March 2014 – (Case Study) A Government dept implements CurtainTM e-locker to prevent data leakage

Introduction

The client is one of the Hong Kong Government departments. Currently, they share files to department users by using share folders and a Lotus Notes Bulletin Board database.

The Challenges

Users are using share folders and a Lotus Notes Bulletin Board database to share information within the department. Since the folder structure is well defined and categorized, users can locate information easily. All the folders are controlled by Windows permission. Only authorized users can read or edit the files.

However, when users have rights to access the information, existing system cannot stop users leaking information to the public (no matter intentionally or unintentionally). Therefore, they looked for solutions to prevent data leakage even when users have permission to access those files.

The Solution

Implement Curtain e-locker to protect some Windows share folders and the Lotus Notes Bulletin Board database

Screenshots of the Lotus Notes Bulletin Board database (with Curtain e-locker’s protection)

(1) Lotus Notes Client

Two types of Topic (Controlled Topic and Public Topic).

  • Controlled topic is protected by e-locker
  • Public topic is not protected by e-locker

discussnotes1

(click on image to enlarge)

 

Authorized users can add / remove / read attachment

discussnotes2

When users read / edit attachment stored in Controlled topic, files are protected by e-locker.

discussnotes3

 

(2) Web Interface

Controlled Topic and Public Topic in Lotus Bulletin Board

discussweb

In Controlled topic, authorized users can add / read attachment under Curtain e-locker’s protection.

discussweb2

 

Environment

  • Windows Server 2012
  • Windows XP and Windows 7
  • Lotus Domino 8.5.3