PROOFPOINT SOLUTIONS FOR FINANCIAL
SERVICES

Protect employees from email and social-media borne cyberthreats. Financial institutions face unique challenges in protecting employees from email and social-media borne cyberthreats. Users are diverse, ranging from researchers to traders, analysts to investors, each with different usage patterns and access needs. This diversity increases the opportunities for malicious actors to compromise users. Proofpoint security solutions for financial institutions keeps malware, spam, and targeted attacks such as phishing out of your users’ mailboxes and social media accounts, and transparently protect users no matter where they access those accounts–from within or outside the institution’s walls, on desktop, laptop, or mobile devices.

As evaluated by Gartner, Proofpoint provides the best threat protection available today against external malicious threats. Our security solutions for financial institutions communications channels keep malware, spam, viruses, and targeted attacks such as phishing out of users' mailboxes and social media accounts.

Proofpoint Protection Key Benefits:

Proofpoint MLX Deep Content Analysis
Keep safe with accurate threat classification of phish, spam, malware, and other forms of objectionable or dangerous content.

Targeted Attack Protection
Continue to monitor and protect against URLs embedded in emails, which may “go bad” at any time

Multilayered Virus Protection
Benefit from signature-based, anti-virus, and behavior-based zero-hour protection.

Dynamic Reputation Service
Leverage Global IP and URL reputation.

Granular, Flexible Policy Management
Experience total control and flexibility regarding your email security preferences, policies, enabled services, end user controls, alerts and reporting.

Tools for Response
Have readily available tools on hand, in case you need to react to a direct attack.

Protect your employees against all forms of cyberattacks, including modern targeted attacks such as spear phishing and credential attacks as well as traditional threats such as spam and viruses. Stop advanced threats that are capable of evading even the most sophisticated signature and reputation-based defenses before they can give attackers and cybercriminals a foothold in your network.

Proofpoint provides the industry’s leading Secure Email Gateway to block known threats–and Proofpoint Targeted Attack Protection™ is designed to identify suspicious email messages containing malicious URLs or malicious email attachments before their payloads can be delivered. Proofpoint provides an integrated defense against advanced email-borne threats that complements your existing Proofpoint cloud-based or on-premise email gateways.

Provide email encryption that’s transparent to your end users, but backed by a strong policy engine that ensures all sensitive data is protected before it leaves the organization. Proofpoint Encryption also makes sure that all encrypted messages are branded to your company’s requirements.

Recipients of Proofpoint encrypted emails follow extremely simple steps to authenticate and access their messages. No pre-registration or exchange of encryption keys is required to use Proofpoint Encryption; ad-hoc email encryption is fully supported.

Ensure sensitive information—from research results to firm records—is protected from unauthorized or accidental transmission.

Proofpoint’s solution can detect sensitive data within a file—even if the file format has been changed. For example, with Proofpoint solutions you can detect a simple paragraph from a Microsoft Word document that had been copied into the body of an email, distributed file, or social media post. Proofpoint can then route the offending communication to IT, HR, or elsewhere appropriately.

Prevent confidential information exposure and enable compliance with global data protection regulations and internal policy.

Enable compliance with U.S., international, and industry-specific data protection regulations, such as the Gramm-Leach-Bliley Act ("GLBA") requirements under the Financial Privacy Rule, Canada's Personal Information Protection and Electronic Documents Act ("PIPEDA") and the Payment Card Industry Security Standard Council's Data Security Standards ("PCI-DSS"), among others.

Key benefits of Proofpoint Enterprise Privacy include:

Simplified Regulatory Compliance
Ensure your outbound messages comply with national and state government and industry-specific privacy regulations.

Superior Malicious and Accidental Data Loss Protection
Protect against the loss of sensitive data—whether from a cybercriminal attempting to exfiltrate valuable data from a compromised system, or from an employee accidentally distributing a file to the wrong party through email, webmail, social media, file sharing, or other Internet-based mechanisms for publishing content.

Easy-to-use Secure Communication
Share sensitive data easily without compromising security and privacy, and enable authorized external recipients to decrypt and read the communications from any device.

Identify regulated private content, valuable corporate assets, and confidential information before they leave the organization by way of either email, web-based applications, or our Secure Share solution. Pre-packaged smart identifiers and dictionaries will automatically and accurately detect a wide range of regulated content such as social security numbers, health records, credit card numbers, and driver's license numbers.

In addition to regulated content, our machine-learning technology can identify confidential, organization-specific content and assets. Once identified and classified, sensitive data can be blocked, encrypted, and transmitted or re-routed internally, based on content and identity-aware policies.

