Proofpoint: Security, Compliance and the Cloud

In light of next week’s Legal Tech 2013 event in New York (stop by and see Proofpoint at booth 2607), we wanted to recap some of the really terrific insights from our recent web seminar on eDiscovery process efficiency.

In that webinar (see, "Improving eDiscovery Efficiency in a Cloud-based World"), our special guest speaker,  Jonathan Rudolph, attorney for medical device manufacturer C. R. Bard,  raised some very interesting points that might be useful for those heading to Legal Tech next week.

Jonathan was a key part of the team that selected and deployed Proofpoint Enterprise Archive at C. R. Bard and has a unique role in that he serves as both the eDiscovery manager within the IT organization, as well as an attorney within the legal department for this global manufacturer and marketer of medical products, based in New Jersey.

His role as IT-legal liason makes him uniquely qualified to discuss the challenges faced by organizations attempting to improve discovery processes, as well as offer best practices to get past common obstacles. Some of the key points he highlighted:

• eDiscovery remains a matter of perspective, with organizations struggling without a common vocabulary and shared priorities. This gap is made more challenging by the fact that it limits the ability to create a shared view of the problem, which then contributes to a set of common priorities across IT and legal teams. Judges, however, remain above the internal fray and bring unpredictable knowledge (and comfort) of how, when, and where technology and eDiscovery processes intersect.
• For some, today’s processes for identifying and collecting email for discovery can be like a rat maze. He notes that some archiving solutions even return different sets of search results for the same query at different times, leading to completely unpredictable (and clearly incomplete) discovery results. This type of problem not only consumes IT resources, but entails significant organizational risk and can result in multi-million dollar costs to have outside counsel filter through "junk" results.  There are no shortage of recent court rulings that highlight the potential impact (e.g., Samsung v. Apple, Hynix v. Rambus) and costs of "discovery gone wrong."
• Many organizations cannot “break the monkey machine”. In his remarks, Jonathan refers to unbending organizational processes as "the monkey machine." The monkey machine has always done things a specific way, and has embedded that into the company's organizational culture and fabric. To "break the monkey machine," Jonthan argues that it's imperative to involve both the legal and IT departments  from the outset, and that it's helpful to have an individual who can “speak both languages.” Further, it's critical to be able to quantify savings delivered by any technology-enabled eDiscovery process improvement.
• The goal of defensibility is a myth:  Defensibility as a goal often leads to reactivity – which provides a poor starting point and places the burden of persuasion with you, not your adversary. Companies are better served in moving toward a position of justifiability in order to better dictate the rules of the game.
• Security in the cloud is an internal obstacle – that can be overcome. It is inevitable that IT will continue to look for opportunities to cut costs by moving to the cloud. Legal teams - who are often reluctant to embrace cloud-based approaches to eDiscovery - can be persuaded by showing them the advantages of strong service level agreements (SLAs) and security features (such as Proofpoint’s DoubleBlind Key Architecture) which leave data access and control decisions in the hands of legal decision makers – not cloud service administrators.

Using Proofpoint Enterprise Archive, Jonathan and the team at C. R. Bard have already realized the benefits of automating critical, early-stage discovery tasks. After using the system for 4 large matters, he is happy to report that the solution delivers as advertised and has already proven its ability to provide cost reduction and enable greater process efficiency.

To hear all of Jonathan's insights, watch the replay of "Improving eDiscovery Efficiency in a Cloud-based World."

And if you're in NY for Legal Tech next week, please stop by and meet us at booth 2607!

In a press release issued today, Proofpoint announced its Winter 2013 release, which includes updates to our entire suite of cloud-based enterprise security and compliance solutions. One of the highlights of the latest release is a new cloud solution for securely transferring large or sensitive files, Proofpoint Secure Share.

Proofpoint Secure Share provides enhanced security and administrative control over traditional file transfer methods, existing on-premises solutions, and public cloud file sharing services. It leverages the advanced data loss prevention features of Proofpoint Enterprise Privacy to automatically enforce DLP rules such as blocking or encrypting sensitive content.

For a quick overview of the capabilities of Proofpoint Secure Share, including the end-user experience, administrative interface and data loss prevention features, check out this brief video demonstration:

In addition to the new secure file transfer capabilities, the Winter 2013 release includes enhancements across our cloud-based threat protection (Proofpoint Enterprise Protection, Proofpoint Targeted Attack Protection), archiving (Proofpoint Enterprise Archive), and governance (Proofpoint Enterprise Archive Content Collection option) solutions.

In our next live web seminar, File Sharing: Getting Data Control Without Frustrating Your Enterprise Users, we'll be taking a closer look at Proofpoint Secure Share and the issues involved in enabling business users to share large files in an easy, secure and compliant way.

