Forcepoint
Privately held company | |
Industry | information security |
Founded | 1994 |
Headquarters | Austin, Texas |
Key people | John McCormack, CEO |
Products | TRITON Enterprise, TRITON Security Gateway Anywhere, TRITON Security Gateway, Web Security Gateway Anywhere, Cloud Web Security Gateway, Web Security Gateway, ACE in the Cloud, Email Security Gateway Anywhere, Cloud Email Security and Content Control, Email Security Gateway, Data Security Suite, Data Security Gateway, TRITON Mobile Security |
Revenue | $361.5 million |
Number of employees | 2,000 |
Parent | Raytheon |
Website | http://www.forcepoint.com |
Forcepoint, previously known as Websense and Raytheon|Websense, is an Austin-based company controlled by US defense contractor Raytheon specializing in computer security software.[1] Their security solutions are used by businesses and government institutions to protect their networks from cybercrime, malware and data theft, as well as prevent users from viewing sexual or other inappropriate content and discourage employees from browsing non-business-related websites.[2] Forcepoint uses a combination of classification engines, filtering categories, data fingerprints, and word filters designated by the individual customer's network policy.
In the past, software employing these technologies has been criticized because it can block websites and content protected by free speech, like sexual education websites.[3] This can occur intentionally as internet censorship, or simply by accident due to over-reaching categories[3] leading some to call it "censorware". While countries have used this technology to block ideologies disapproved of by the government,[3] Forcepoint expressly prohibits using its software in this manner.[4] The company also allows the public to ask for security details and categorization, or to request a re-categorization through email.[5]
History
Forcepoint was founded by Phil Trubey in 1994, and went public in the year 2000.[6] Forcepoint offers a broad array of security solutions and according to Gartner is one of the five companies leading the Secure Web Gateway (SWG) market, along with Blue Coat Systems and Zscaler[7] and leading the Content Aware Data-Loss Prevention (DLP) market and a top four "Visionary Company" in the Secure Email Gateway Market.
Going Private
On May 20, 2013, Forcepoint was acquired by Vista Equity Partners and taken private for $24.75 per share,[8] for a total purchase price of $906M.[9] This made Forcepoint part of Vista's $14 billion software company portfolio. With the closing of the transaction, Forcepoint stock was delisted from NASDAQ and is no longer a publicly traded company. The company's main operations have since been moved from San Diego, California to Austin, Texas.
On March 16, 2015, Reuters reported that defense contractor Raytheon was in talks to purchase Forcepoint from Vista Equity Partners.[10]
Acquisition by Raytheon
On April 19, 2015, The Wall Street Journal reported that defense contractor Raytheon had bought control of Forcepoint from Vista Equity Partners.[11] Raytheon will have an 80% stake in the new cyber venture, with Vista Partners LLC holding 20%. According to Raytheon, Forcepoint will form the core of a new cyber joint venture with forecast sales of $500 million this year and margins of around 20%.
Products
The company provides advanced solutions that include software-, appliance-, and cloud-based web, email, and mobile security, as well as data loss-prevention technologies. TRITON APX 8.0, launched in January 2015, as the new modular platform that provides companies with advanced threat and data theft prevention capabilities.
In December 2006, Forcepoint bought PortAuthority for $90 million.
On October 3, 2007, Forcepoint acquired UK company SurfControl.
On January 27, 2009, Forcepoint acquired Defensio, a security company specializing in blog plugins that help to fight spam and malicious links in the comment sections of blogs.
Partnership with Facebook
On October 3, 2011, Facebook and Forcepoint announced a partnership in order to protect Facebook's users from dangerous links that lead to malicious websites and malware sites. Forcepoint was the first security company to extend their threat intelligence into the social media space through their relationship with Facebook to gain visibility into these dynamic, closed environments. According to TechCrunch, "Going forward, when a Facebook user clicks on a link, the new system will first check the link against Forcepoint's system to determine whether or not it's safe. If it's not, a message is displayed warning the user that the link is potentially harmful and suggests you return to the previous page."[12]
Security software
Forcepoint may be implemented as a software application, computer appliance or cloud-based service operating at the transport layer as a transparent proxy, or at the application layer as a web proxy.[13] In each scenario, the effect is that it can inspect network traffic to or from the internet for a targeted group of people.
