Ascema for Alfresco
GeoLang’s Ascema platform protects sensitive information at the content level - identifying, classifying and remediating data across the corporate infrastructure via seamless and transparent integrations with enterprise applications - both inside and outside the enterprise firewall.
Ascema protects ideas, high value and sensitive information at true content level – not just files – by fingerprinting and analysing within documents and email data streams. For example, cut and pasting a sentence from a confidential document and hiding it inside an unclassified, unprotected document or within the body or attachment of an email can be detected, reported and the document quarantined or blocked in real time.
Ascema’s highly automated classification and content protection system means end user interaction to protect information is minimal whilst Ascema’s Smart Workflow and Feedback engines ensure the end user and the business of the enterprise is not interrupted unnecessarily.
Enterprise and departmental reporting via the Ascema dashboard offers a real time view of suspicious events, end user behavioural analysis and offers the ability to integrate with aggregated reporting such as IBMQradar or HP ArcSight.
Ascema is an award winning new technology for locating, securing and controlling the movement of sensitive data and intellectual property within cloud collaboration environments, document management and email systems and more. Ascema protects critical content, not just documents. Our patented technology protects your high value information by intervening when protected content is detected – in real time!
Being able to identify, label and protect content is probably one of the biggest challenges facing the enterprise today. Customer Information, HR Data and Enterprise IP are just some data categories that fall into what we call the ‘where’s my data?’, ‘who has access to it?’ and ‘how can I protect it?’ problem.
Typical scenarios facing the enterprise today include how to track and protect high value and sensitive data as it moves around authorised enterprise applications such as Alfresco both in the cloud and on premise; 96% of all data breaches are as a result of Insider Threat – which may be defined as malicious, opportunist or accidental.
Traditional solutions, such as IRMs, CASBs and DLP, lock down data or prevent access to cloud applications. But this gets in the way of today’s enterprise workflows where repurposing of content in collaborative environments is key to maintaining enterprise competitiveness.
The extent of the problem is so great that 98% of traditional DLP systems installed within enterprises today are not actively remediating – meaning your enterprise data is not truly protected.
With unprecedented monetary penalties for data breach already live or coming into force under GDPR, Market Abuse and other planned regulations, today’s competitive enterprise needs agile, active real time remediation not ‘after the horse has bolted’ reporting. Reporting alone will not cut the mustard with the enterprise Board when faced with fines of up to €20 million or 4% of global annual turnover.
Ascema offers a balanced and easily implemented approach to classifying and protecting enterprise data. Designed to empower enterprise administrators and end users where required but supported by enterprise established automated machine learning algorithms, Ascema offers a simple and affordable solution for protecting content in real time – it really is as easy with a 3 step process.
Rather than depending on administrators to manage unwieldy and complex rules engines, that most often cannot be updated, Ascema’s machine learning algorithms automatically detect, classify and protect enterprise data as it flows through authorized enterprise applications – whether working alone or adding value to both CASBs and traditional DLP solutions.
Real time Ascema interventions easily ensure your enterprise can meet the plethora of stringent new regulatory and Board requirements for the actual physical protection of high value and sensitive enterprise data whilst leaving you free to get on with your business.
Gaining buy-in from end users, in particular C Suite Executives, to protect enterprise data is simple, transparent and affordable with Ascema connected enterprise applications - making sure you know where the answer lies when asked ‘where’s my data?’, ‘who has access to it?’ and ‘how is it currently protected?’ Ascema.
Ascema’s power is in simplicity...
Your critical content is protected across all Ascema enabled enterprise applications in just 3 easy steps.
3 steps to protect sentences, paragraphs and files from within MS Word:
- Highlight the sentence or paragraphs in Word and Click ‘Protect with Ascema’ button in the Word toolbar
- Choose the level of protection required e.g. block sharing
- Click protect with Ascema
3 steps to protect content in files and folder within Alfresco:
- Click on a file or folder in Alfresco and choose Protect With Ascema
- Choose the level of protection required e.g. quarantine
- Click protect with Ascema
3 steps to automated classification in Alfresco:
- Choose a template or folder containing templates and choose Protect With Ascema
- Name the new classification and choose the level of protection required e.g. Track, Alert, Quarantine.
- Click ‘Add Classification’ – Ascema classifies and protects all matching documents as they move around within enterprise applications on premise and in the cloud.
Real time Ascema for Alfresco interventions available include: Quarantine, Block Sharing (offering a Chinese wall within the enterprise and beyond), Block Sharing (external) Alert, Track.
Ascema provides real-time classification and threat level assessment and reporting of information found in or transitioning through Enterprise IT systems.
Specifically, Ascema provides:
- Document fingerprinting and field template recognition to facilitate content recognition
- Real-time deep packet inspection to interrogate and evaluate the underlying content
- Broad base of data collection streams including: File Servers, content management systems, email, and cloud file sharing channels with bespoke solutions available
- Real-time policy enforcement to stop data loss
- Real time enterprise, departmental and end user Reporting.
Ascema operates on text and also supports software source code and binaries, spreadsheets, structured data and rich media.
Ascema DLP is a simple concept: identify a collection of materials you (typically as an enterprise or government) wish to hold confidential, and compare all future communications/movements from your organisation to confirm that they do not include significant fragments of the confidential materials. Ascema’s patented “fingerprinting” algorithm re-characterizes text specifically for the purpose of text comparison. It leaves aside all other information and Ascema never stores enterprise data.
The result is a compression on raw text data by a factor of on average 50:1. This translates into 50x faster processing and 50-fold reduction in communications and storage. Ascema then applies an inverted index to rapidly scan and compare documents – and all this in real time!
The Ascema dashboard reports on high value content movement and Ascema remediation at enterprise level across a range of enterprise applications, including Alfresco, in real time; giving your enterprise an at a glance overview of insider threats pertaining to sensitive content or IP.
Drilling down on Ascema events highlights potential suspicious employee behaviour and shows how your high value data is being protected by Ascema in Alfresco and other enterprise applications.
Behavioural analysis of current employee actions against normal levels of either the employee or their peer group is available at the touch of a button. Data presented is compared to previous figures to allow instant recognition of anomalies to help you make informed decisions.
Drilling down further on suspicious employee behaviour displays both the original source and owner of the protected information and how much content the employee attempted to copy before Ascema intervened.
Powerful network graphs display End User Reach and Content Reach - displaying how much protected content an end user has access to or how many people have access to a specific document or the content contained therein. Enterprise reporting is easily provided to SIEM aggregation platforms such as IBMQradar and HP ArcSight via JSON for granular visualisation of high value content movement against other enterprise threat reporting variables.