|
 Entrust Entelligence Group Share
| Entrust Group Share - functioning
|
Entrust Group Share - benefits |
| |
|
|
What are you getting from Entrust Group Share |
Enables regulatory compliance
Regulations and laws for data security in companies are getting stronger and stronger. Disclosure Laws, HIPAA, SOX, PCI DSS, Gramm Leach Bliley are challenging the companies efforts to reach data security. Entrust Entelligence Group Share enables regulatory compliance, audits are no problem anymore.
Reduces the risk of data breach
Organizations regularly store sensitive information such as trade secrets, employee data and customer account information on internal corporate networks, e.g. for collaborating on projects, but not anyone with access to the corporate network should have access to such sensitive data. Data breaches induce much bad publicity and industrial espionage is also an hot topic. A classification of data is basic, but the classification has to be realised, Group Share enables protection of sensitive, classified data on network shares.
Protects against inappropriate access
An unsolved problem in many organisation is, that IT-Administrators have the possibility to access sensitive and classified information. An outsourced IT doesn't ease this situation.
The top concerns of CSO are careless and risky behaviour of employees and lack of awareness and education. Resistance by managers and employees against policies and deliberate malicous attacks by internals are further concerns.
With Entrust Entelligence Group Share no workflows of the staff were changed, nevertheless sensitive information is protected.
|
Encryption by Entrust Group Share |
Encryption solutions are targeting different security needs, some approaches have problem areas you should be aware.
In our Cryptoshop Knowledge Base you find some basic information about encryption solution
approaches and the problem areas of them
.
Entrust Entelligence Group Share is a "shared data encryption" or "network date encryption", it uses encryption for protection of the data of certain user groups, which is stored and organised for collaboration on network storage. Encryption of the information is persistent, the files remain encrypted when moved or copied to other media.
A classic File and folder encryption, or sometimes called Desktop Encryption is focussing on the protecion of data for a a certain user on local storage or transport media. hingegen erlaubt es Benutzern die Informationen lokal am Rechner oder Transportmedium zu verschlüsseln. Tranfer to another authorised person need a recoding of the file.
E-mail encryption, like S/MIME protects information in E-Mails while transportation.
A Full-disk encryption, with Pre-Boot-Authentication is encrypting the whole hard disk rather than single files. This approach is useful for mobile users because it is focussing on loss or theft of the media. Booting such computer means, that necessary data is decrypted.
|
|
|
|
|
Why is Entrust Group Share so easy to use! |
- Users don't have to change their normal workflows, they don't have to learn special routines for security, they simply don't have to think about security.
- Group Share is not restricted to information on network shares. The encryption is persistent when files are moved to other storage media.
- Administrators are able to manage users, groups and permissions with convenient administration interface and don't have and don't need access to the data itself.
- offline access to data without connection to Group Share Server is possible and can be controled via policies. The cached decrytion keys can expire, so that a connection to the Group Share Server is necessary from time to time. In this way updates of the permissions are forced to the computers, which are offline from time to time
- there is no need for an extra backup encryption system, the current permissions are applied to restored data.
- rich web based administration interface, and seamless integration into existing infrastructure. (AD, PKI, SQL DB)
Have a look at the Group Share Flash Demo
on the Entrust pages.
|
Automatic enryption by Group Share |
 |
encryption is transparent for users and applications |
|
persistent encrytpion protects data when it is copied or moved |
|
support of Active Directory Groups |
|
central auditing of access and changes in permissions |
|
changes in permissions without reencrypting the data |
|
authentication of the users via Windows Authentication or certificates |
|
for restored data from backup the current persmissions are applied |
|
rich role and authorisation system for control of folders and groups. (creation,..) |
|
 |
|
|
|
|
|
|
|
