The effortless data loss

prevention and insider threat

protection

Easy on users and infrastructure

Tough on insider threats and data loss
Actively supporting regulatory compliance

Version: 2021-10-01 www.safetica.com

Securing your
data while increasing
operational efficiency
Safetica ONE is the only mature data security solution
designed for scalability and needs of SMB and
enterprises. Get your valuable data under control with
great time to value. Go beyond data loss prevention
with holistic behavior analysis to detect insider
threats even earlier and respond even before they
turn into incidents. Leverage insights into company
workspace, digital assets, and operations to optimize
costs.

People and data are the fuel for modern The average cost of a data breach is
companies. When sensitive $3.86 million.*
data is lost or stolen, a company’s
reputation, competitive 60% of small companies go out of
advantage, and profitability all suffer. business within 6 months of a major
data breach.**

*2020 Cost of Data Breach Report, Ponemon Institute; ** National Cyber Security Alliance, October 2012

Every organization can secure its data

Internal security has never been easier. We help you protect your data, guide your people and
support business compliance. Safetica ONE prevents data breaches and makes data protection
regulations easy to comply with by securing your business from human error or malicious behavior.

Expert data security Short time-to-value Seamless integration

We cover all areas of internal Security should never come at Only a seamlessly integrated
data risk and protect valuable the expense of productivity. security solution can work
data against human error and Safetica ONE doesn’t create efficiently. Together with our
malicious intent. extra hassle for employees or technology partners, we
the IT department. Its time-to- protect data on all devices, all
value is unbeatable. major operating systems, and
in the cloud.

www.safetica.com
© Copyright All rights reserved, 2021
Key Data Security scenarios
Data flow discovery and risk detection Data protection & employee guidance
Safetica audits and records any attempt to Anyone can make a mistake which could put
intentionally or unintentionally leak the data, no your business at risk. With Safetica ONE, you
matter where the sensitive information is stored, can analyze insider risks, detect threats, and
or who has accessed it. Safetica's risk analysis mitigate them swiftly. Notifications about how to
helps you detect and investigate how your data treat sensitive data can help raise awareness
could be leaked or stolen. around data security and educate employees.

Regulatory compliance Workspace & behavior analysis

Safetica ONE helps you detect and prevent Workspace and user behavior analysis provides
regulatory violations and investigate incidents to an extra level of detail to detect internal risks.
comply with regulations and data protection Also, by understanding how your employees
standards like GDPR, HIPAA, SOX, PCI-DSS, work, print, and use expensive hardware and
GLBA, ISO/IEC 27001, or CCPA. software licenses, you can optimize your costs
and increase operational efficiency.

Safetica ONE protects

your
• personal data Product tiers
• strategic company
documents

• customer databases

• payment-related data,
Safetica ONE Safetica ONE Safetica ONE
such as credit card
Discovery Protection Enterprise
numbers

• intellectual-property –
Safetica UEBA
modules
Optional

industrial designs, trade

secrets, and know-how

• contracts Safetica Mobile

www.safetica.com
© Copyright All rights reserved, 2021
Reference Architecture
3rd party 3rd party
Integrations classification

Polices

Alerts

Detect
Notify
Safetica Management Console & Server Company devices with Safetica Justify
Block

The physical or virtual server runs a All actions are recorded and security Sensitive data is protected throughout
database with endpoint activity and policies are applied on desktops, all channels.
security records. The Safetica laptops and other remote or even
Management Console enables admins offline mobile devices (smartphones
to manage security policies and display MDM only) with a Safetica Client.
the collected information.

Data channels covered

Safetica keeps data protected across a multitude of channels and platforms, ensuring your data is
secure wherever it resides or flows.

File sharing and social media Email Internet

Send WeTransfer Twitter Facebook Webmail | POP3 / HTTP FTP P2P

Anywhere IMAP | SMTP HTTPS FTPS

Cloud Removable
storage

OneDrive | Dropbox USB | Memory cards

Google Drive External drives |
Box | SharePoint Optical discs

Microsoft 365 Media

Exchange Online CD, DVD, Printers

SharePoint Online Blu-ray

Instant messaging Connections Operations

Teams Skype Slack Bluetooth Firewire Copy and Paste Screen capture
Drag and Drop

www.safetica.com
© Copyright All rights reserved, 2021
Discovery Key
Benefits
Safetica ONE Discovery audits and classifies all
data flows in your organization. It identifies
sensitive information and security risks using
content inspection with optical character
recognition (OCR). Get a quick overview of what
is happening in your workspace in real time.
Better understand all internal activities,
processes and data risks to enhance your data
security and internal efficiency.

