Any company, independent of its size and industry, is exposed to data losses through intentional theft or the negligent handling of data and risks know-how losses, competitive disadvantages, penalties and also major image damages `in case of notifiable data losses (§ 42 a BDSG).
Malware is malicious code that can be infiltrated into the company through a variety of data paths. Malware may destroy data (traditional viruses), but also transfer data elsewhere (Trojans) – again, this results in data losses. Often, malware is used for industrial espionage purposes. While most people think that antivirus software or a firewall is able to protect them against malware, this approach does not go far enough, since infected devices (mobile media, USB sticks, smartphones etc.) may also infiltrate malware into the company.
The Data Protection Act provides for high penalties in case certain kinds of data are lost – and no company can ignore the related risks. However, companies do not only face liability risks based on data protection regulations, but also through copyright infringements or incompliance with licensing regulations, if the corporate IT is used by their employees for private purposes.
Employees who use corporate IT devices, for instance, to play PC games, edit their holiday pictures, download music or movie files or chat in social networks, do not only expose the company to liability risks, but also cause higher costs due to productivity losses, a factor that is often highly underestimated.
The C.A.F.E. management principle developed by EgoSecure solves these problems through the intelligent combination of the following functionality:
Defines which user is authorized to use which data paths. Only those employees who need sensitive data for their work have access to these data.
Logs provide evidence if users violate laws and regulations to ensure that they handle data with care – an important requirement to ensure IT compliance.
Separates critical data types from uncritical data types and blocks data types that are not wanted within the company.
The C., A. and F. components ensure that only authorized employees have only access to data and applications which are relevant for their work. 100-percent all-round protection is provided by encrypting authorized data, since encryption also protects against intentional data theft or the negligent loss of data.
The intelligent and central management ensures the easy installation and administration of functionality and a high degree of usability.