| Protection against unauthorized data access and software changes |
| Dynamic Integrity Control | Protects all executable software on the system by detecting any unauthorized activation attempt and preventing the process from launching before damage can occur. |
| Dynamic Sandbox | Specially-designated user account for potentially vulnerable software provides system-level privilege controls to block dangerous software activity. |
| Dynamic Resource Control | Controls how different applications can access files and folders, registry keys, external devices, and network resources. User-driven rules can be created to control application activity. |
| Unattended device protection |
| Flexible installation | Can be deployed using push, standard, or silent installation mode; configuration settings can also be cloned from a standard device. |
| Conditional remote control | Client remote control can be disabled to permit devices with low bandwidth connections to work without central management. |
| Access to external devices | Granular control over access to and use of external USB storage, CDs/DVDs, COM and LPT ports, autorun control and the ability to set exclusions by device type, name, vendor and ID. Protected CDs/DVDs are recognized and accepted while all others are blocked. |
| Background monitoring and logging of all system events | Shadow mode provides constant monitoring of devices that cannot be detected or removed by service personnel. All data copy activities, including copying to removable media such as skimmers, is monitored in shadow mode and alerts can be sent to the management console. |
| Self defense system | SoftControl TPSecure processes cannot be stopped or killed, even with high-level administrative rights. Additionally, the client regularly sends heartbeat status reports to the management console. |
| Back office controls and front office workstation security |
| Application launch control | Attempts by employees to launch unknown applications can be blocked across the board or by specific type such as game or multimedia players. |
| Record keyboard input | Optionally record all keyboard input for specific applications to track what data is entered when and by whom. |
| Rollback | For every application, an entire activity history and shadow copies of the changed files can be created, enabling any breach attempt to be tracked back to its source. |
| Monitoring of files sent for printing | Monitor and log all documents sent for printing. |
| Time monitoring system | Keep track of all applications used by employee and the time spent working with each application. |
| Integration with other security solutions | SoftControl TPSecure is compatible with most popular corporate security solutions, including antimalware, encryption, and network traffic security, enabling the same policies to be enforced across all users. |
| Alerts and incident management | Whenever a breach is attempted and blocked, SoftControl TPSecure issues an alert with a description of where, when and what kind of violation was attempted. |
| Achieving PCI DSS compliance |
| Meet PCI DSS requirements | SoftControl TPSecure helps organizations meet PCI DSS compliance and reduce the risk of financial fraud. |
| Customizable delivery |
| Multiple delivery options | SoftControl TPSecure can be delivered in various ways, providing flexible integration and deployment capabilities. These include: standard components and settings, custom components and settings based on customer requirements, binary libraries (SDK), or even source code.* |
