Software solutions to detect and prevent leaks of confidential data
Document Actions
Concern business problems internal IT-security and protect their
information assets are constantly supported by studies leading
organizations.
According to a January 2006 report 2005 FBI Computer Crime Survey, 44%
of US companies have suffered over the years as a result of serious
incidents that occurred in the internal IT-security, with insiders
stealing confidential documents employer tried to distort information to
financial fraud, carried of office equipment and so on. d.
Alex Share
"Express Electronics"
No less acute in Russia, which is confirmed by the results of the study "Internal IT-threats in Russia '2005" conducted by InfoWatch among 315 representatives of domestic business. According to a survey released by the end of January 2006, 64% of respondents believe the theft of information, the most dangerous threat to IT-security (see. Figure 1). Comparing this figure with last year, we can confidently assert that the problem of protecting sensitive data, not only to maintain the relevance, but also acquired much greater importance than such common threats like virus and hacker attacks.
Figure 1. The most dangerous threat to IT-security (Source: InfoWatch)
It should be noted that the leakage of sensitive information, as a
threat to IT-security is not always the result of malicious intent. History knows many examples when sensitive data flowed by ridiculous accident or banal human error.
For example, in March 2005, information on 4.5 thousand. AIDS patients
medical facility in Palm Beach, Florida, and has about 2 thousand.
People who test for HIV which was positive, was sent not to the email
address mail.
As it turned out, the employee that handles Statistics in the Ministry
of Health District, as "earned" that sent the confidential files to
several hundred recipients who did not have access rights to such
information.
Thus, in assessing the relevance of internal threats, not only the
formal theft of sensitive documents, but also negligent employees
expressed concern that, according to research InfoWatch, 44% of
respondents.
Figure 2. The channels of data leakage (Source: InfoWatch)
For further review of the decisions in the field of detection and
prevention of leaks is very important is another result mentioned in the
study "Internal IT-threats in Russia 2005", namely the analysis of
leakage paths (see. Figure 2).
In this regard, the most popular way to steal data, according to
Russian companies are mobile carriers (91%), email (86%), instant
messengers (85%) and the World Wide Web (Web mail, chat rooms, forums,
and so on. d. - 80%). Comparing these figures with those for the previous year, it can be seen that mobile drives are now ahead of the email. Apparently, the popularity of portable devices for data storage has increased over the past year.
As a result, employees have realized that copying of information on the
mobile storage device that leaves fewer traces than sending messages
through the corporate mail system (a leading event log), and is not
associated with abnormal activity, which often attracts the attention of
the administrator when sending large amounts of data over a network.
Despite several heterogeneous popularity index different leakage channels, only comprehensive protection, covering all types of communication, can effectively protect information assets. After all, nothing will prevent insider switch to the network data channels, if the company takes control of ports and drives workstation. It is the principle of comprehensiveness is taken as a basis for considering solutions to combat leaks.
At the core of the solution is a patented technology Authentica ARM (the name of which is included in the name of the product). With the ARM solution monitors electronic documents, e-mails and any files at all. Additional modules are integrated with desktop applications (Microsoft Office and Outlook, Lotus Notes, Adobe Acrobat, Microsoft Explorer and Netscape) and external means of authentication (LDAP, Windows Single Sign-on, X.509, RSA SecurID). Scheme of Authentica ARM Platform is presented in Figure 1.
Scheme 1. Scheme of Authentica ARM Platform
Active Rights Protection functionality includes user authentication and
authorization to view information, control of printing documents and
standard operations (copying, editing, reading), as well as the ability
to work with documents is offline. In addition, all sensitive information is permanently stored in encrypted form and decrypted only at the time of handling it. Encryption is also subject to the exchange of information between the policy server and client components ARM.
Thus, the confidential data are always protected against unauthorized
access - even during transmission over the communication channel.
It should be remembered that the very architecture of the product is
also suited to protect against unauthorized access, and does not leak. In other words, an insider who has access rights to confidential documents can cheat protection. It's enough to create a new document and move it confidential information.
For example, if an insider is an officer, whose task is to prepare a
report on profits, it will create the highly sensitive document "from
scratch", and, therefore, the file is encrypted, for he had not yet
established a special policy. Accordingly, leakage becomes very real.
If we take into account that all email traffic is encrypted, then you
actually have a ready insider secure channel for transferring sensitive
data. In this case, no filter is not able to check the ciphertext.
