Vontu Announces Industry’s First Data Firewall to Battle Insider Information Leakage and Identity Theft
SAN FRANCISCO, CALIF — January 13, 2004 — Security technology innovator Vontu Inc. today officially announced Vontu Protect v3, a software solution at the forefront of the Data Firewall category that aims to keep sensitive information from leaving an enterprise, rather than block hackers from breaking in.
“America’s largest companies know the greatest threat to their confidential information comes from within,” said Joseph Ansanelli, CEO of Vontu. “Vontu Protect is the first solution to accurately detect accidental or malicious customer data leakage, which can cause companies to lose customer trust and customers to suffer identity theft.”
Vontu Protect v3 monitors every exit on an enterprise’s network for violations of internal policies or government regulations. Vontu Protect can look in outgoing email (including attachments), Web mail, Web posts, and FTP for sensitive information leakage. By accurately identifying incidents of information disclosure and security policy violations as they happen, Vontu Protect helps companies avoid regulatory fines, lawsuits, lost business, public embarrassment or damage to their brand reputation.
Vontu Protect v3 uses Vontu’s patent-pending Secure Data Profilesâ„? technology to eliminate the false positives problem that plagues many security products today. Secure Data Profiles technology indexes and matches against the exact data an organization is trying to protect, instead of relying on heuristics, patterns, or other guesswork. Comparisons have shown that Secure Data Profiles will match one actual incident for every 10 false positives found by other approaches, allowing companies to monitor millions of messages per day, with zero false positives.
The New Frontier of Security
Protecting confidential customer and company information is a top goal of every enterprise’s security team. Most security strategies to date have been “outside-in.” Their focus is external, preventing hackers from breaking into enterprise networks and systems containing confidential company or customer data. Unfortunately, the increasing amount of sensitive data being stored in databases, combined with widespread employee access to communication tools like email, web and IM have created the “perfect storm” of a security threat – namely, easy information leakage from the inside.
The Gartner Group estimates that 70% of security incidents that cause monetary loss to enterprises involve insiders. Credit agency TransUnion recently stated the top cause of identity theft, which the FTC reported as generating business losses of nearly $48 billion in 2003, is now theft of records from employers that maintain records on many individuals.
Vontu Protect at Work in the Fortune 500
Vontu Protect is aimed at reducing and ultimately preventing confidential data, like customer records, from leaking out of a company through electronic means. In deployments in Fortune 500 companies Vontu Protect has performed flawlessly, identifying incidents automatically and accurately with no false positives.
· One retail brokerage firm reviewed archived emails to look for leakage of non-public customer data. The firm found that more than 1% of all outbound emails contained sensitive customer information. Although most incidents were inadvertent, all were against company policy and some of the messages in the wrong hands could have put the company or its customers at risk.
· A global retail bank is using Vontu Protect as the core of their NPI (non-public information) leakage incident response program. The firm is monitoring all outgoing SMTP, HTTP and FTP traffic, totaling over 10G per day. Vontu Protect is currently deployed domestically in multiple data centers, and will be rolled out on a global basis to monitor over 100,000 employees worldwide later this year. Vontu Protect has scaled flawlessly in this very large, geographically disperse organization.
· An investment banking firm is using Vontu Protect to check all outbound email and FTP traffic for about 20,000 employees. Operating in real-time on more than 5 gigabytes of data each day, Vontu Protect has not caused any network performance problems, or a single false positive: all incidents contain actual confidential or non-public personal information.
· An insurance provider is employing Vontu Protect to protect more than 30 million customer and business partner records. This firm is also using the product to look for confidential data in a wide range of documents, such as Visio diagrams containing sensitive network information. Again, not a single false positive has been found, enabling the security team to focus on actual incidents, instead of looking for a needle in the haystack.
Customers have all noted that once Vontu Protect was installed, it provided them with the opportunity to accurately document, for the first time, the amount of sensitive, confidential, and customer data that is leaking out of their enterprise.
Vontu Protect v3
Vontu Protect v3 achieves these results through its unique approach to data security. Key differences include:
§ Secure Data Profiles�: Vontu Protect eliminates false positives through its patent-pending Secure Data Profiles� technology, which indexes and matches information in outgoing communications against the actual data that a client company is trying to secure.
§ Attachment Searching: Vontu Protect can look inside nearly 100 kinds of file attachments, including all leading word processing, spreadsheet, presentation and graphics formats. Vontu Protect can also detect unauthorized attachment types, such as PGP encrypted files.
§ Robust Reporting and Incident Management: Customers have raved about Vontu Protect’s ease-of-use and the richness of its web-based interface. Users can drill down from summary reports to specific incident details, which highlight what data in the message violated policy and provide all the data needed for follow-up, as well as incident management tools to manage forensic activity around an incident.
§ Broad Protocol Support: Instead of just looking at a single exit point, like email, Vontu Protect can look at confidential data leaving the enterprise through multiple channels. Vontu Protect v3 supports email (SMTP), Web mail and posts (HTTP), and FTP today, and will continue adding support for additional protocols in the future.
§ Automatic Regulatory Compliance Monitoring: Vontu Protect makes compliance easy with out-of-the-box Compliance Templates for major regulations including Gramm-Leach-Bliley, HIPAA, Visa CISP and CA SB1386.
· Low Total Cost of Ownership: Not only is Vontu Protect easy to install, configure and manage, but the combination of its accuracy and rich reporting system mean that users spend time on what’s really important – following up on actual incidents.
Vontu v3 Pricing and Availability
Vontu Protect v3 will be available later in Q1 2004, and is priced on a per-seat basis.
About Vontu
Vontu provides Data Firewall solutions to help global enterprises protect critical customer and company information from the insider security threat. Vontu’s flagship product, Vontu Protect, acts as a security checkpoint at every exit on the corporate network, monitoring email, Web mail, Web posts, instant messages, FTP and other electronic communication channels for leaks of sensitive information. By accurately identifying incidents of information disclosure and security policy violations as they happen, Vontu helps companies avoid regulatory fines, lawsuits, lost business, public embarrassment and other consequences of intentional or malicious data leaks.
More information about Vontu can be found at www.vontu.com.