New for December 2012, industry analyst firm Gartner has published its Magic Quadrant for Enterprise Information Archiving. This report provides a detailed overview of the Enterprise Information Archiving (EIA) market and evaluates he key vendors based on their completeness of vision and ability to execute.

In the new report, Proofpoint is one of only three vendors positioned as Leaders.

As usual, Proofpoint has licensed a reprint of the new EIA magic quadrant and you can read the full report, compliments of Proofpoint, at the following URL:

http://www.proofpoint.com/email-archiving-magic-quadrant

Writing in the 2012 Magic Quadrant for Enterprise Information Archiving, Gartner analysts Sheila Childs, Kenneth Chin, Debra Logan and Alan Dayley note that, "The EIA market is healthy and growing rapidly. EIA has emerged as a commonly used technology underpinning for higher-level use cases supporting information governance, e-discovery, historical preservation of data and application retirement."

In addition to a comparison of the various archiving vendors and their solutions, the report also highlights several key trends in the enterprise information archiving market, including:

Increasing adoption of cloud-based archiving: The analysts write, "Archiving as a service (aka cloud archiving) has rapidly surpassed on-premises archiving as the preferred deployment model for most organizations."

Growing importance of information governance as an important business driver: Gartner says, "Broader information governance concerns (regulatory compliance, business-focused retention and deletion of data, and managing aging data based on a clear understanding of its value) are beginning to surpass e-discovery as the primary driver for deploying EIA."

In-place management of legal holds is also highlighted as an important feature: Gartner says, "Another trend that is emerging as an offshoot of an organization's desire to better manage its archiving and e-discovery processes is in-place legal hold. This functionality offers the ability to identify data wherever it resides and either apply legal holds to the data without moving it to an archive or to move it to a temporary archive at that point."

There's a lot more terrific information about today's enterprise archiving market in this report. To read it now, follow the link above, or simply complete the mini form, below:

About the Magic Quadrant graphic:

This graphic was published by Gartner, Inc. as part of a larger research document and should be evaluated in the context of the entire document. The Gartner document is available upon request from Proofpoint, Inc. 

We had the chance recently to speak with Rob Franch, Senior Director for Unified Collaboration & Communications at Aon Corporation about his company's use of the Proofpoint Enterprise Archive cloud-based archiving solution. Aon Corporation is a Fortune 500 provider of risk, reinsurance and human resources services.

In this video case study, Rob discusses the business issues that led Aon to standardize on Proofpoint Enterprise Archive to email and other information produced by more than 60,000 employees across 120 countries worldwide. The deployment of Proofpoint was part of Aon's transition from Lotus Notes to hosted Microsoft Exchange and, in the process, Rob and his team greatly streamlined Aon's archiving infrastructure — replacing a variety of legacy systems including IBM Common Store and Symantec Enterprise Vault.

In addition to describing how Aon solved its archiving and eDiscovery challenges, Rob also discusses regulatory compliance, supervision, the partnership between Proofpoint and Microsoft, and his enterprise's ongoing relationship with Proofpoint.

My thanks, once again, to Rob for taking the time to share his story with us and to Aon Corporation for allowing us to share it with you!

In a sure sign that summer is over and that the holidays are nearly here, I am informed that registration is now open for the RSA Conference 2013.

As usual, Proofpoint will be exhibiting at the RSA Conference 2013, to be held February 25 thru March 1, 2013 at Moscone Center in San Francisco.

If you'd like to attend the RSA Conference 2013 expo (exhibits), you can get a free exhibits-only pass (which RSA calls an "Expo Pass") courtesy of Proofpoint by using code FXE13PRF when you register.

To register for your free RSA exhibits pass, please visit the following URL and enter code FXE13PRF during the registration process:

 https://ae.rsaconference.com/US13/portal/login.ww

We look forward to seeing you there! Proofpoint will be exhibiting at booth #739, demonstrating our entire suite of cloud-based data protection solutions, including threat management (email security), compliance (data loss prevention, email encryption), archiving & governance, and secure communications.

Our friends at content sharing leader Box issued a press release about ongoing efforts to improve enterprise adoption of its service by improving visibility and security for files stored in Box's cloud.

A significant part of that effort involves an integration partnership between Proofpoint and Box that extends Proofpoint's cloud-based data loss prevention (DLP) capabilities to content stored in Box. Using these new features, administrators will be able to ensure compliance with a wide variety of corporate policies, comply with data protection/privacy regulations and guard against the loss or exposure of confidential information.