Nevertheless, the decision Authentica ARM Platform is an effective product to protect against unauthorized access, since no one really illegal user can not access the data until you will find the encryption key.
A further disadvantage is the lack of product for storing backups corporate correspondence, which greatly complicates the process of investigation of incidents IT-security and allows us to calculate an insider quietly.
In conclusion a wide range of supporting services that the customer has Authentica: audit and analysis of IT-infrastructure with the business profile of the company, technical support and maintenance, implementation and deployment of solutions "from scratch", corporate staff training, policy development IT- security.
IES architecture can be divided into two parts: the monitors that monitor network traffic and monitors that monitor the user's operation at workstations. First installed in the corporate network as gateways and filtered e-mail messages and web traffic, while the latter are deployed on personal computers and laptops and monitor operations at the operating system level. IES working principle is shown in Scheme 2.
Network monitors and IWM IMM may also be implemented as a hardware device - InfoWatch Security Appliance. Thus, the customer is offered a choice of either software or hardware of the filter-mail and web traffic. On the advantages of this approach in more detail written in the previous article on the fight against leaks only "iron" means. Scheme 3 presents a comprehensive solution IES, which is composed of hardware modules IWSA, in the IT-infrastructure of a large company, with branches.
It monitors the level of the workstation are InfoWatch Net Monitor (INM) and InfoWatch Device Monitor (IDM). INM module monitors file operations (read, edit, copy, print, and others.), Controls the operation of the user in Microsoft Office and Adobe Acrobat (opening, editing, saving under a different name, clipboard operations, printing, and so on. D.) and carefully record all the action with confidential documents. All this functionality is logically complemented possible modules IDM, who controls an appeal to the removable drives, drives, ports (COM, LPT, USB, FireWire), wireless networks (Wi-Fi, Bluetooth, IrDA), and so on. D. In addition, components of the INM and IDM able to work on laptops, and the security administrator can define special policies in force for a period of autonomy employee. During the next connection to the corporate network monitors immediately notify the specialist of safety, if the user tried to break the rules while working remotely.
All monitors that make up the IES, are able to block the leak in real time and immediately notify the incident to the security department employee. Management solution through center console, allows you to customize corporate policies. Also provides for workstation security officer, by means of which a special employee can quickly and adequately respond to incidents.
An important feature of the IES integrated solution is the ability to archive and store corporate correspondence. For this purpose, a separate software module InfoWatch Mail Storage (IMS), which intercepts all messages and puts them in the repository with the ability to conduct a retrospective analysis. In other words, companies can put an end to the vicious practice of arrest workstations employees and manual sorting "Inbox" in the mail client. Such actions undermine the working climate in the team, humiliate the employee and is often not possible to find any evidence against the employee. On the contrary, automated sample messages from the corporate archive brings much more useful, as it allows to trace the dynamics of changes in the activity of the user.
Relying on the comprehensiveness of its solutions, the company InfoWatch offers customers a range of supporting and consulting services. Among them are: pre-project survey, help to formalize the goals and means of IT-security, the creation of its effective policy solutions to adapt to the needs of the customer support and technical support, including a personal manager to every client.
Thus, a complete solution IES combines all aspects of the protection of confidential information by insiders.
The company provides very little information about the architecture of its decision Onigma Platform and implemented in its technology. However, information about the realized functionality is sufficient to state that Onigma Platform - a software product that covers the following channels of data leakage: email, IM, web traffic, physical devices (USB-ports and printers). Last functionality is implemented with the help of special agents installed on workstations and laptops customer. They enforce the rules and compliance with IT-security policies, centrally managed through a special console.
One of its main advantages the company Onigma believes that its solution quickly and easily deployed and integrated into existing IT-infrastructure. Thus, according to the supplier, the customer can save on retraining of personnel, implementation and support activities.
The disadvantage is the inability Onigma Platform create archives corporate correspondence, which greatly complicates the investigation of incidents IT-security leaks, financial fraud and suspicious activity insiders. Besides keeping business records, which includes e-mails - is a mandatory requirement of a number of laws and regulations governing business in many countries.
An additional drawback of the product - shallow control over the operations of users on workstations (including mobile). Solution Onigma Platform does not allow monitoring of action serving in office environments, at the level of files and clipboard operations.
PC Acme program actually consists of two parts: the centralized management and deployment, and numerous agents introduced into workstations throughout the organization. As you can guess by the first component can be centrally distribute agents across the corporate network, and then manage them.