Forcepoint allowed system administrators to block access to websites and other protocols based on categories.[14] These contain lists of sites that may be blocked at will, either at specified times or permanently.[15]
In the early years of the company, Forcepoint's software, Websense Enterprise, was best known for its URL filtering capabilities. Many businesses used Websense Enterprise technology to implement Employee Internet Management (EIM) solutions. However, over the course of the years, Forcepoint began to evolve its product line by offering more security-focused technology.
In 2010, Forcepoint launched the Websense TRITON solution and became the first security company to integrate the real-time web content analysis and malware protection of the Web Security Gateway, Websense Data Security Suite and Websense Email Security products to protect organizations and their information from advanced threats and data loss [16]
In January 2015, the company launched TRITON APX 8.0, combining the best practices, learnings, and expertise from previous implementations into a single management console that allows companies to quickly identify, expose and prevent the latest in cyber-attacks and data theft. Through integrated web, email and data solutions, this new modular platform provides advanced threat protection across the Kill Chain.
According to the United States Department of Health and Human Services, "[Forcepoint] helps us defend against millions of online attacks each month and has significantly reduced malware infections. It's scalable, reliable, and is providing very effective web security for our systems. It helps us balance security with powerful productivity opportunities on the web and in social media, cloud computing, and mobility."[17]
Policies can be produced that control either previously identified information that contains "tags" such as account numbers, credit card records or any combination of many variables. A score is assigned based on a predefined set of rules and an action applied. The process can be entirely automated but relies upon either preset policy templates or bespoke rule sets that are developed in house.
In companies, this can prevent access to sites known to be infected with malicious content, it can prevent malicious programs from connecting to outside sites, and can limit the amount of bandwidth used by individual computers in a network.[18] The mere knowledge that web access is controlled can cause employees to stop using Internet during work hours for personal purposes, out of fear (that they may be caught misusing Internet).[18]
The software also tracks individual internet usage to collect and report on any browsing behaviors that deviate from the standards set by the library, government or other employer, and its reports can be data drilled by "risk class, category, URL, application, user, workstation, dates, and more."[19]
Research and Development
Forcepoint maintains R&D facilities in San Diego and Los Gatos, CA; Reading, England; Sydney, Australia; Raanana, Israel; and Beijing, China. With 500 R&D employees, the Forcepoint research and development department includes content operations, security research, software development, quality assurance, and documentation.[20]
Blocking Errors
A comparative study in 2002, looked at how blocking pornography websites affected the search of legitimate health-related information. When configured at the least-restrictive settings (only blocking sites in the category of pornography), all blocking software blocked the least number of health-related sites, and blocked most of the pornography. As more restrictive settings were tested, the health-related searches were considerably impeded, while the efficiency of blocking pornographic websites increased only marginally. Forcepoint had similar results with the other programs.[21]
In a 2005 report the Rhode Island branch of the American Civil Liberties Union called Forcepoint a deeply flawed technology.[22] It further notes that, although the blocking technology has improved over the years since 2002, it still remains a "blunt instrument" and that in public libraries equipped with Forcepoint people of all ages "are still denied access to a wide range of legitimate material." [22]
A 2006 report by Brennan Center for Justice says that web filtering programs used in schools were error-prone. For Forcepoint it discovered that a page discussing pornographic content had been blocked despite not containing any pornography, and a whole website had been blocked because one of its pages had sexual content.[23]
In 2007 Norman Finkelstein[24] and Noam Chomsky's websites were blocked by network administrators blocking the 'racism/hate speech' category for approximately 24 hours until Finkelstein complained.
