• Cisco
• Credant Technologies
• Fortress
• Ironport
• Kace Networks
• Loglogic
• McAfee
• Netop
• Packeteer
• ProofPoint
• Riverbed
• Sophos
• Symantec
• Vericept
• Voltage
• Webroot
• Websense

Complete Messaging Security for the Enterprise
Proofpoint provides both hardware- and software-based solutions for enterprise messaging security, helping enterprises, universities and government organizations stop spam, defend against viruses and ensure that outbound messages comply with both corporate policies and external regulations.

The Proofpoint messaging security solution provides the ultimate in deployment flexibility, offered as both a hardened, secure, easy-to-deploy appliance—the Proofpoint Messaging Security Gateway—and as a highly customizable software package, the Proofpoint Protection Server.

Proofpoint's messaging security platform provides comprehensive defense against both inbound and outbound messaging threats—and Proofpoint's modular architecture lets you easily deploy new defenses as your needs change:

• Proofpoint Spam Detection offers complete defense against spam, adult content and phishing attacks. Proofpoint MLX machine learning technology delivers unrivalled accuracy with the lowest rate of false positives.

• Proofpoint Virus Protection defends your enterprise from email-borne viruses, worms and trojans, powered by the world's leading anti-virus engines.

• Proofpoint Content Compliance allows you to define and enforce acceptable use policies for message content and attachments across your entire enterprise.

• Proofpoint Digital Asset Security keeps your company's valuable assets and confidential information from leaking outside the organization via email.

• Proofpoint Regulatory Compliance protects your organization from liabilities associated with privacy regulations such as HIPAA and GLBA.

Ensure Compliance with HIPAA, GLBA and other Regulations

The Proofpoint Regulatory Compliance™ module makes it easy to ensure that outbound messages comply with many different types of email-related regulations, including HIPAA and GLBA. Pre-defined dictionaries and "smart identifiers" automatically scan for a wide variety of non-public information including PHI (protected health information as defined by HIPAA) and PFI (personal financial information as defined by GLBA) and let you take appropriate actions on non-compliant communications. Click the image to the right to see more of Proofpoint's convenient interface for building compliance rules.

Rules can be easily created or modified via a point and click interface to support compliance with many other types of information privacy and data security regulations, such as state regulations (e.g., California AB 1950 and California SB 1386), Canada's PIPEDA, and various European privacy directives.

Detect All Types of Privacy Data Inside Email

Proofpoint Regulatory Compliance includes a wide variety of out-of-the-box features that help keep your organization compliant with today's information privacy rules. Proofpoint Regulatory Compliance monitors all outgoing email to detect NPI based on dictionaries as well as common NPI identifiers.
 

Pre-defined and Custom Dictionaries

A variety of pre-defined dictionaries are included with Proofpoint Regulatory Compliance. These dictionaries define common protected health information code sets—such as standard disease, drug, treatment and diagnosis codes used by the healthcare industry—to simplify HIPAA compliance.

New dictionaries can be also be defined. These dictionaries can support both exact matches as well as regular expressions. The included HIPAA dictionaries can be expanded to include terms and codes specific to your medical environment, or new dictionaries can be added to support additional regulations such as NASD, PIPEDA and others. Dictionary terms can be weighted to increase or decrease the matching strength of any term, or to allow exceptions.
 

NPI Identifiers

Proofpoint Regulatory Compliance can also scan for common NPI identifiers such as Social Security Numbers, ABA routing numbers and credit card numbers.

These "smart identifiers" are more sophisticated than simple regular expressions. Proofpoint Regulatory Compliance looks for the correct number of digits, but also computes checksums to confirm that numerical strings that appear to be NPI are actually protected information. This technique greatly reduces the chance of false positives.
 

Flexible Privacy Rules and Policy Definitions

A point and click interface makes defining and modifying even complex privacy rules quick and easy. Rules can be configured to apply to individual occurrences of NPI or when a certain count of dictionary or NPI identifiers is reached. For example, a rule for tracking fraud or theft of credit card numbers can be set up to trigger only if more than three credit card numbers are detected in a message.

Any number of privacy rules can be defined to support specific compliance requirements. Multiple rules can be mapped into policies, for example a HIPAA policy, GLBA policy and AB 1950 policy. Policies can be further customized to apply only to lists of business partners or only to specified inbound or outbound message routes.
 

Encryption Support

Many regulations specify that non-public data must be transmitted in a secure or encrypted format. Proofpoint Regulatory Compliance supports two types of encryption:

TLS (Transport Layer Security): When used with the Proofpoint Messaging Security Gateway appliance, the Regulatory Compliance module can be used to define a set of business partners with whom email should always be encrypted. Messages sent to those partners are automatically transmitted using the TLS gateway-to-gateway encryption protocol.