Clearswift Secure ICAP Gateway

An adaptive approach to securing your critical information

No company is immune to data leakage. Sharing sensitive information with partners, suppliers and customers is essential to any modern business. So it’s vital to prevent data leaks and keep your business protected.

BlueFinch-ESBD
BlueFinch-ESBD

What is the Clearswift solution ?

Clearswift is a cybersecurity tool offering data and transfer protection features. The solution provides a single layer of real-time inspection to detect and remediate threats. 

All Clearswift modules are based on a deep content inspection engine that detects, analyses, and changes content in real time. Unique redaction and sanitization features remove only those elements that could cause an unwanted data breach or disruptive cyberattack, keeping communications smooth and risk-free. 

Many of BlueFinch-ESBD’s customers have paired the GoAnywhere MFT and Clearswift products together to improve their cybersecurity program. The solutions integrate seamlessly for a flexible, frictionless way to share critical and sensitive information. 

BlueFinch-ESBD

CONTENT INSPECTION

In-depth content inspection goes beyond what is traditionally offered in the market. It is not limited by zip/encryption, file size, scan times, virtual environment evasion techniques, or multiple layers of embedded documents. Deep content inspection identifies sensitive data when gateways filter information.

BlueFinch-ESBD

ADVANCED THREAT PROTECTION

Automatically detect and remove active content in the form of executables, scripts or macros triggered by embedded malware, used to extract or capture sensitive data. DLP Threat Protection sanitizes on delivery because only malicious active content is removed, allowing file transfer to continue unhindered.

BlueFinch-ESBD

ICAP PROTOCOL

The Clearswift Secure ICAP Gateway balances security, protection of critical information, and the need for daily collaboration. Organisations have the opportunity to apply deep content inspection, adaptive data loss prevention, and advanced threat protection technologies to align information flow with information governance policies of the organisation, reducing risks and supporting compliance requirements.

BlueFinch-ESBD

SANITIZATION OF DOCUMENTS

Today's documents contain more information than what is visible, such as hidden metadata, document properties, owner name, keywords, version history, registered printers, etc. This metadata can be automatically cleared to prevent accidental data leaks.

BlueFinch-ESBD

ADAPTIVE WRITING

This technology allows content to be modified in real time as it is analysed, ensuring that the information exchanged complies with the organisation's security policies. Metadata, revision history, properties, and other hidden and uncontrolled information, such as executables, images, documents, and other structural information can be transparently removed to protect your critical information.

BlueFinch-ESBD

FLEXIBLE INTEGRATION

If your infrastructure has a proxy gateway that supports ICAP, such as Zscaler, F5, Bluecoat or a file transfer solution, the full power of Clearswift's technology can be integrated very easily to increase the security of the existing infrastructure without change for the end user. You can run the solution in AWS or Azure, virtualized in a VMware environment, or as a software image loaded on a choice of hardware platforms. This gives you the flexibility to adapt to your organisation's IT strategy.

Deploy Secure ICAP Gateway

Some DLP tools are complex to manage and deploy. The Secure ICAP Gateway manages operational issues with advanced, bi-directional features that limit unauthorised data sharing, while minimizing false positives that can slow business productivity. Connecting to external data sources and lexical phrase qualifiers allow Secure ICAP Gateway to accurately identify real data loss opportunities before a breach occurs. 

Flexible and granular policies allow different workflows to be triggered depending on the violation. Content can be dynamically edited in real time, enabling seamless, compliant collaboration. Built-in compliance dictionaries help simplify policy definition and maintain compliance. 

The Secure ICAP Gateway operates in both forward proxy and reverse proxy mode, providing comprehensive protection for inbound and outbound activities. 

BlueFinch-ESBD secure icap gateway
BlueFinch-ESBD

Clearswift and optical character recognition

Optical character recognition (OCR) is the process of detecting and extracting text from an image file, an image embedded in an electronic document, or a scanned document. Clearswift has this feature as an option. 

The OCR process examines the text image and creates computer-readable text by scanning the pixels that together form an image of the text. So, when the OCR engine scans the pixels, it constructs what it believes to be a letter. This text is then correlated with the corresponding letter through a series of patterns and alphabetical matches. 

The letters are then combined considering spaces, punctuation, and line endings. The words are compared to language dictionaries to detect suitable words. The extracted text is then processed by Clearswift’s Deep Content Inspection (DCI) and policy engine to determine whether the image contains sensitive information that will subsequently be blocked. 

Optical character recognition also allows text to be redacted from images, removing only information that violates policy, by drawing a black box over the words. Clearswift will detect the image, analyse it, and redact any sensitive information, allowing the “safe” file to continue to be sent to the recipient, even if the image has been embedded in a Word document or Zip file. 

MFT & DLP

Share critical information inside and outside your company with an unprecedented level of control and security. Discover the first integrated solution for advanced threat protection and adaptive data loss prevention for Managed File Transfer (MFT). Its unique layer of automated data redaction and sanitization ensures that shared information is accessible only to authorized parties, and is safe from malicious threats.

ICAP and MFT correlation

This integration between ICAP and MFT starts through workflows and triggers defined according to your business needs and replaces sensitive text with asterisks and detects/erases text (even in images) so that activities can continue, without the incriminated content. This integration of data security also helps ensure compliance with sector regulations. 

This combination of file transfers and advanced threat protection provides end-to-end security and monitoring, with content inspection and redaction occurring in file transfers through ICAP before the files are even sent or received via MFT. 

Together, these solutions provide an elevated level of security through secure transfers and in-depth inspection of attachments to remove any threats or detection of sensitive data. 

Step 1

The MFT solution securely transfers attachments between different contacts internal or external to the company. 

Step 2

DLP's ICAP gateway intercepts content when data protection and threat protection requirements are requested. The gateway then runs sets of rules like keyword search, renaming, script deletion, etc. 

Step 3

If the content can be cleaned, transmission is allowed and continues. If the content cannot be cleaned, transmission is blocked. 

Use cases between MFT and DLP

In summary, combining MFT with DLP creates a more holistic approach to managing file transfers, integrating security into every step of the process. This helps reduce the risks associated with loss of sensitive data while easing the secure sharing of information within the organisation. 

The company already uses MFT to securely transfer its documents between its employees and partners. The company decides to add deep content inspection to its file transfers by integrating the Secure ICAP gateway into its MFT solution. By adding this structural sanitation and an antivirus for better security, these two solutions allow: 

  • Intercept the content according to internal protection requirements. 
  • To execute its own appropriate rules. 
  • To control whether the content is authorised or blocked. 

A credit card company needs to know when employees and customers download records. 

The company should also be able to count records and keep an audit log of what data is shared and with whom, so records can be correlated from one. The company responded to this need by integrating a secure ICAP gateway into its MFT solution. Thanks to this combination of solutions, it can trigger different actions depending on the number of records detected for its audit, such as a reference to the sender, redaction or blocking. 

Government agencies must regularly accept file download requests from partners or citizens. 

However, this type of action is often exploited to spread viruses and malware. This is why these organisations must implement threat protection that is just as secure as that implemented for MFT file transfers. 

Thanks to the Secure ICAP gateway, these state agencies gained an added layer of security in their file transfers. Now all files can be scanned before being transmitted. If infected, the content is then destroyed or redacted. 

How can BlueFinch-ESBD help you with your IT research?

Download the Clearswift ICAP Gateway brochure to find out more.

You can also make an appointment with us at any time for further information.