Proofpoint: Security, Compliance and the Cloud

92 posts categorized "Cloud Computing"

April 29, 2013

Longline Phishing Infographic: How Industrial-scale Phishing Attacks Work

In conjunction with last week's Infosecurity Europe 2013 show, our UK team put together this really cool infographic that explains how a new class of industrial-scale phishing attacks -- which Proofpoint recently dubbed "longline phishing" attacks -- work, along with tips for avoiding such attacks.

To learn more about this new class of phishing attacks, check out our longer form report, Longline Phishing: Email-borne Threats, Cloud Computing, Big Data, and the Rise of Industrial Phishing Attacks.

Click the infographic image below to view it full size!


January 25, 2013

Some Customer Insights on Improving eDiscovery Process Efficiency in the Cloud

In light of next week’s Legal Tech 2013 event in New York (stop by and see Proofpoint at booth 2607), we wanted to recap some of the really terrific insights from our recent web seminar on eDiscovery process efficiency.

In that webinar (see, "Improving eDiscovery Efficiency in a Cloud-based World"), our special guest speaker,  Jonathan Rudolph, attorney for medical device manufacturer C. R. Bard,  raised some very interesting points that might be useful for those heading to Legal Tech next week.

Jonathan was a key part of the team that selected and deployed Proofpoint Enterprise Archive at C. R. Bard and has a unique role in that he serves as both the eDiscovery manager within the IT organization, as well as an attorney within the legal department for this global manufacturer and marketer of medical products, based in New Jersey.

His role as IT-legal liason makes him uniquely qualified to discuss the challenges faced by organizations attempting to improve discovery processes, as well as offer best practices to get past common obstacles. Some of the key points he highlighted:

  • eDiscovery remains a matter of perspective, with organizations struggling without a common vocabulary and shared priorities. This gap is made more challenging by the fact that it limits the ability to create a shared view of the problem, which then contributes to a set of common priorities across IT and legal teams. Judges, however, remain above the internal fray and bring unpredictable knowledge (and comfort) of how, when, and where technology and eDiscovery processes intersect.
  • For some, today’s processes for identifying and collecting email for discovery can be like a rat maze. He notes that some archiving solutions even return different sets of search results for the same query at different times, leading to completely unpredictable (and clearly incomplete) discovery results. This type of problem not only consumes IT resources, but entails significant organizational risk and can result in multi-million dollar costs to have outside counsel filter through "junk" results.  There are no shortage of recent court rulings that highlight the potential impact (e.g., Samsung v. Apple, Hynix v. Rambus) and costs of "discovery gone wrong."
  • Many organizations cannot “break the monkey machine”. In his remarks, Jonathan refers to unbending organizational processes as "the monkey machine." The monkey machine has always done things a specific way, and has embedded that into the company's organizational culture and fabric. To "break the monkey machine," Jonthan argues that it's imperative to involve both the legal and IT departments  from the outset, and that it's helpful to have an individual who can “speak both languages.” Further, it's critical to be able to quantify savings delivered by any technology-enabled eDiscovery process improvement.
  • The goal of defensibility is a myth:  Defensibility as a goal often leads to reactivity – which provides a poor starting point and places the burden of persuasion with you, not your adversary. Companies are better served in moving toward a position of justifiability in order to better dictate the rules of the game.
  • Security in the cloud is an internal obstacle – that can be overcome. It is inevitable that IT will continue to look for opportunities to cut costs by moving to the cloud. Legal teams - who are often reluctant to embrace cloud-based approaches to eDiscovery - can be persuaded by showing them the advantages of strong service level agreements (SLAs) and security features (such as Proofpoint’s DoubleBlind Key Architecture) which leave data access and control decisions in the hands of legal decision makers – not cloud service administrators.

Using Proofpoint Enterprise Archive, Jonathan and the team at C. R. Bard have already realized the benefits of automating critical, early-stage discovery tasks. After using the system for 4 large matters, he is happy to report that the solution delivers as advertised and has already proven its ability to provide cost reduction and enable greater process efficiency.

To hear all of Jonathan's insights, watch the replay of "Improving eDiscovery Efficiency in a Cloud-based World."

And if you're in NY for Legal Tech next week, please stop by and meet us at booth 2607!

January 23, 2013

Proofpoint Winter 2013 Release Introduces Proofpoint Secure Share: Secure, Managed File Transfer for the Enterprise

In a press release issued today, Proofpoint announced its Winter 2013 release, which includes updates to our entire suite of cloud-based enterprise security and compliance solutions. One of the highlights of the latest release is a new cloud solution for securely transferring large or sensitive files, Proofpoint Secure Share.

Proofpoint Secure Share provides enhanced security and administrative control over traditional file transfer methods, existing on-premises solutions, and public cloud file sharing services. It leverages the advanced data loss prevention features of Proofpoint Enterprise Privacy to automatically enforce DLP rules such as blocking or encrypting sensitive content.

