Yes, the possibility of lock-up of messages, sent by users by e-mail, is implemented in SecureTower, including those, transferred by means of the secured protocols.
To install SecureTower, you require the administrator’s rights on the local server, as well as remote computers, where the agents will be installed. If you have such rights, you do not have to inform the system administrator. This enables control of activities of all employees, including the system administrators, regarding compliance with the corporate policy, by the information security department specialists.
Yes, SecureTower provides lock-up of file transfer to external media. Besides, you can assign users, that cannot copy data on the external media, determine “prohibited” file extensions or device types.
Yes, SecureTower supports operation in companies with the geographically-distributed office structures. The software provides control of different communication channels, as well as monitoring of the staff activities, using a remote access to several resources or combining all analyzed data into a single centralized storage.
The technologies, used in SecureTower for the data analysis, minimize false responses of the system to the incidents, related to violation of the security policy, established in the company. The software can check the documents, sent through a network, regarding their attributes and content, using the preliminary determined key words, taking into account the morphology. SecureTower can also carry out an analysis on the basis of regular phrases for sending of the data of a particular type, e.g., passport or credit card numbers. Besides, the software uses the digital fingerprint technology which functions are as follows: the system creates digital images of the confidential documents, saves them in the database, and then compares them with every document, transferred in the corporate network. In case of any matches, SecureTower sends notifications on the confidential documents transfer. The system also cap make digital fingerprints of entire databases. Moreover, sending of the confidential document of database by e-mail can be locked up.
Yes, the system captures and analyzes the information, transferred by means of secure protocols, using SSL/TLS encryption (HTTPS, FTPS, e-mail and messenger encrypted protocols). If any encrypted object is sent in the network (e.g., a password-protected archive), the system will capture it and send a notification on detection of such data. The software has an instrument, called a keylogger, which registers all button pressing on the users’ keyboards, which can be helpful in detecting of content of the encrypted documents.
Using such option as lock-up of HTTP/HTTPS requests, in SecureTower, you can prohibit users’ access of users to the websites, transition to which contradicts the corporate security policy.
Yes, the system allows capturing of the mail, sent through MS Exchange, as well as all other postbox servers (Lotus, Sendmail, etc.). It also supports capture of e-mail messages, sent and received by means of Microsoft Office 365 cloud service, which is especially important for SMB sector companies, that do not require use of physical servers.
If you need to capture and analyze only a usual non-encrypted traffic, the agents are not required. However, to capture the encrypted and Skype traffic, as well as for use of a wide range of the system options (screenshots and tracking of application activities on the users’ computers, control of the data, copied to external media and exchange buffer, as well as sent for printing, automatic matching of the particular information, etc.), it is necessary to install the agents on the workstations.
Yes. It is possible to conceal the agent process and service, as well as the agent files and folders on conflict with some antiviral programs, therefore, change of their settings can be required.
There are 3 ways of the SecureTower installation on the workstations of the employees: by means of the administrator’s console, group policies (GPO) or System Center Configuration Manager (SCCM) and with the use of an installer, started manually on the selected workstations. The agent installation is completely unnoticed by users. You can find the agent installation on the server with the SecureTower in folder C:\Program Files\Falcongaze SecureTower\EPA Control Server\Agent\. ReadMe.txt, and detailed installation instructions can also be find there.
If the user removes the agent program from the computer, the SecureTower will automatically reinstall it on the workstation. Besides, the information on this incident can be tracked in a special window of agent status on the administrator’s console.
There are a few options of the agent protection from deletion:
1. the agent hiding. In this mode, the agent hides the service, catalogues and its process in the task manager. The user is not able to detect and, consequently, delete it;
2. the agent protection from the process termination. In this mode, the agent is detectable in the task manager. If the user tries to terminate the process, a message, that it is an important system process and it is not recommended to terminate it, will be displayed. If the user still tries to perform the process termination, the computer will reboot.
SecureTower provides control of a wide range of USB devices, from flash memory cards to mobile phones. Besides, access to the use of the external media can be both allowed and prohibited, creating the so-called white and black lists. E.g., if necessary, the use of only corporate USB devices can be allowed. Different parameters can be specified as a criterion: the device serial number, identifier of the manufacturer, product or device, device name or type. All settings can be applied both for individual users and entire departments. Moreover, there is a possibility of saving (shadow copy creation) of all data which the user records on the USB media.
Yes, apart from the instruments for collection of the general quantitative parameters, as well as detection of users, more actively using different communication channels, the SecureTower system provides creation of individual reports for every network user. This type of reports allows obtaining of statistical data of the employees’ activities on the computers within the specified period, regarding a great number of criteria. Thus, the report contains the information on the employee’s working day duration, quantitative information on the websites, visited by the user, messages, sent through messengers and other statistical data.