Broker-Dealer and Investment Advisory firms can manage information inclusively, securely, and in accordance with retention and supervisory review policies required for compliance with FINRA, SEC, FCA, IIROC and other regulatory mandates around the world.

Manage information inclusively, securely, and in accordance with retention and supervisory review policies required for compliance with FINRA, SEC, FCA, IIROC and other regulatory mandates around the world.

Flexible Supervisory Workflow
Support a variety of review workflows, including review by central teams, department managers, specific policy violation experts, as well as review that passes through multi-tiered escalation.

Review of All Content Types
Conduct review against archived email, social media, instant messages, and Bloomberg content rules, according to defined policies in response to FINRA/IIROC/FCA regulations.

Rich Policy Definition
Define an unlimited number of acceptable use policies, along with the rules used to automatically detect violations of that policy. These rules can consider message sender, the content in the message (including any attachments), date ranges and whether the communication was internal or external.

CA Data Protection Archive Integration
If you are currently utilizing CA Data Protection for email surveillance and document classification, you can consolidate the long-term retention of their data for supervisory review, record retention and legal discovery—in accordance with rules, such as SEC 17a-4. Message data no longer needs to be preserved in both the CA Data Protection repository and a separate archive, potentially doubling the storage footprint and increasing TCO. Through this integration, messages are unified in our Enterprise Archive for long-term retention, where they remain directly accessible and can be supervised from within the CA Data Protection user interface.

Robust Reporting
Real-time review, queue status, and reporting that highlights the effectiveness of the supervision process. Our robust reporting features, combined with advanced search capability, enable a quick and comprehensive regulatory response.

Meet obligations and improve Discovery across multiple divisions and geographies. Employ our single-platform archiving solution for automated capture of internal and external communications—with uncompromised data security and privacy via patented DoubleBlindTM Key Architecture. Track millions of documents wherever they go and find information in seconds. Meet legal and compliance requirements, and proactively manage and control unstructured data. We provide easy discovery and end-user information access while helping you meet rigorous regulatory requirements.

Key benefits of Proofpoint Enterprise Archive include:

Industry-leading Security and Privacy
Encrypt all email messages, files and other content with keys you control through our patented DoubleBlindTM technology. This ensures that no one can access a readable form of your data without your authorized access to the encryption keys stored behind your firewall.

Fully SEC Compliant Storage
Get a secure, tamper-proof SEC email compliance storage infrastructure comprised of geographically distributed data centers, which ensures that information is available in the event of service disruption to either location. Proofpoint Enterprise Archive meets all conditions set forth in SEC Rule 17a-4 paragraph f (2) (ii).

eDiscovery and Investigative Readiness
Address all early tasks associated with collecting, filtering, preserving, and exporting information for eDiscovery and investigative purposes. Our fully automated processes enable greater process defensibility, while powerful search capabilities ensure information is filtered to reduce significantly downstream legal review cost.

Use our policy-based controls to capture social content so that it can be managed as any other critical information asset in accordance with FINRA, SEC, and FFIEC social media requirements.

Capture all social conversational content in real-time—even if a user deletes that content—ensuring that you remain compliant with specific financial regulatory obligations.

Key benefits of Proofpoint Social Platform for Archiving include:

Channel-specific Modules
Use channel-specific modules that leverage existing APIs to capture content directly from the source.

Flexible Capture
Capture social content (along with associated links or attachments) for all or a subset of users to address specific requirements for specific users who must be monitored and supervised for regulatory compliance. Subsequent posts can also be captured to maintain communication threads.

Location-Aware Capture
Use APIs to capture data from original social media sources allows content to be captured regardless of where users post (e.g., web browser, iPhone, iPad, Blackberry, Android, etc.).

Advanced Compliance Capabilities
Automate and streamline critical compliance tasks. These include mapping to user-specific journaling destinations, conditionally capturing content for users, indicating record followers, and custom email tags.

Policy-based Retention
Securely store all social content in your existing information archive, thereby adhering to your corporate electronic communications retention policy.

Single Pane of Glass with Enterprise Archive
Search, discover, supervise, and report on social content alongside email and IM content.

Support for Existing Archives
Deliver social content to your existing archive, enabling you to leverage existing supervisory tools without complex archive migration. Seamlessly integrate social media content into solutions, including Symantec Enterprise Vault, EMC, Bloomberg Archiver, HP/Autonomy, Smarsh, Global Relay, and others.