© Copyright 2020    RISC Management & Consulting, LLC 

                      RISC Associates, PLLC

RISC DLP Solutions

The first step in any information security and compliance program is understanding what data your organization has, where it is located, and who is using it; authorized or unauthorized. RISC Management's DLP solution can assist you in finding the sensitive information that is created, collected, stored, processed, transmitted, disclosed, or archived by your organization. Complete and accurate knowledge is necessary in order to understand what laws or requirements apply to your organization, and which members of your workforce may require training or monitoring.



RISC Management delivers data loss prevention (DLP) solutions that protect regulated, sensitive, or confidential employee, customer, or company information and safeguard intellectual property across all electronic communications channels.



RISC Management can help you watch the sensitive information flowing into, throughout, and out of your network without impacting performance or requiring infrastructure modifications.

Network DLP

The Network DLP solution enables healthcare organizations, financial institutions, banks, universities, and any concerned business of any size, to effectively monitor, enforce and audit the loss of confidential data across all popular Internet communications channels - including email (SMTP), Web (HTTP), Secure Web (HTTPS), and File Transfer Protocol (FTP). Online applications and services such as WebMail, Social Networks, Blogs, and Wikis are fully inspected for sensitive data and all transactions/postings are blocked if necessary.

Key Benefits:

  • Monitors and controls all network traffic

  • Flexible, tailored responses

  • Accelerates compliance efforts securely



Endpoint DLP

Endpoint DLP provides total visibility and complete control over sensitive information residing on servers, laptops, desktop, and removable media. The endpoint agent captures and records all system, user and data events on or off the network. You can configure the agent to automatically block suspicious insider activity or outsider attacks – malware and malware-free - before sensitive data is lost.



The Endpoint DLP component provides both device level control and content aware inspection, allowing flexible policy-based or context-based  enforcement. Detailed activity logging provides audit history information necessary to demonstrate compliance. Offline policy enforcement ensures protection for laptops and other devices even when disconnected from the network.

Key Benefits:

  • Protects intellectual property and personal information

  • Granular control of all data movement

  • DLP only when you need it

  • Built-in Advanced Data Classification

User & Entity Behavior Analytics

Attackers can steal an employee’s user name and password, but it's much harder to mimic that person’s normal behavior. User & Entity Behavior Analytics (UEBA) capabilities provide visibility into all user, computer, printer, and file events to assess the risk level of behaviors. This continuously updated view reduces dwell time to enable faster and more accurate determination of an attack. 

Key Benefits: 

  • Detect and mitigate threats sooner

  • Reduce dwell time

  • Prioritize the most serious risks

  • Enterprise-wide risk reduction

Managed Security Program

Many organizations struggle to find qualified security professionals to protect their sensitive data from increasing insider and outsider threats, and the security talent shortage is not going away anytime soon. Even for organizations with a mature security team, it is incredibly difficult to stay on top of all the malware innovations.

The Managed Security Program (MSP) acts as a remote extension of your team and offers data protection as a managed service. Security experts will host, administer and run your data security platform. These 24*7 global analyst teams that live, eat, and breathe data protection will help you contain insider and outsider threats before sensitive data gets out of your organization. Data loss prevention, endpoint detection and response (EDR), or compliance, you'll be covered.

DLP Key Benefits

• Compliance with regulations such as HIPAA, Red Flags Rule, PCI, and state/federal privacy regulations
• Automated email encryption utilizing policy-driven healthcare data classification and filtering
• Unobtrusive enforcement of data loss prevention policies across all popular Internet communication channels
• Healthcare code sets (e.g. HCPCS, ICD-9, LOINC, and NDC) as built-in dictionaries
• Inclusive data logs of confidential data copied, sent, or downloaded


Features
• Affordable and easy-to-manage
• Monitors and enforce electronic communications
• Integrated email encryption
• Predefined policy templates
• Quick deployment



Two Modes of Assessment

  1. Risk Assessment - Find out what sensitive information your organization really has on its servers and workstations, in databases, on USB drives, and flowing across (and out of) the network! A DLP risk assessment will result in a report for executive management, compliance, risk, or information security departments of what your organization really has, who's using it, and where it's stored and shared.

  2. DLP Deployment - Implement a DLP solution and monitor your network activity, Internet traffic, databases, servers, workstations, and portable media, and apply policies to control the movement and sharing of data, that are in accordance with regulations and company policy. Anything else is just subjective guesswork!

Contact RISC Management today to discover how we can help you!