addressing todays governance risk and compliance requirements

www.

watc

hful

softw

are.

comAddressing today’s Governance, Risk and Compliance requirements

[email protected]

Watchful SoftwareKeep IT Secret

www.

watc

hful

softw

are.

com

05/01/2023 © Copyright www.watchfulsoftware.com. 2015 All Rights Reserved. 2

On this Webinar

Attend this webinar to learn how RightsWATCH addresses today’s Governance, Risk and Compliance requirements with a world-class information protection software, allowing enterprises to protect their assets, limit liability, and slash risk of adverse reaction to the business from data leakage… all while increasing the competency of the user base.

You are muted centrally. You don’t need to mute/unmute yourself This webinar is being recorded. You’ll have access to it On-demand

at www.watchfulsoftware.com/en/resources The Q&A session will be at the end. You are welcomed to enter

questions anytime, using the Questions feature in the GoToWebinar control panel

Rui Melo BiscaiaDirectorProduct ManagementWatchful Software

http://www.watchfulsoftware.com/en/resources

www.

watc

hful

softw

are.

com

The world we live in

www.

watc

hful

softw

are.

com


The Insider Threat rules of thumb

TheInsider Threat

It’s not a matter of ‘if’, but ‘when’

It’s not really about databases anymore

Hackers aren’t the greatest threat

This doesn’t have to keep happening

www.

watc

hful

softw

are.

com


The new paradigm is Data-centric Security

GOVERNANCE

PROTECTION

LOSSPREVENTION

CLASSIFICATION

www.

watc

hful

softw

are.

com


The new paradigm is Data-centric Security

GOVERNANCE

PROTECTION

LOSSPREVENTION

CLASSIFICATION

to enhance compliance

to uphold policies

to decrease liability

to apply policies

www.

watc

hful

softw

are.

com


The foundation of a successful information security GRC initiative

www.

watc

hful

softw

are.

com

RightsWATCH GRC usage scenario

Paul is an Information Security officer (ISO) that extracts costumer BD

Data is exported to an Excel Spreadsheet(PAN & PII incl.)

Paul clicks on the “New e-mail” button on MS Outlook and attaches the Excel Spreadsheet onto the new e-mail message

As soon as the Excel Spreadsheet is attached to the e-mail, RightsWATCH automatically classifies and protects the file, without asking Paul for any decision or action on his part

Paul mistypes the e-mail address and clicks the “Send” button

The email is prevented from being sent, because RightsWATCH recognizes that the e-mail address that Paul typed is wrong

RightsWATCH informs Paul of the fact and allows him to correct the mistype so that the e-mail can be sent to the Risk & Compliance manager

Risk & Compliance manager receives the e-mailRightsWATCH prevents the Risk &

Compliance manager from saving the file onto Dropbox and/or from forwarding it to his personal Gmail account, by blocking him from doing so. He gets a notification on the reason why he is being prevented from doing it.

www.

watc

hful

softw

are.

com


The PCI-DSS

Amongst the PCI-DSS guidelines for the protection of credit card holder information, are: The usage of data encryption The need to secure the storage of data and The need to have in place access control methods to the data

By deploying RightsWATCH to meet the PCI DSS compliance requirements you: Avoid Liability Risk due to Data Loss or Theft Protect information exchanged with external partners Protect information during transfer, storage and usage

www.

watc

hful

softw

are.

com


HIPAA

According to HIPAA: Only the minimum health information necessary to conduct

business is to be used or shared RightsWATCH can help organizations meet HIPAA requirements

as it: Allows PHI to be automatically classified and protected Provides a powerful policy engine that identifies PHI and takes

actions to classify, apply protective markings and labels and decrease liability

Applies DRM to control access and usage over files that contain PHI

Delivers a comprehensive audit trail

www.

watc

hful

softw

are.

com


The ISO 27001

ISO 27001 requires organizations to implement security controls to build an Information Security Management System (ISMS).

RightsWATCH helps organizations to adherence to best security practices by: Preventing inadvertent data loss, even when completely outside your network Educating users on data sensitivity, while ensuring adherence to security

policies Implementing a Multilevel Security Model that extends the ISMS Ensuring compliance with the requirements around the handling of sensitive

data Allowing users to identify key data & make decisions about how it is stored,

transmitted and used Classify and protect information which requires special handling

www.

watc

hful

softw

are.

com


The UK GSC

The Government Security Classifications (GSC) requires information assets to be classified into one of three standard levels: Official, Secret and Top Secret.

RightsWATCH is uniquely capable of applying the “new” GSC schema as it: Can be supplied with a 'pre-made' security classification schema

to ensure compliance that includes the security classifications and descriptors

Allows for easily adding extra descriptors, customized tool-tip texts for each classification, or custom-configured text labels for each security classification

Allows the “vanilla” classification schema to easily be modified to meet the specific needs of HMG Departments, Agencies, Local Authorities and Police Forces

www.

watc

hful

softw

are.

com


Q&A

Check out the “Resources” area on www.watchfulsoftware.com and watch short product walkthrough demonstrations of how RightsWATCH address a comprehensive set of use cases

E-mail [email protected] to request a demo of RightsWATCH

This webinar is being recorded. You’ll have access to it On-demand at www.watchfulsoftware.com

http://www.watchfulsoftware.com/en/resources/videos

mailto:[email protected]

http://www.watchfulsoftware.com/

www.

watc

hful

softw

are.

comAddressing today’s Governance, Risk and Compliance requirements

[email protected]

Watchful SoftwareKeep IT Secret