Agents are software modules that are deeply embedded in Windows 2000 or Windows XP. Developers have reported that the agents are located in the core of the operating system and the user is practically impossible to illegally remove or disable them from there. Agents themselves thoroughly logs all user actions: launching applications, keystrokes, mouse movement, transfer the input focus, the clipboard, and so on.. You can say that the event log, which is obtained at the output, in the degree of detail similar to the results vigilant surveillance of the computer screen . However, the resulting log, of course, presented in a tabular format.
The central management console and allows you to collect logged data on a single computer and analyze them there. It was then, and manifested two main drawbacks of the program.
Firstly, it is absolutely unclear how in a huge variety of events security officer will be able to identify those who are in violation of IT-security policy, led to leakage and so on. N. In other words, the product of PC Acme does not work with politicians in general. Its purpose is only to make a full and detailed report and covertly transmit it to a central computer. Note that during the day, one workstation can generate tens of thousands of logged events and the corporate network of such stations may be several thousand or even more. Obviously, all this analysis is not possible with his own hands. Meanwhile, the built-in event filters allow only the most primitive operations, for example, to separate the events associated with a particular application (eg, Microsoft Word).
Second, even if the security staff will be able to detect a leak, it still will not be able to prevent it. After the agent PC Acme recorded done in the past action, and confidential information has long reached the recipient. Of course, you can make a complaint to the insider, but block the leak in this way is impossible.
Thus, the program PC Acme has not only integrated, but does not prevent the leakage in principle. Moreover, the event logs maintained by each of the review product, always in sufficient detail to calculate an insider after the fact and serve as evidence at his charge. And in these journals, unlike protocol PC Acme, recorded actions only with sensitive data, not all system events in a row.
One would assume that the product is suitable for PC Acme small companies, where the actions of, for example, ten users, it is realistic to follow, periodically checking the event log. However, the allocation of IT-security functions in a separate post of officer for small business - is nonsense.
The implementation of such an approach are software agents installed on personal computers and laptops in the organization. Agents support the work of the operating system Windows, as well as among the Citrix Metaframe and Microsoft Terminal Server. Agents are responsible for detailed logging; for control applications, communications and data; identify policy violations; for filtering events recorded in the log before being sent to the server Digital Guardian.
Similarly as in the case of PC Acme, Digital Guardian agent is invisible to the user, therefore, can be introduced centrally and remotely. However, unlike in the composition of PC Acme Digital Guardian appears server where agents send event logs. The third component of the product is the management console, which can be accessed over the network. The console allows you to generate reports, collect and analyze information, to monitor the installation of agents to manage policies, and so on. D. Solution architecture is illustrated in Figure 4.
Scheme 4 . Architecture Digital Guardian
Products include a wide range of Verdasys accompanying services. Thus,
the supplier provides consulting services prior to the implementation
of the project, developing and implementing advanced projects (for
example, created an experimental group of workstations, monitors the
actions of users of these stations and analyzed the results), is
actively involved in the implementation of the product and training of
personnel.
However, Digital Guardian has two disadvantages. Firstly, it is not hung archive email correspondence, making it difficult to investigate incidents IT-security, complicates the process of finding an insider and helps ensure compliance with various laws and regulations. Secondly, Digital Guardian does not produce content filtering is sent over the network traffic, since the filtration made at the workstation level, requires an enormous amount of hardware resources. Such a logical conclusion reached by experts IDC (see. «Information Leakage Detection and Prevention: Turning Security Inside-Out»): filtering, using linguistic analysis, other suppliers carry on dedicated servers. Consequently, Digital Guardian agents are able to distinguish from non-sensitive documents confidential only with the help of a predetermined list of protected objects (or labeled digital water marks, that does not matter). Hence, if a user creates a new document and fill it with sensitive information, for example, in the preparation of the report (after all, work with clipboard controlling agent), the document will remain vulnerable as long as there is no included in the list of protected objects. Precisely in order to avoid such a breach, solution developers in identifying and preventing leaks apply content filtering.
As
already mentioned in the beginning, when choosing a solution must take
into account the complexity of setting - whether the product covers all
possible leak paths. Otherwise, the data will flow away through the left door open. The next important aspect is the ability to create and store files of corporate communications. This
functionality allows you to conduct an official investigation without
disturbing employees and without attracting attention. In
addition to that store emails for several years required by many
regulations and laws, the creation of a centralized mail archive
eliminates the harmful practice of arrest workstations employees. Finally,
the last parameter is important choice between hardware and software
implementation modules for filtering network traffic. The advantages of this approach is discussed in detail in the article about the hardware solutions to combat leaks.