For a quick overview of the capabilities of Proofpoint Secure Share, including the end-user experience, administrative interface and data loss prevention features, check out this brief video demonstration:

In addition to the new secure file transfer capabilities, the Winter 2013 release includes enhancements across our cloud-based threat protection (Proofpoint Enterprise Protection, Proofpoint Targeted Attack Protection), archiving (Proofpoint Enterprise Archive), and governance (Proofpoint Enterprise Archive Content Collection option) solutions.

In our next live web seminar, File Sharing: Getting Data Control Without Frustrating Your Enterprise Users, we'll be taking a closer look at Proofpoint Secure Share and the issues involved in enabling business users to share large files in an easy, secure and compliant way.

December 18, 2012

Gartner 2012 Magic Quadrant for Enterprise Information Archiving: Proofpoint One of Three Leaders

Gartner-Email-Archiving-Magic-Quadrant-Enterprise-Information-Archiving-2012New for December 2012, industry analyst firm Gartner has published its Magic Quadrant for Enterprise Information Archiving. This report provides a detailed overview of the Enterprise Information Archiving (EIA) market and evaluates he key vendors based on their completeness of vision and ability to execute.

In the new report, Proofpoint is one of only three vendors positioned as Leaders.

As usual, Proofpoint has licensed a reprint of the new EIA magic quadrant and you can read the full report, compliments of Proofpoint, at the following URL:

Writing in the 2012 Magic Quadrant for Enterprise Information Archiving, Gartner analysts Sheila Childs, Kenneth Chin, Debra Logan and Alan Dayley note that, "The EIA market is healthy and growing rapidly. EIA has emerged as a commonly used technology underpinning for higher-level use cases supporting information governance, e-discovery, historical preservation of data and application retirement."

In addition to a comparison of the various archiving vendors and their solutions, the report also highlights several key trends in the enterprise information archiving market, including:

Increasing adoption of cloud-based archiving: The analysts write, "Archiving as a service (aka cloud archiving) has rapidly surpassed on-premises archiving as the preferred deployment model for most organizations."

Growing importance of information governance as an important business driver: Gartner says, "Broader information governance concerns (regulatory compliance, business-focused retention and deletion of data, and managing aging data based on a clear understanding of its value) are beginning to surpass e-discovery as the primary driver for deploying EIA."

In-place management of legal holds is also highlighted as an important feature: Gartner says, "Another trend that is emerging as an offshoot of an organization's desire to better manage its archiving and e-discovery processes is in-place legal hold. This functionality offers the ability to identify data wherever it resides and either apply legal holds to the data without moving it to an archive or to move it to a temporary archive at that point."

There's a lot more terrific information about today's enterprise archiving market in this report. To read it now, follow the link above, or simply complete the mini form, below:

About the Magic Quadrant graphic:

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Proofpoint, Inc. 

Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

October 04, 2012

Free RSA® Security Expo 2013 Passes, Courtesy of Proofpoint: Use Code FXE13PRF

RSA-Conference-Free-Exhibit-Passes-2013[Update 10/9/2013: Looking for 2014 passes? Use our new code SC4PROOFB.  Find registration link in this post.] 

In a sure sign that summer is over and that the holidays are nearly here, I am informed that registration is now open for the RSA Conference 2013.

As usual, Proofpoint will be exhibiting at the RSA Conference 2013, to be held February 25 thru March 1, 2013 at Moscone Center in San Francisco.

If you'd like to attend the RSA Conference 2013 expo (exhibits), you can get a free exhibits-only pass (which RSA calls an "Expo Pass") courtesy of Proofpoint by using code FXE13PRF when you register.

To register for your free RSA exhibits pass, please visit the following URL and enter code FXE13PRF during the registration process:

We look forward to seeing you there! Proofpoint will be exhibiting at booth #739, demonstrating our entire suite of cloud-based data protection solutions, including threat management (email security), compliance (data loss prevention, email encryption), archiving & governance, and secure communications.


October 02, 2012

Cloud Storage and Collaboration Meet Security, Compliance and DLP: Box and Proofpoint Team Up

Box-and-proofpoint-logosOur friends at content sharing leader Box issued a press release about ongoing efforts to improve enterprise adoption of its service by improving visibility and security for files stored in Box's cloud.

A significant part of that effort involves an integration partnership between Proofpoint and Box that extends Proofpoint's cloud-based data loss prevention (DLP) capabilities to content stored in Box. Using these new features, administrators will be able to ensure compliance with a wide variety of corporate policies, comply with data protection/privacy regulations and guard against the loss or exposure of confidential information.

As Proofpoint CEO Gary Steele explained to CIO Today, "We are delivering an advanced layer of security capabilities that enable enterprises to have a full view of what is happening with sensitive information across their organization."

Gary will be talking more about this partnership during a panel discussion at the upcoming Box customer conference, BoxWorks.


September 24, 2012

eDiscovery and Legal Hold for Documents: Proofpoint Content Collection Extends Proofpoint Enterprise Archive Power to Files

Today, Proofpoint announced a new option for Proofpoint Enterprise Archive that extends that cloud archiving solution's eDiscovery and legal hold capabilities beyond email, to the vast world of document files (see, "Proofpoint Announces First, Targeted, Content Collection Solution to Enable eDiscovery of Unmanaged, In-Place Documents").