Get insight into data security incidents Audit and classify your sensitive data Get instant notifications and actionable
and regulatory compliance violations to flows in any channel or activity to find management reports with easy-to-read
be able to respond and mitigate their out where your data is at risk of loss or risk level evaluation and incident
impacts theft overview

Discover and remove unwanted or Easy-to-deploy solution with one-click Objectively analyze user activities in
unnecessary software, cloud services, integration with Microsoft 365 respects your environment and determine if
or hardware/peripherals established processes and provides company equipment and network are
first reports within days used properly

Key highlights
Identify how company data is used and where it
is stored and sent, no matter where it resides or
flows.

Windows and macOS support

One-click integration with Microsoft 365

File content inspection and classification

Easy to upgrade to the full-featured data

security platform Safetica Management Console for Safetica ONE Discovery
provides deep insights into all recorded file operations with
Runs on bare metal or virtualized on-prem, different views for easy interpretation.
hosted, VM hosted in cloud

www.safetica.com
© Copyright All rights reserved, 2021
Protection Key
Benefits
Safetica ONE Protection identifies risks,
educates your employees, and prevents
people's mistakes and malicious acts to protect
your data. Combination of data analytics, data
classification, and data loss prevention (DLP)
with insider threat protection creates a secure
environment while maintaining efficient business
operations.

Have full control over Get regular security reports Use Safetica Zones for Create Shadow Copy of
sensitive data flows and and real-time incident simplified high-level data leaking data to keep forensic
internal risks based on notifications security evidence for further
behavior analysis & content investigation
inspection

Set clear policies for all users and data channels Empower employees to work with sensitive data
Set up security policies for specific groups or individuals. Display educational notifications to employees when there’s a
Select the desired workflow with configurable actions from risk of policy violation to let them know or decide. Enforce
silent auditing, through user notifications to strict blocking. specific processes to protect the most valuable data.

Detect potential threats and analyze internal risks Get all devices under control, online and offline
Respond to threats even before a major incident happens Restrict the use of portable peripherals or unauthorized
thanks to early discovery of behavior anomalies and data media. Control corporate mobile devices and keep track of
flow risks in your organization. Safetica ONE uses advanced data that leaves Microsoft 365. Safetica remains fully active
content classification and OCR for sensitive data detection in regardless of network connection. All collected records are
image files and scanned PDF documents. synchronized when connection is restored.

Key highlights
Based on content inspection, internal risk
analysis, and clear policies set up for all data
channels, Safetica ONE Protection can
recognize when somebody makes a mistake or
takes chances with your sensitive data.
Depending on which mode Safetica ONE is
operating in, it can either block the risky activity,
notify the admin, or remind the employee about
the organization’s security guidelines. Safetica Management Console enables detailed but easy
configuration of DLP policies, data categories, or reports.

www.safetica.com
© Copyright All rights reserved, 2021
Enterprise Key
Benefits
Safetica ONE Enterprise extends data loss
prevention and insider threat protection by
additional workflow control, automation, and
seamless integration with 3rd party network
security solutions, SIEMs, and data analytics
tools. Built your enterprise IT security stack with
ease.

Automated third-party Policies for workflow control Support for Active Directory Custom branding of user
integration and features for on company endpoints in multi-domain security notifications on
advanced use cases. environments endpoints

Seamless integrations Powerful workflow control

Automation of security policies and integration with Set of control features enables you to define how
your IT stack help you protect your assets even in users are allowed to work, regardless of the data
complex environments. involved.

Native integration with Microsoft 365 or Fortinet With workflow control, you can enforce a specific
network appliances provides extended control over secure process and block all other ways of
unknown devices and creates a robust endpoint-to- performing an action.
network security solution.
Workflow control includes application DLP policies to
All audited incidents and logs can be automatically manage behavior of various types of applications like
sent to SIEM solutions e.g., Splunk, IBM QRadar, CRM or IM and DLP policy rules with custom
LogRhythm, or ArcSight for further investigation. configurations applied to different networks, local
REST API provides collected data to tools like Power paths, or exclusive access for privileged users.
BI or Tableau for advanced analysis.

Key highlights
Windows and macOS support
One-click integration with Microsoft 365 Data Analytics Tool

Fortinet network appliances integration

API integration with Power BI or Tableau
Immediate notifications delivered to your inbox
File content inspection with pre-defined
templates SIEM Safetica Network Security
Management Appliance
Content classification based on various Server

approaches

www.safetica.com
© Copyright All rights reserved, 2021
UEBA Module
Key Benefits
Knowledge is the first and most important step
in understanding your company’s workflow,
employees’ work habits and productivity. Enrich
any Safetica ONE product with User and Entity
Behavior Analytics module to see user activities
in detail and uncover their behavior anomalies.
Ensure smooth business operations, even when
working remotely.