"Express Electronics"
No less acute in Russia, which is confirmed by the results of the study "Internal IT-threats in Russia '2005" conducted by InfoWatch among 315 representatives of domestic business. According to a survey released by the end of January 2006, 64% of respondents believe the theft of information, the most dangerous threat to IT-security (see. Figure 1). Comparing this figure with last year, we can confidently assert that the problem of protecting sensitive data, not only to maintain the relevance, but also acquired much greater importance than such common threats like virus and hacker attacks.
Figure 1. The most dangerous threat to IT-security (Source: InfoWatch)
Figure 2. The channels of data leakage (Source: InfoWatch)
Despite several heterogeneous popularity index different leakage channels, only comprehensive protection, covering all types of communication, can effectively protect information assets. After all, nothing will prevent insider switch to the network data channels, if the company takes control of ports and drives workstation. It is the principle of comprehensiveness is taken as a basis for considering solutions to combat leaks.
Authentica ARM Platform
North American company Authentica delivers a complete solution for comprehensive control over the circulation of classified information in the corporate network. However, unlike most of its competitors, the firm has not stopped technologies to detect and prevent leaks, and digital rights management within the enterprise (ERM - Enterprise Rights Management). It is an example of the main product of the company - Authentica Active Rights Management (ARM) Platform - will be considered the advantages and disadvantages of this approach. Derived from the analysis results are applicable for all other solutions designed to eliminate the problem of leakage through the ERM-technologies. In particular, for products companies Adobe, Workshare, Liquid Machines, SealedMedia, DigitalContainers and Microsoft. Also it should be noted that the decision Authentica ARM Platform has a lot to do with Microsoft Rights Management Services (RMS).At the core of the solution is a patented technology Authentica ARM (the name of which is included in the name of the product). With the ARM solution monitors electronic documents, e-mails and any files at all. Additional modules are integrated with desktop applications (Microsoft Office and Outlook, Lotus Notes, Adobe Acrobat, Microsoft Explorer and Netscape) and external means of authentication (LDAP, Windows Single Sign-on, X.509, RSA SecurID). Scheme of Authentica ARM Platform is presented in Figure 1.
Scheme 1. Scheme of Authentica ARM Platform
Nevertheless, the decision Authentica ARM Platform is an effective product to protect against unauthorized access, since no one really illegal user can not access the data until you will find the encryption key.
A further disadvantage is the lack of product for storing backups corporate correspondence, which greatly complicates the process of investigation of incidents IT-security and allows us to calculate an insider quietly.
In conclusion a wide range of supporting services that the customer has Authentica: audit and analysis of IT-infrastructure with the business profile of the company, technical support and maintenance, implementation and deployment of solutions "from scratch", corporate staff training, policy development IT- security.
InfoWatch Enterprise Solution
Solution InfoWatch Enterprise Solution (IES) is supplied by a Russian company InfoWatch, a developer of secure insiders. It allows you to maintain control over the postal channel and web traffic and communication resources workstations. To date, IES is already in use by government (Ministry of Economic Development, the Customs Service), telecommunications ("VimpelCom"), financial (VTB) and energy companies (Hydro, Transneft).IES architecture can be divided into two parts: the monitors that monitor network traffic and monitors that monitor the user's operation at workstations. First installed in the corporate network as gateways and filtered e-mail messages and web traffic, while the latter are deployed on personal computers and laptops and monitor operations at the operating system level. IES working principle is shown in Scheme 2.
Network monitors and IWM IMM may also be implemented as a hardware device - InfoWatch Security Appliance. Thus, the customer is offered a choice of either software or hardware of the filter-mail and web traffic. On the advantages of this approach in more detail written in the previous article on the fight against leaks only "iron" means. Scheme 3 presents a comprehensive solution IES, which is composed of hardware modules IWSA, in the IT-infrastructure of a large company, with branches.
It monitors the level of the workstation are InfoWatch Net Monitor (INM) and InfoWatch Device Monitor (IDM). INM module monitors file operations (read, edit, copy, print, and others.), Controls the operation of the user in Microsoft Office and Adobe Acrobat (opening, editing, saving under a different name, clipboard operations, printing, and so on. D.) and carefully record all the action with confidential documents. All this functionality is logically complemented possible modules IDM, who controls an appeal to the removable drives, drives, ports (COM, LPT, USB, FireWire), wireless networks (Wi-Fi, Bluetooth, IrDA), and so on. D. In addition, components of the INM and IDM able to work on laptops, and the security administrator can define special policies in force for a period of autonomy employee. During the next connection to the corporate network monitors immediately notify the specialist of safety, if the user tried to break the rules while working remotely.
