A comprehensive solution for managing access to unstructured data and monitoring its use using an integrated system of administrative processes, policies and guidelines.

Docs Security Suite (DSS) is a new paradigm of IRM systems

Our comprehensive solution minimizes the risks of possible leakage of corporate information arising from the distribution of electronic and printed copies of documents. The main problems solved by DSS are the implementation of the information security regime adopted in the organization. Docs Security Suite is a new generation of IRM.

Questions

  • Are the requirements of the law “On Trade Secrets" fulfilled”
  • Where are electronic documents located, and who works with them?
  • Are confidential electronic documents protected in your company?

DSS is aimed at

  • protecting important information;
  • identification and classification of valuable data for the company;
  • determining access rights to resources;
  • unification of company documents with the possibility of investigation;
  • control of each operation to prevent misuse of data.

Tasks for Docs Security Suite (DSS)

Classification Labeling and classification of information
Access control Differentiation of access to information
Analytics Integration with DLP/SIEM to improve the accuracy of the rules in order to monitor / prevent information leaks
Unicalization Unification of documents with the possibility of investigating incidents
Encryption Encryption of critical documents

How Docs Security Suite (DSS) works

The program runs on the EndpointController platform - scans employees' PCs, network folders and transmits data for analysis to the server.

Flexible customization of the program taking into account the needs of the company

create rules for searching critical documents (by text, by file attributes);
set permissions and prohibitions on working with files by users, computers and applications;
select the schedule and scan conditions.

DSS modules and their purpose

Depending on the tasks facing the company, Docs Security Suite can be represented by the following modules:

DSS IRM is a module for marking Microsoft Office documents and access control

Purpose:
  • set a visual and hidden label to MS Office documents (Word, Excel, Power Point, Visio);
  • to differentiate users' access to electronic documents and labels in accordance with the regulations and policies of the Information security System in force in the organization for the operations of opening, saving and printing a document;
  • for each document, determine its location, as well as who, where and when worked with it;
  • recreate and systematize the entire history of document creation, regardless of the existing document management systems in the company;
  • restore the chain of creating versions, copies, drafts of a document from a blank sheet to its final version, including all shipments for printing;
  • provide the possibility of integration with DLP systems and reduce the percentage of false positives;
  • set an additional hidden label to the document session.

DSS DLP Integrations - Data Leak Protection Module

Purpose:
  • ability to work with various DLP systems
  • autolabeling of documents with the dss label received from the dlp system
  • marking of documents based on the analysis of the contents of the document, which is carried out inside the dlp system
  • ability to adjust the marking process
  • ability to configure the correspondence between the dss labels and the data that came from the dlp system
  • marking a document based on the level of criticality of the label

DSS Analytics - Analytics Module

Purpose:
  • Registration and display of events from client workstations performed on documents.
  • Based on the received data about the event / document, the possibility of analysis and identification of suspicious manipulations or activities.
  • Registration of system events produced by the system.
  • Displaying the history of document changes from child to parent.

DSS Uniqueization - module for steganography and document unicalization

Purpose:
  • hidden encoding of information in the document text while the user is working with doc\docx format documents;
  • hidden encoding of PDF documents using the "Circles" algorithm;
  • access control to the functionality of the unicalization and parameter settings are centralized from the server part of the system;
  • uniquely record the facts of opening documents with reference to the environment;
  • identification of the involvement of a particular user in the publication of internal documents of the company, which led to the leakage of confidential information;
  • increased recognition accuracy due to photo preprocessing.

DSS Classification

is a classification module whose task is to search for information, which consists in assigning a document to one of several categories based on the content\location of the document
  • classification of organizations' documents by location or content;
  • managing the classifier service on the system admin panel, generating templates for classification;
  • classification of documents in the following formats: doc, docx, xls, xlsx;
  • monitoring of actions depending on the type of classification performed;
  • organization of information in the organization;
  • does not depend on the language, terminology and context;
  • improves the quality of information searches, accuracy and completeness of results;
  • serves as a basis for the selective distribution of information and statistical data.

DSS Encryption - Document encryption module based on access control

Purpose:
  • converting information and not being able to view it without an encryption key;
  • the possibility of maintaining the secrecy of highly confidential company documents;
  • the document can be decrypted only by users who have access to the decryption key;
  • document decryption control, for employees only with a certain level of access to confidential documents.
Hardware and software requirements
Docs Security Suite Architecture