Recognize undesirable user activities Get deeper insights in email Track changes in user behavior
with work activity audit and automated communication with overview and visualization of
labelling and categorization of apps with records of all incoming and trends and changes in user behavior in
used and websites visited by specific outgoing emails with respect to your network over time
users employee's privacy

Audit resource usage Get comprehensive reports and real- Audit job searches
to get precise overview whether time alerts to identify job portals visited by
purchased hardware and software about individual user activities, even specific users, who might pose a future
licenses are distributed and used when working remote, such as via data security risk
efficiently remote desktop etc.

Identification of anomalies root causes

Dig deeper and pinpoint troublesome elements in your environment to address security or business
efficiency concerns. Objectively analyze work-related activities of individual employees with
detailed information. Find out if anyone visits dangerous websites or uses undesirable applications.

Work transparency even on remote

Let top management and department leaders
see how their individual reports work. Stay on
top of things even when your employees work
from home or on the go. Prevent security risks
and manage employee's efficiency by identifying
idle workers, job search , and suspicious
behavior patterns.

WebSafetica provides easy-to-understand overview of all

possible threats. Get important statistics on the dashboard,
set up custom record views and reports.
www.safetica.com
© Copyright All rights reserved, 2021
Mobile Module
Key Benefits
Safetica Mobile is a light-weight Mobile Device
Management (MDM) tool that increases data
security on smartphones and tablets to make
them a trusted part of your IT environment. Get
an overview of mobile device status to identify
security risks and be able to respond quickly. All
from single pane of glass.

Data protection on mobile devices Overview of user and device status Centralized remote management
Separate work-related apps and data Monitor device security and Use enhanced app management to
into a protected workspace, identify connectivity, track and find lost control app settings and behavior, set
harmful apps on particular devices, and devices with remote localization. security policies for device groups and
remotely block or wipe lost or stolen automatically configure and manage
devices. them from a single place.

Secure and manage all mobile devices Audit incoming files on Android
Check all company devices and discover security Get an overview of where your data is stored also on
risks in a single glance. Set up device policies and corporate mobile devices (available for Android 6-10).
even Wi-Fi accounts remotely. Utilize Android EMM Using Safetica Mobile with WebSafetica, you can spot
and iOS Managed Apps to create a separate security incidents in single pane of glass, whether
workspace on company devices and use them for they happen on your phone, computer, or in the
remote work and private purposes. Microsoft 365 cloud.

Anti-theft protection
Loss of company mobile devices and employee
fluctuation are common issues that may your sensitive
data at risk. Safetica Mobile can find corporate mobile
devices and remotely wipe them if unreachable. This
helps you to secure your infrastructure and keep
critical data as your property.

Key highlights System requirements

MDM and security: secured workspace, device • Android:
policies, app management with remote config, min. Android 6+ and Google Play Services
security status
• iOS:
Anti-theft protection: localization, password min. iOS 10+
strength, remote lock, remote data wiping

www.safetica.com
© Copyright All rights reserved, 2021
Detailed Features List I
Safetica
Compatible with Safetica ONE Safetica ONE
ONE
Windows, macOS, Microsoft 365, Android, iOS Discovery Protection
Enterprise

Security Audit ✓ ✓ ✓
Data-flow security audit
Security audit of data-flow in all channels, including
external devices, web upload, email, instant messaging, ✓ ✓ ✓
print, and cloud drives.

Office 365 file and email audit

Audit of file operations and outgoing email communication
in Office 365.
✓ ✓ ✓
Regulatory compliance audit
Discover violations of most common regulations, such as
PCI-DSS, GDPR, or HIPAA in all regional variations.
✓ ✓ ✓
Workspace security audit
Audit usage of company devices, applications, networks,
and print. Discover unused or misused resources to ✓ ✓ ✓
maintain workspace, ensure retention, and reduce costs.

Content inspection
Classify sensitive files and emails by powerful content
inspection with predefined templates or custom rules and ✓ ✓ ✓
dictionaries.

Detection of suspicious activities

React fast thanks to real-time detection of suspicious
activities and immediate email alerts.
✓ ✓ ✓
Endpoint Data Protection × ✓ ✓
Email and network protection
Data protection for email, web upload, instant messaging,
and network shares.
× ✓ ✓
Devices and print protection
Manage data-flow to external devices and protect
sensitive data against forbidden printing on local, network, × ✓ ✓
or virtual printers.

Remote work protection

Avoid data leaks on remote endpoints or remote desktop
connections. Support a wide range of remote access × ✓ ✓
solutions.

Advanced data classification

Use advanced technologies to detect and label sensitive
data based on origin, workflow context, or file type. Take
advantage of metadata detection to use 3rd party
× ✓ ✓
classifications. Allow users to classify files themselves.