The new Proofpoint Content Collection option for Proofpoint Enterprise Archive allows users to locate and collect content stored in a wide variety of repositories -- including desktop and mobile hard  drives, shared drives, removable drives and Microsoft SharePoint -- and then easily manage and enforce legal holds on that content, regardless of where it resides in the organization.

Proofpoint VP of product marketing, Kevin Epstein, put together this brief video demo that shows the new capabilities:


Quoted in today's news announcement, Proofpoint's EVP of product management, David Knight explained, "The new Content Collection option for Proofpoint Enterprise Archive reflects our broad, on-going commitment to the governance of all unstructured information. Operating in conjunction with Proofpoint Enterprise Governance, this tool eliminates the need for enterprises to create bloated archives based on 'store everything' policies, while at the same time ensuring that relevant material will always be available for ediscovery when needed. It's an approach that’s less costly and more efficient."

Learn more about the features and benefits of Proofpoint Content Collection at the following URL:



August 20, 2012

New Email Security Magic Quadrant: Proofpoint is a Leader in the 2012 Magic Quadrant for Secure Email Gateways

Magic-Quadrant-for-Secure-Email-Gateways-2012New for 2012, Gartner's "Magic Quadrant for Secure Email Gateways" -- wherein Gartner describes the current state of the email security market, technology and threat trends, and describes the leading vendors and solutions in this market -- has been published.

As usual, Proofpoint has licensed a reprint of the new magic quadrant and you can read the full report, compliments of Proofpoint, at the following URL:

Writing in the 2012 "Magic Quadrant for Secure Email Gateways," Gartner analysts Peter Firstbrook and Eric Ouellet note that, "Buyers should focus on strategic vendors, data loss prevention capability, encryption and better protection from targeted phishing attacks."

While spam volumes have declined, Gartner notes that targeted attacks against organizations represent an increasingly serious threat, noting that, "Better protection from targeted phishing attacks is the most critical new inbound protection capability (72% of respondents indicated that this was a very important capability), but only a few vendors have advanced the state of the art against these attacks."

There's a lot more great information in this report, which you can read by following the link above, or by simply completing the mini form, below:

About the Magic Quadrant graphic:

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Proofpoint, Inc. Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. 

August 13, 2012

Get a First Look at Targeted Attack Protection: Live Next Wednesday!

Proofpoint-targeted-attack-protection-spear-phishing-defenseOur live web seminar series continues next week with, "Targeted Attacks on Your Key Employees: How to Respond to Targeted Attempts to Steal Sensitive Enterprise Data." As readers of this blog are no doubt aware, spear phishing and other forms of targeted attacks represent one of the most dangerous attack vectors today.

In this live web seminar (Wednesday, August 22nd at 11 AM PT, 2 PM ET), we'll share best practices for responding to targeted attacks. In addition, you'll get a first look at the new Proofpoint Targeted Attack Protection solution. The newest addition to Proofpoint's security-as-a-service suite uses big data analytics and other advanced technologies to help organizations identify, defeat and remediate targeted attacks. And the user interface (especially the "Threat Insight" dashboard) is incredibly slick -- definitely worth checking out.

As usual, we'll also reserve time for Q&A to answer your questions live.

To register, follow the link above, or simply complete the form below. Webinar registrants will get a link to the replay of the live event as soon as its available, so it's worth registering even if you can't make it to the live event. We hope you'll join us!


August 02, 2012

Now Available: Proofpoint Enterprise Protection and Privacy 7.1, Proofpoint Targeted Attack Protection

Learn More: Proofpoint Targeted Attack Protection"Ship it!"

It's been a busy week on the engineering side of things here in Proofpoint land as a new version of Proofpoint Enterprise Protection / Proofpoint Enterprise Privacy is now available, and the new Proofpoint Targeted Attack Protection solution has also become generally available.

New features in Enterprise Protection/Privacy version 7.1 include support for Proofpoint Targeted Attack Protection, a new MLX Reputation service, administrative interface enhancements including French and German versions, new Smart Identifiers (for Privacy), security enhancements and much more.

As always, the new version is free to current customers of Enterprise Protection or Enterprise Privacy. Current customers can initiate an upgrade by opening a new support call requesting an upgrade to version 7.1. More details on the new version can be found in this support note (your support login is required to view).

Our new cloud-based solution for spear phishing and other forms of targeted attacks, Proofpoint Targeted Attack Protection, deploys an array of advanced technologies including big data analysis techniques, URL interception, and malware sandboxing to provide unprecedented protection that follows messages and users wherever they go. Learn more about this exciting new cloud security solution here.


Blog Search

Email Security Gateways, 2012

Magic Quadrant


What people are saying right now about us.

©2012 Proofpoint, Inc.
threat protection: Proofpoint Enterprise Protection compliance: Proofpoint Enterprise Privacy governance: Proofpoint Enterprise Archive secure communication: Proofpoint Encryption