Avoid data leakage, espionage, sabotage and other reputation and business risks without losing employee performance and mobility.

Simplify authentication authentication.

and introduce global single sign on, optionally combined with biometric

 Employees can send confidential data out unintentionally or maliciously.

 By leaving the company, practitioners or employees can take sensitive data with them.

 Employees can lose their portable computers or storage devices. They can also be stolen.

 Competitors can spy or bribe company staff to steal inner data.

 Computer viruses or malicious software can delete or export the data.

 A hacker can steal company data over the Internet using exploits or security holes.

ControlSphere DLP encrypts a portion of local, network or removable (flash) drive. This is a secure storage for confidential data.

or or or This storage is visible for programs started with DLP system only and inaccessible for programs started as usual.

For easier recognition, all programs started within the DLP environment Both program types run side-by-side on the same user desktop. But they behave and access data differently.

Employees can export, backup, restore and exchange their secure data through encrypted data containers, leaving the convenience of an unsecure approach in place.

?

?

?

?

?

Data inside the containers is inaccessible outside of the DLP environment. This way the data never leaves the secure DLP environment of a company.

  Internet Explorer can be used under the DLP environment. Allowed WEB site list is configured by administrator.

ControlSphere Password Manager

can prevent users from accessing same locations (URLs) outside of the DLP environment.

ControlSphere for Smartcards can be used in combination with ControlSphere DLP.

It uses smartcards or USB tokens (reader-less smartcards) as a secure storage for...

 Smartcard/token + PIN replaces all other authentication requests.

 Users do not have to remember or even know their Windows account and all other user name/password combinations for all Windows programs and WEB sites.

 Administrative policy may prevent users from viewing and changing some or all data stored on their devices.

 Logon to Windows securely  Encrypt your files, local, removable and remote storage  Authenticate to all Windows programs and WEB sites automatically, without typing any passwords (Single-Sign-On approach)  Remotely control smartcard usage and data via unified ControlSphere TMS/DLP server  And much more…

Password Manager (SSO) extends and, if necessary, automates all password requests across the system.

Administrator can centrally lock one or more password records on user smartcards for sole use with the DLP environment. The actual passwords will be hidden from users.

In this case only DLP-enabled program instances will get access to the required credentials (i.e. access passwords).

ControlSphere DLP is a client-server solution capable of securely authorizing users inside and outside of company firewall.

TMS/DLP Server runs on standard Microsoft IIS.

Users access to their secure data, maintenance and password reset functions are controlled remotely by using encrypted HTTP connectivity.

    Secure Systems creates modular and practical security and process automation products.

We do not only sell them as they are, but offer custom combined solutions perfectly matching customer needs.

We design, develop and deploy specific solutions together with our customers or their system integrators.

Everything is possible... this is our motto.

  We offer flexible biometric solutions, standalone and as extensions to existing software.

There is more, but, maybe, … next time

   Biometric SSO

Thank You!

biometric authentication.

Biometric Access control.

combines biometrics, use of RFID tags and electronic locks for reliable 2-factor physical access