Enterprise-level Core Data Loss Prevention

Overview of the Previous DLP Solution Used by T Co., Ltd.

T Co., Ltd. is a leading listed general insurance company based in China that specializes in providing comprehensive risk security solutions, wealth planning, and asset management services to more than 126 million clients. T established a customer-oriented big data platform, and adopted a DLP-based data identification measures to prevent data loss, but turned out to be relatively ineffective, as it not only affected the endpoint and network performance but also failed to fundamentally ensure the security of data and key information owned by the company.

DLP 架构图
  • No Categorization of Data by Level, and No Separation of Information by Ownership

    No Categorization of Data by Level, and No Separation of Information by Ownership

  • Inability to Balance Efficiency and Security

    The DLP solution scanned data based on local computing capabilities and server resources, thus affecting endpoint performance and network speed when higher restrictions were placed, and the stricter the policies, the greater the impact. Lagging complaints were often received, and maintaining a balance between security and efficiency had really dragged into a very exhausting battle.

  • DLP Offers NO Fundamental Solution to Data Leakage

    When met with text particulars or file formats it cannot identify, DLP is completely powerless in making a satisfactory decision. Things only get worse once the endpoint leaves the secured intranet, because DLP cannot issue its policies and would hence become unusable.

  • High Cost and Complicated Management of Operations and Maintenance

    Individual DLP products are made exclusive for its designated platform, e.g., endpoints, networks, hence it becomes very costly to purchase the entire bundle. Besides, DLP is not only inaccurate for detection but its security policy settings are also too complex. This forces companies to operationally invest even more on their auditing manpower for alarm maintenance.

DataCloak® Zero Trust Endpoint Secure Workspace (DACS)

Contrary to the above case, DACS, which is based on the Zero Trust framework, can not only perfectly fulfill the requirements for enterprise-level data loss prevention, but also nullify all the various accompanying issues of DLP. DACS distinguishes personal data from those owned by the company, and further categorizes the latter by level. It also defines secure desktops (trusted computing environments) by software-defined perimeter (SDP). Under a better-defined authority management, employees are prevented from disclosing data in any secure desktop at will. DACS facilitates maintenance and significantly lowers the total construction budgets of our enterprise clients.

titleline left

Finer-grained data management policies

titleline right

The endpoint-based secure desktop has a well-defined enterprise network and data perimeter and separates private data from business data for leaner data management.

  • Separating Data by Ownership with NO Additional Consequences on Private Data

    With the endpoint-based secure desktop, the enterprise controls and keeps track of its employees’ operational activities, establishing itself with a good command over relevant data. Beyond the coverage of the secure desktop, the employees' private operational data are not affected.

  • Data Classification by Level and Separate Policy Management

    Once data are entered into a secure desktop, such data will be prevented from being disclosed at will, and instead put into a one-way bottom-up flow. On top of this, DACS also allows each secure desktop to be configured with a unique security policy, giving full play to minimum access management.

titleline left

Smoother Endpoint User Experience

titleline right

We retain the previous user experience as much as possible by running the applications using local resources in all respects and realizing an effective data flow within a secure space.

  • Trusted Computing Environment Keeps the Extension of Its Influence on Endpoints to a Minimum

    Trusted computing environment is thoroughly isolated from endpoint systems, and uses the cutting-edge microkernel technology to minimize its impact on CPUs and memory load, allowing programs to be executed more efficiently and requiring no adjustment on the users’ operational behaviors.

  • SDP: Your Answer to Highly Effective Communication

    A secure encrypted tunnel is set up between the secure desktop and server, ensuring secure data transmission, safeguarding the network from being monitored, and eliminating any additional traffic load on the server network, making it safe and trustworthy.

titleline left

Highly Secure, Convenient for Operation and Maintenance, As Well As Low Usage Cost

titleline right

Adaptive security policies allows data security operation and maintenance to be performed in a more effective, finer-grained, and intelligent manner.

  • Higher Security Provided by AI-driven Adaptivity

    The adaptive AI security engine monitors and adjusts security policies in secure desktops and offers close protection in line with the minimum access principle.

  • Low Total Construction Cost

    Using the leading Zero Trust architecture, enterprises are given the luxury of acquiring the outcome comparable to using multiple DLP combinations in one go, simultaneously boasting higher data loss prevention effectiveness at a lower cost of ownership.

  • Real-time Communication and Continuous Verification

    Linked to the server via the access layer, user endpoints are granted secure access to the enterprise's network anytime and anywhere. In addition, all sensitive behaviors and operations occurring at the user endpoints are constantly under real-time surveillance, doubling the function of DACS as a satisfactory means for behavior auditing.

Values Brought by Our Solution

  • Win-Win Results: Security and User Experience

    • Support given by the use of a leading technical architecture allows data flow to always remain under constant control of the enterprise, guaranteeing data security
    • DACS exerts minimal impact on local computing and network resources, offering highest reassurance to user experience.
  • Better-Clarified Enterprise Data Perimeter

    • Private data are separated from business data, preventing any form of interference or privacy invasion.
    • Corporate data are classified by their levels, offering clearer knowledge of data flow throughout their entire life cycle.
  • Low Cost of Operation

    • Data leakage is resolved right from its roots, removing any need for repeated reconstructions
    • Policy settings are simplified, operation and maintenance are visualized, and operations are handled using a one-stop solution framework, all of which optimally reduce the cost of operation and maintenance.

Find out WHICH solution fits your enterprise

Contact Us
Contact Icon
Contact Us
Contact Us Sales Hotline: 010-58111816 contact@datacloak.com 26F, T2, Foresea Life Center