As Proofpoint CEO Gary Steele explained to CIO Today, "We are delivering an advanced layer of security capabilities that enable enterprises to have a full view of what is happening with sensitive information across their organization."

Gary will be talking more about this partnership during a panel discussion at the upcoming Box customer conference, BoxWorks.

Today, Proofpoint announced a new option for Proofpoint Enterprise Archive that extends that cloud archiving solution's eDiscovery and legal hold capabilities beyond email, to the vast world of document files (see, "Proofpoint Announces First, Targeted, Content Collection Solution to Enable eDiscovery of Unmanaged, In-Place Documents").

The new Proofpoint Content Collection option for Proofpoint Enterprise Archive allows users to locate and collect content stored in a wide variety of repositories -- including desktop and mobile hard  drives, shared drives, removable drives and Microsoft SharePoint -- and then easily manage and enforce legal holds on that content, regardless of where it resides in the organization.

Proofpoint VP of product marketing, Kevin Epstein, put together this brief video demo that shows the new capabilities:

Quoted in today's news announcement, Proofpoint's EVP of product management, David Knight explained, "The new Content Collection option for Proofpoint Enterprise Archive reflects our broad, on-going commitment to the governance of all unstructured information. Operating in conjunction with Proofpoint Enterprise Governance, this tool eliminates the need for enterprises to create bloated archives based on 'store everything' policies, while at the same time ensuring that relevant material will always be available for ediscovery when needed. It's an approach that’s less costly and more efficient."

Learn more about the features and benefits of Proofpoint Content Collection at the following URL:

http://www.proofpoint.com/products/archive/content-collection-module.php

As you've probably already heard, Google is actively moving customers of its Postini email security and archiving solutions to Google Apps. This is essentially forcing organizations to replace Postini with either Google Apps or an alternative Postini replacement.

The options and implications can be confusing, so our VP of product marketing, Kevin Epstein, put together a great overview of what is happening with Postini, potential issues to be aware of when transitioning from Postini to Google Apps, and the types of benefits that enterprises could reap if they replaced Postini with an alternative email security solution.

Check it out here: 

There are several resources mentioned by Kevin in that video, and I've provided handy links to them, below:

• Gartner report: "Google Moves Postini Into Gmail, Reflecting Push Toward Consolidation":
  http://bit.ly/gartner-postini
• Proofpoint's "switch from Postini" resource page:
  http://www.proofpoint.com/postiniswitch
• Gartner report: "2012 Magic Quadrant for Secure Email Gateways": http://www.proofpoint.com/magicquadrant

"Ship it!"

It's been a busy week on the engineering side of things here in Proofpoint land as a new version of Proofpoint Enterprise Protection / Proofpoint Enterprise Privacy is now available, and the new Proofpoint Targeted Attack Protection solution has also become generally available.

New features in Enterprise Protection/Privacy version 7.1 include support for Proofpoint Targeted Attack Protection, a new MLX Reputation service, administrative interface enhancements including French and German versions, new Smart Identifiers (for Privacy), security enhancements and much more.

As always, the new version is free to current customers of Enterprise Protection or Enterprise Privacy. Current customers can initiate an upgrade by opening a new support call requesting an upgrade to version 7.1. More details on the new version can be found in this support note (your support login is required to view).

Our new cloud-based solution for spear phishing and other forms of targeted attacks, Proofpoint Targeted Attack Protection, deploys an array of advanced technologies including big data analysis techniques, URL interception, and malware sandboxing to provide unprecedented protection that follows messages and users wherever they go. Learn more about this exciting new cloud security solution here.

Proofpoint is hiring! If you're searching for the next defining step in your career, come and see us at the Tech Career Expo in San Francisco.

The Tech Career Expo and Developer Jam is taking place today and tomorrow June 28 and 29 at the Moscone Center in San Francisco. The expo is being held concurrently with Google’s sold out developer conference, Google I/O, which is also taking place in the Moscone Center. As an added perk, keynotes and key sessions from Google I/O will be live streamed into the developer theater for Tech Career Expo attendees to view.

The most exciting part of the event (other than talking with awesome Proofpoint recruiters!) is that anyone can attend the Tech Career Expo free of charge.

Don’t miss out on the opportunity to network with Proofpoint professionals who are hiring in all areas of technology. We're seeking the best and the brightest for positions in engineering, operations, big data (Hadoop, Mapreduce, Hive, etc.), quality assurance, software R&D,  marketing and sales.

If you will be attending the Expo or Google I/O, make a point to stop by Proofpoint's Tech Career Expo booth (#512) to learn about all of our incredible employment opportunities.

For those who cannot make the event but are interested in a career with Proofpoint, check out the Proofpoint careers page for information on available positions.