All monitors that make up the IES, are able to block the leak in real time and immediately notify the incident to the security department employee. Management solution through center console, allows you to customize corporate policies. Also provides for workstation security officer, by means of which a special employee can quickly and adequately respond to incidents.
An important feature of the IES integrated solution is the ability to archive and store corporate correspondence. For this purpose, a separate software module InfoWatch Mail Storage (IMS), which intercepts all messages and puts them in the repository with the ability to conduct a retrospective analysis. In other words, companies can put an end to the vicious practice of arrest workstations employees and manual sorting "Inbox" in the mail client. Such actions undermine the working climate in the team, humiliate the employee and is often not possible to find any evidence against the employee. On the contrary, automated sample messages from the corporate archive brings much more useful, as it allows to trace the dynamics of changes in the activity of the user.
Relying on the comprehensiveness of its solutions, the company InfoWatch offers customers a range of supporting and consulting services. Among them are: pre-project survey, help to formalize the goals and means of IT-security, the creation of its effective policy solutions to adapt to the needs of the customer support and technical support, including a personal manager to every client.
Thus, a complete solution IES combines all aspects of the protection of confidential information by insiders.
Onigma Platform
Israeli company Onigma specializes in detecting and preventing leaks of confidential information by monitoring user actions at the level of workstations and network traffic filtering. It is interesting to note that management positions in research and development department of the company are concentrated in the former employees of the Ministry of Defense of Israel.The company provides very little information about the architecture of its decision Onigma Platform and implemented in its technology. However, information about the realized functionality is sufficient to state that Onigma Platform - a software product that covers the following channels of data leakage: email, IM, web traffic, physical devices (USB-ports and printers). Last functionality is implemented with the help of special agents installed on workstations and laptops customer. They enforce the rules and compliance with IT-security policies, centrally managed through a special console.
One of its main advantages the company Onigma believes that its solution quickly and easily deployed and integrated into existing IT-infrastructure. Thus, according to the supplier, the customer can save on retraining of personnel, implementation and support activities.
The disadvantage is the inability Onigma Platform create archives corporate correspondence, which greatly complicates the investigation of incidents IT-security leaks, financial fraud and suspicious activity insiders. Besides keeping business records, which includes e-mails - is a mandatory requirement of a number of laws and regulations governing business in many countries.
An additional drawback of the product - shallow control over the operations of users on workstations (including mobile). Solution Onigma Platform does not allow monitoring of action serving in office environments, at the level of files and clipboard operations.
PC Acme
Product PC Activity Monitor (Acme) manufactured and sold by Raytown Corp. It allows the most comprehensive and deep monitoring of user operations at the workstation level. It should immediately be noted that all of the submitted review software solutions only PC Acme product does not satisfy the principles of integrated and does not cover both network links and resources workstations. However, this program is still worth considering, since customers often a problem of comparing its functionality with the capabilities of other products considered in this paper. Note that the difficulties associated with the customer is not quite accurate positioning PC Acme, with the result that it may seem as if the product has active (rather than passive) functions and some analogue of the complex. To clarify the situation, it is necessary to evaluate the possibility of PC Acme Professional - the most functional version of the product.PC Acme program actually consists of two parts: the centralized management and deployment, and numerous agents introduced into workstations throughout the organization. As you can guess by the first component can be centrally distribute agents across the corporate network, and then manage them.
Agents are software modules that are deeply embedded in Windows 2000 or Windows XP. Developers have reported that the agents are located in the core of the operating system and the user is practically impossible to illegally remove or disable them from there. Agents themselves thoroughly logs all user actions: launching applications, keystrokes, mouse movement, transfer the input focus, the clipboard, and so on.. You can say that the event log, which is obtained at the output, in the degree of detail similar to the results vigilant surveillance of the computer screen . However, the resulting log, of course, presented in a tabular format.
The central management console and allows you to collect logged data on a single computer and analyze them there. It was then, and manifested two main drawbacks of the program.
