Trend Micro Integrated Data Loss Prevention (iDLP)
Protect Your Data—from Endpoint to Cloud

Overview

Now more than ever, your data is on the move—whether it’s on a laptop, flash drive, or moving across physical, virtual, and cloud infrastructures. At any point along the way, your financial data, customer information, intellectual property, or trade secrets could be lost or stolen. Securing this data is further complicated by several growing risk factors:

• Rapidly evolving compliance regulations and mandates
• Continued growth of workforce mobility
• Employees using their own mobile devices and consumer apps for work
• Rising frequency of advanced persistent threats (APTs) and data breach incidents

To avoid the embarrassment, reputation damage, regulatory fines, and revenue loss, today’s enterprise must be able to identify, track, and secure all confidential data from multiple points within the organization without impacting employee productivity and performance. In the past, many organizations tried traditional data loss prevention (DLP) solutions but found they were too intrusive, too complex to manage, and too costly to acquire, deploy, and maintain.

Reduct the cost and complexity of DLP

Trend Micro Integrated DLP minimizes the complexity and cost of data security by integrating DLP functionality directly into your existing Trend Micro solutions and management consoles. With a lightweight plug-in, you can quickly and easily gain visibility and control of your sensitive data and prevent data loss via USB, email and web. The DLP plug-in requires no extra hardware or software, and it leverages built-in regional and industry-specific templates to simplify deployment. Integrated DLP allows you to deploy data security for a fraction of the cost and time of traditional enterprise DLP solutions.

Advantages of Integrated DLP

• Protect your data—today
  Deploy DLP immediately and gain visibility and control of your data right away
• Lower DLP costs
  Save on deployment and maintenance costs compared to traditional DLP
• Protect privacy
  Identify, monitor, and prevent data loss— on or off network
• Comply with regulations
  Implement controls for protection, visibility, and enforcement
• Educate users
  Notify employees of risky behavior or enforce user controls if necessary

Features

Integrated DLP on Endpoints

Strengthens Data Protection and Control

• Offers granular device control, including the ability to create specific rules based on vendor and serial number of the device
• Empowers IT to restrict the use of USB drives, USB attached mobile devices, CD/ DVD writers, and other removable media
• Detects and reacts to improper data use based on keywords, regular expressions and file attributes
• Educates employees on corporate data usage policies through alerts, blocking or soft-blocking and reporting

Supports Compliance

• Simplifies regulatory compliance with out-of-the-box compliance templates
• Speeds audits and enforcement with forensic data capture and real-time reporting

Streamlines Administration, Lowers Costs

• Simplifies deployment and maintenance with a lightweight DLP plug-in
• Improves visibility and control with a fullyintegrated, centrally-managed solution
• Reduces resource demand and performance impact with a single agent for endpoint security, device control and content DLP

---

Integrated DLP on Network Gateways

Strengthens Data Protection and Control

• Inspects your network 24x7 with real-time monitoring
• Tracks and documents sensitive data flowing through network egress points
• Identifies risky business processes and improves corporate data usage policies
• Detects and reacts to improper data use based on keywords, regular expressions and file attributes

Supports Compliance

• Aids in compliance with out-of-the box compliance templates
• Speeds audits and enforcement with forensic data capture and real-time reporting

Streamlines Administration, Lowers Costs

• Simplifies deployment with a DLP plug-in, requiring no additional hardware or software
• Improves visibility and control with a fullyintegrated, centrally-managed solution
• Automates response to policy violations with options to log, bypass, block, encrypt, alert, modify, quarantine, or delete data

---

Central Point of Visibility and Control

Trend Micro Control Manager provides a convenient centralized security management console that consolidates policy, events and reporting across multiple iDLP solutions. This powerful security management tool lowers costs by simplifying security management, providing enterprise-wide visibility into managed products down to the individual user level. Control Manager also includes access to threat statistics from the Trend Micro Smart Protection Network™ cloud-based security infrastructure. Administrators gain insight into both the global threat landscape and the protective power of Trend Micro security in their own environment.

---

Protect Data at Rest, in Use, and in Motion

Data at rest with wide coverage of file types
Trend Micro Integrated DLP can recognize and process over three hundred file types including most email and office productivity applications, programming languages, graphics, engineering files, and compressed or archived files. Discovery capabilities scan the endpoint, file server, mail store, or SharePoint repository to see where compliance data is located.

Data in motion control points
Integrated DLP gives you visibility and control of data in motion—whether it’s in email, webmail, instant messaging, and most networking protocols such as FTP, HTTP/ HTTPS, and SMTP.

Data in use control points
Integrated DLP provides visibility and control of data that’s being used in USB ports, CDs, DVDs, COM & LPT ports, removable disks, floppy, infrared and imaging devices, PCMCIA, and modems. It can also be configured to monitor copy and paste and print screens.

---

Simplify DLP with Policy Templates

To help you quickly deploy data protection, Trend Micro Integrated DLP ships with wide range out-of-the-box templates, including (but not limited to):

• PCI/DSS—International standard for data security for credit cards. Any company accepting credit cards are bound by these rules.
• HIPAA—The Health Insurance Portability and Accountability Act sets standards for any healthcare organization in the US.
• GLBA—Gramm Leach Bliley Act—Also known as the Financial Services Modernization Act, sets privacy regulations for banking, insurance, and investment companies.
• SB-1386—Refers to state data breach laws. This particular law conforms to the California law which is the standard for most other U.S. states.
• US PII—Refers to personally identifiable information for US. This is a general catch-all for U.S. organizations concerned with protecting customer and employee data.

---

Data Identifiers

In addition to templates, Trend Micro Integrated DLP includes a granular list of truly international identifiers to identify specific data by patterns, formulas, positioning, and more. Identifiers can also be created from scratch.

Documentation

Trend Micro Integrated Data Loss Prevention Datasheet (.PDF)