A 2008 study on the use of Forcepoint within the Technical Colleges of Georgia found that only two categories were blocked in all of the colleges surveyed, and that 39 categories out of the 43 listed were blocked by some, but not all, colleges, with numbers ranging from two colleges blocking a given category to 23 out of the 24 respondents.[25] The software offers clients an optional continue button which permits users to access an otherwise blocked category if it is work related.[15]
For approximately 24 hours in 2009, Forcepoint classified router company Cisco's website under 'hack sites'.[26] Forcepoint has a submission form on the website to report mistaken categorization, although it is only available with an account.[27]
In 2011 it was reported by a blogger that Forcepoint would block pages that contained pornographic links anywhere in its content, even in the comments section; "a malicious attacker could get your whole site blocked at any time by the simple procedure of leaving dangerous, malicious or pornographic links in a blog's comments".[28]
The blocking categories can contain errors, and can be used, accidentally or on purpose, to prevent people from seeing legitimate content. For example, Forcepoint categories include: "Professional and Worker Organizations", "Social and Affiliation Organizations", "Political Organizations", "Advocacy Groups", "Gay or Lesbian or Bisexual Interest", "Sex education", "Traditional Religions" and "Non-traditional Religions and Occult and Folklore".[3] In response to a complaint from the American Civil Liberties Union in 2011 (part of their "Don't Filter Me" project), Forcepoint clarified its definition of the "Gay or Lesbian or Bisexual Interest" category, after it became apparent that some administrators mistakenly believed that this category had to be enabled to ensure that sexually explicit websites were blocked in schools.[29]
Usage by Governments
The ability of public libraries, governments or other employers to block content based on ideology has proved controversial due to the subjects being blocked are controlled by an organization or even a single individual. The blocking of sites can exceed that which is required by bodies responsible for the oversight of these institutions, and, in the case of educational institutions, criticism has been leveled at the decision making process.[25]
Due to these problems, a report issued in 2002 referred to Forcepoint as "censorware,"[30] although this is not upheld by assessments by organizations such as Electronic Frontier Foundation, OpenNet Initiative, Global Network Initiative and Bolo Bhi,[31] as of October 2013.
In 2004 Amnesty International listed Forcepoint as one of several foreign companies that had reportedly provided technology that was used to censor and control the use of the Internet in China.[32]
The OpenNet Initiative reported in 2004 that Forcepoint technology was used by the government in Yemen to enforce censorship of the Internet.[33]
In 2008 it was denounced again by the Yemen Times.[34] The company has a policy of not doing business with governments that force censorship of the Internet or oppress rights. The only exceptions are for preventing minors from watching adult content and for child pornography.[4] In 2009 Forcepoint issued a statement that it was discontinuing the database downloads to the Yemeni ISP, due to the violation of its stated policy,[35][36] but reporters from ONI infer that Forcepoint software was still being used by Yemen's ISP, YemenNet, to censor Internet access as late as August 2010.[37] Forcepoint was finally discontinued in Yemen sometime around January 2011 [37] and apparently it is no longer being used in any Middle East or North Africa country.[28]
On November 1, 2011, Forcepoint General Counsel, Michael Newman, released a public letter to "challenge all other American technology vendors to join us in prohibiting repressive regimes from using American technology to prevent open communications."[38] The letter's call for action included, "If you are an executive at a security company that makes software that can be used to censor Internet activity in repressive regimes, we ask that you support the right course of action and stop selling repressive tools to oppressive regimes."[38] The company joined the Global Network Initiative the same year.[39]
In response, the Electronic Frontier Foundation (EFF) noted, "[Forcepoint] is pointing the technology sector in the direction of promoting freedom; BlueCoat represents the aiding oppressors. The choice for other tech companies is clear, and kudos to [Forcepoint] for leading the way."[40] In March 2012, the EFF also praised Forcepoint for denouncing Pakistan's censorship plans.[39]
See also
References
- ↑ Nidhi Subbaraman, Websense Plugs Data Leaks, Plays Malware Guard On Mobiles For The Office= Fast Company
- ↑ Ken Presti, Websense Updates Malware, Data Theft Defenses = CRN
- 1 2 3 4 "West Censoring East: The Use of Western Technologies by Middle East Censors, 2010-2011y". OpenNet Initiative. March 2011. Retrieved 2012-01-28.
- 1 2 "Legal Information. Important Information Regarding the Websense Website". Websense. Retrieved 2013-03-20.
Websense does not sell to governments or Internet Service Providers (ISPs) that are engaged in government-imposed censorship. (...) "global filtering" projects where the government mandated policy (1) prohibits minors from accessing pornography and/or (2) prohibits child pornography (...) If the government requires ISPs to block adult content from all users, but permits an adult user to gain access to that content after providing proof of age, this would be in compliance with our stated policy. Forcepoint, however, does not engage in any arrangements with foreign governments (or government-imposed arrangements) that could be viewed as oppressive of rights.
