resembles the original product. From time to time, companies create their own business applications from scratch, using internal or external contractors.

    The original publisher is, of course, responsible for the quality of published business applications, while the mass usage guarantees public control. It is also nice to believe that government certification also helps to keep the software “clean”. And yet, the full nature of tailored and modified products or those with outsourced “polishing” done to them is a mystery known to the programmer alone. What is stopping a developer from secretly introducing undocumented features (backdoors) to the final code? Nothing but his own conscience and principles.