Using DeviceLock DLP and Citrix Xen to control email on mobile devices
3r3105. 3r3-31.
The professional community is seriously concerned about the risks of leaking restricted access information through corporate and personal mail from BYOD mobile devices. Practically at every data leakage conference, the question of controlling corporate mail on mobile devices running the most common Android and iOS platforms arises for most participants.
3r3105.
3r3105.
Let's try to deal with this issue.
3r3105.
DeviceLock Virtual DLP technology. allows you to intercept e-mail messages directly from an e-mail client application published to Citrix XenApp, which the user gains access to through the terminal session, and in real-time check the context of the message (presence of attachments, check e-mail identifiers) and content (content of content) of messages and attachments their compliance with the DLP policies set for this user. If a violation is detected, the restricted access data transmission is blocked in order to prevent their leakage, a corresponding log entry and a shadow copy of the transmitted message with attachments are created, and an alarm alert is generated for processing as part of the IS incident management procedure.
3r3105.
3r3105.
Virtual DLP differs from the solutions described above for c task redirection of traffic to the VPN tunnel and analysis of mail communications at the DLP server level primarily because the user does not have access to the data in the mail clients as such, but to their graphical representation in the terminal session. In addition, Virtual DLP uses an agent-based control option for network communications, when control functions are performed directly at the point of origin of the traffic. Only in such an architecture is it possible to intercept data before encrypting it with proprietary protocols both in mail, such as MAPI and messengers (for example, Private Conversations in Skype). In addition, real-time verification of the contents of the data transmitted via the clipboard and removable drives redirected from a personal device to a terminal session of the desktop or application is ensured, which is equally important for protecting from corporate data leakage from BYOD devices than controlling mail .
3r3105.
3r3105.
It is worth noting that DeviceLock DLP allows you to control all common mail protocols - SMTP /SMTP over SSL, MAPI and IBM /Lotus Notes, and users need to install and configure only the application for terminal access on their mobile device. Moreover, due to the use of DeviceLock Virtual DLP technology, full control of various options for using personal mobile devices in various models of using virtualization solutions (BYOD, “home office”, thin clients), built on virtualization platforms and terminal access from Microsoft, Citrix, VMware and other manufacturers - companies can fully control not only email communications, but also corporate virtualization environments in general, transmitted to any personal devices udnikov, including mobile, as well as any other remote device on all operating systems.
3r3105.
Nota bene:
Of course, it should be borne in mind that working with a full-fledged email client on a smartphone with a tiny screen will be completely impossible, and talking seriously about using Outlook, especially older versions, on 4-inch screens at 800x480 resolution is not serious. But if we take as a virtualized email client a more “compact” application in terms of saturation with different interface elements, equip a device with a quality screen of a larger diagonal - the situation changes dramatically. Again, you shouldn’t forget the organizational and technical aspect - if an employee needs mobile access to email communications by occupation, why not provide him with a tablet or a light ultrabook?
3r3105.
On the tablet screen, even a full-fledged Outlook becomes really usable, as can be seen in this figure.
3r3105.
3r388.
3r3105.
In the next article, we plan to describe in more detail how the control of data flows in terminal sessions in Virtual DLP technology is arranged. Stay in touch!
3r3105. 3r3105. 3r3105.
3r3105.
3r3105. 3r3105. 3r3105. 3r3105.
It may be interesting
weber
Author10-12-2018, 14:13
Publication DateVirtualization / Information Security
Category- Comments: 0
- Views: 417
entegrasyon programları
entegrasyon programları
Corvus Health provides medical training services as well as recruiting high quality health workers for you or placing our own best team in your facility. Check Out: Health Workforce Recruitment
I.T HATCH offers a wide range of IT services including remote access setup, small business servers, data storage solutions, IT strategy services, and more. Check Out: IT strategy services