Firstly, it is absolutely unclear how in a huge variety of events security officer will be able to identify those who are in violation of IT-security policy, led to leakage and so on. N. In other words, the product of PC Acme does not work with politicians in general. Its purpose is only to make a full and detailed report and covertly transmit it to a central computer. Note that during the day, one workstation can generate tens of thousands of logged events and the corporate network of such stations may be several thousand or even more. Obviously, all this analysis is not possible with his own hands. Meanwhile, the built-in event filters allow only the most primitive operations, for example, to separate the events associated with a particular application (eg, Microsoft Word).
Second, even if the security staff will be able to detect a leak, it still will not be able to prevent it. After the agent PC Acme recorded done in the past action, and confidential information has long reached the recipient. Of course, you can make a complaint to the insider, but block the leak in this way is impossible.
Thus, the program PC Acme has not only integrated, but does not prevent the leakage in principle. Moreover, the event logs maintained by each of the review product, always in sufficient detail to calculate an insider after the fact and serve as evidence at his charge. And in these journals, unlike protocol PC Acme, recorded actions only with sensitive data, not all system events in a row.
One would assume that the product is suitable for PC Acme small companies, where the actions of, for example, ten users, it is realistic to follow, periodically checking the event log. However, the allocation of IT-security functions in a separate post of officer for small business - is nonsense.
Verdasys Digital Guardian
The American company delivers a comprehensive solution Verdasys Digital Guardian, designed to detect and prevent leaks right at the workstation level. Incidentally, the product can not be accused of absence of complexity as Digital Guardian covers all leakage paths, making it in the places where the information is used.The implementation of such an approach are software agents installed on personal computers and laptops in the organization. Agents support the work of the operating system Windows, as well as among the Citrix Metaframe and Microsoft Terminal Server. Agents are responsible for detailed logging; for control applications, communications and data; identify policy violations; for filtering events recorded in the log before being sent to the server Digital Guardian.
Similarly as in the case of PC Acme, Digital Guardian agent is invisible to the user, therefore, can be introduced centrally and remotely. However, unlike in the composition of PC Acme Digital Guardian appears server where agents send event logs. The third component of the product is the management console, which can be accessed over the network. The console allows you to generate reports, collect and analyze information, to monitor the installation of agents to manage policies, and so on. D. Solution architecture is illustrated in Figure 4.
Scheme 4 . Architecture Digital Guardian
However, Digital Guardian has two disadvantages. Firstly, it is not hung archive email correspondence, making it difficult to investigate incidents IT-security, complicates the process of finding an insider and helps ensure compliance with various laws and regulations. Secondly, Digital Guardian does not produce content filtering is sent over the network traffic, since the filtration made at the workstation level, requires an enormous amount of hardware resources. Such a logical conclusion reached by experts IDC (see. «Information Leakage Detection and Prevention: Turning Security Inside-Out»): filtering, using linguistic analysis, other suppliers carry on dedicated servers. Consequently, Digital Guardian agents are able to distinguish from non-sensitive documents confidential only with the help of a predetermined list of protected objects (or labeled digital water marks, that does not matter). Hence, if a user creates a new document and fill it with sensitive information, for example, in the preparation of the report (after all, work with clipboard controlling agent), the document will remain vulnerable as long as there is no included in the list of protected objects. Precisely in order to avoid such a breach, solution developers in identifying and preventing leaks apply content filtering.
Results
The following is a table summarizing the main features of the reviewed products. The main parameters taken the most critical characteristics of solutions, but for a reasonable choice is recommended to make sure to read the product description in the text.| Authentica ARM Platform | InfoWatch Enterprise Solution | Onigma Platform | PC Acme | Verdasys Digital Guardian | |
|---|---|---|---|---|---|
| Control of the email traffic | Yes I Am | Yes I Am | Yes I Am | No | Yes I Am |
| Control of web traffic | Yes I Am | Yes I Am | Yes I Am | No | Yes I Am |
| Control of workstations | Yes I Am | Yes I Am | Yes I Am | Yes I Am | Yes I Am |
| Complexity (based on the previous three parameters) | Yes I Am | Yes I Am | Yes I Am | No | Yes I Am |
| Create an archive of corporate correspondence | No | Yes I Am | No | No | No |
| The choice between hardware and software implementation of some of the modules | No | Yes I Am | No | No | No |
| A wide range of supporting and consulting services | Yes I Am | Yes I Am | No | No | Yes I Am |
| Features of the solution | Built-in encryption | Tuning solutions to the needs of the customer; Each customer receives a personal manager support | No features of | Very low price | No features of |
No comments:
Post a Comment