Different remediation policies

React flexibly to detected incidents to empower and
educate your employees. Incidents can be logged, × ✓ ✓
blocked, or justified/blocked with override.

Incident Shadow Copy

Keep forensic evidence for incidents by creating shadow
copies of leaking data. Shadow copies are fully encrypted × ✓ ✓
and can be kept on local computers with a retention policy.

www.safetica.com
© Copyright All rights reserved, 2021
Detailed Features List II
Safetica
Compatible with Safetica ONE Safetica ONE
ONE
Windows, macOS, Microsoft 365, Android, iOS Discovery Protection
Enterprise

Endpoint Data Protection × ✓ ✓

Workspace control
Define your secured workspace and reduce perimeter by
application and website control. Avoid undesirable behavior in your × ✓ ✓
company and reduce the cost of security management.

Safetica Zones
Easy management of safe data perimeter with unique Safetica
Zones, which significantly reduce the number of data protection × ✓ ✓
policies.

BitLocker encryption management

Centralized management of local drives and external devices with
BitLocker encryption.
× ✓ ✓
Cloud Data Protection × ✓ ✓
Endpoint cloud sync protection
Data protection for cloud drives on endpoints, e.g., OneDrive,
Google Drive, Dropbox, Box, etc.
× ✓ ✓
Endpoint Microsoft 365 protection
Data protection for Microsoft 365 and SharePoint from endpoints.
Prevent sharing or uploading data you want to keep away from the × ✓ ✓
cloud.

Azure Information Protection

Detection of data classifications from Microsoft Azure Information
Protection, even in encrypted form.
× ✓ ✓
Exchange Online Protection
Unify email policies across endpoints and cloud email. Manage and
filter outgoing data from endpoints and Exchange Online.
× ✓ ✓
Enterprise Features × × ✓
Notifications branding
End-user notification custom branding (logo). × × ✓
Workflow control
Application policies and expert policy settings for aligning endpoint
workflow with company processes.
× × ✓
Multi-domain support
Multiple domain enterprise support for Active Directory. × × ✓
Security Automation × × ✓
SIEM integration
Automated reporting of incidents to SIEM solutions (Splunk,
QRadar, LogRhythm, ArcSight, etc.).
× × ✓
FortiGate integration
Automated security integration with FortiGate network appliances
to create a robust endpoint-to-network security solution.
× × ✓
Reporting API
API for reporting Safetica data to analytics and visualization
services.
× × ✓

www.safetica.com
© Copyright All rights reserved, 2021
Tech Specs and Requirements
Server macOS Client
• 2.4 GHz quad-core processor • 2.4 GHz quad-core processor, 2 GB RAM and
more
• 8 GB RAM and more
• 10 GB of available disk space
• 100 GB of available disk space
• macOS 10.10 and higher (for full DLP feature
• A shared or dedicated server, support of
set recommend 10.15 and higher).
virtual machines and cloud hosting

• Requires connection to server with MS SQL

2012 and higher or Azure SQL Mobile Client
• MS Windows Server 2012 and higher • Android: min. Android 6+ and Google Play
Services

• iOS: min. iOS 10+

Database
• MS SQL Server 2012 and higher, or MS SQL
Express 2016 and higher, or Azure SQL. Supported Cloud Providers
• MS SQL Express is part of a universal • Microsoft Azure, Microsoft 365
installer and recommended for up to 200
protected endpoints.
Selected Certifications
• 200 GB of available disk space (optimally
• ISO 9001 & ISO/IEC 27001
500 GB or more, depending on the range of
collected data). • Member of Cybersecurity Tech Accord

• A shared or dedicated server, support of • Microsoft Gold Partner

virtual machines and cloud hosting. It can • Member of ESET Technology Alliance
be hosted with Safetica server together.
• Member of the Fortinet Technology Alliance

Windows Client
• 2.4 GHz dual-core processor, 2 GB RAM and
more

• 10 GB of available disk space

• MS Windows 7, 8.1, 10 (32-bit [x86] or 64-bit

[x64])

• MSI installation package

• .NET 4.7.2 and higher

www.safetica.com
© Copyright All rights reserved, 2021
 400 000
+
who
we are
protected devices

+
120
countries Safetica is a Czech software company that
provides Data Loss Prevention and Insider
+ Threat Protection solutions to organizations of
80 all shapes and sizes. Here at Safetica, we
security experts believe everyone deserves to know that their
data is safe.

Technology alliances

Awards & achievements

Excellent
@safetica
Data Protection
Made Easy

Try Safetica demo now!

www.safetica.com/try-safetica
www.safetica.com
© Copyright All rights reserved, 2021