- ↑ "What you can do if you feel a website has been incorrectly categorized". Websense. Retrieved 2013-03-20.
Ask your Help Desk or IT administrator to change a website's category (they can override the Websense category). You can also suggest that Websense researchers reevaluate a categorization by e-mailing suggest (at) websense.com.
- ↑ "He's All Business On the Internet, Phil Trubey Unveils His Latest Venture Even Though He Could Retire Today". San Diego Business Journal. 2000-12-11. Retrieved 2008-08-04.
- ↑ Orans, Lawrence; Firstbrook, Peter (25 May 2011). (PDF) (Report). Gartner via McAfee http://www.mcafee.com/ca/resources/reports/rp-gartner-magic-quadrant-secure-web-gateway.pdf. Retrieved 27 March 2012. Missing or empty
|title=
(help) - ↑ "Websense Signs Definitive Agreement to be Acquired by Vista Equity Partners". 20 May 2013. Retrieved 21 May 2013.
- ↑ Jolie O'Dell (20 May 2013). "Websense, publicly traded since 2000, goes private in $906M buyout". Retrieved 21 May 2013.
- ↑ "Raytheon in talks to buy Websense Inc: Bloomberg". 2015-03-16.
- ↑ "Raytheon to Plow $1.7 Billion Into New Cyber Venture". 2015-04-19.
- ↑ Sarah Perez (3 October 2011). "Facebook Partners With Websense To Protect Users From Malicious Sites And Malware". Retrieved 30 March 2012.
- ↑ "Explicit and Transparent Proxy Deployments". Websense. 2010. Retrieved 30 March 2012.
- ↑ "URL Categories". Websense. 2012. Retrieved 2012-04-10.
- 1 2 "The Websense Master Database". Websense.com. Retrieved February 18, 2012.
- ↑ "Websense Unveils Triton Architecture". InfoWorld. ChannelPro. 11 February 2010. Retrieved 4 Sep 2013. Check date values in:
|date=
(help) - ↑ "U.S. Department of Health and Human Services". 11 February 2010.
- 1 2 "Information Highway Patrol", ComputerWorld 38 (22), May 31, 2004, pp. 28–29
- ↑ Websense: reporting tools.
- ↑ Michael A. Newman, Chief Financial Officer (2012-12-31). "UNITED STATES SECURITIES AND EXCHANGE COMMISSION, FORM 10-K, Websense".
- ↑ Richardson, Caroline R.; Resnick, Paul J.; Hansen, Derek L.; Derry, Holly A.; Rideout, Victoria J. (2002). "Does Pornography-Blocking Software Block Access to Health Information on the Internet". Journal of the American Medical Association 288 (22): 2887–2894. doi:10.1001/jama.288.22.2887.
- 1 2 The Rhode Island affiliate, American Civil Liberties Union (April 2005). "R.I. ACLU releases report on "troubling" internet censorship in public libraries". Archived from the original on 2008-12-08.
* full report. - ↑ Marjorie Heins, Christina Cho, Ariel Feldman (2006), Internet filters: a public policy report (PDF), Brennan Center for Justice, pp. 38–39 intro
- ↑ Websense filtering out this site, official website of Norman Finkelstein, "Reader letters: reply from Websense stating that www.normanfinkelstein.com has been reviewed and now categorized as 'News and Media'"
- 1 2 Stanley, Carol; Jerry, Stovall (2008). "The Blocked Blog (or Websense and the Technical Colleges' Fight for Academic Freedom)". Georgia Library Quarterly 45 (1). Retrieved February 16, 2012.
- ↑ John Leyden (2009-03-20). "Websense mistakes Cisco.com for hack site". The Register.
- ↑ "Tools and Policies". Websense. Retrieved February 19, 2012.
- 1 2 West Censoring East: Or Why Websense Thinks My Blog is Pornography, Jilian C. York (coauthor of the 2010-2011 ONI report), March 28, 2011 "I will say that Yemen has stopped using [Forcepoint] and we're not aware of any other countries–at least in the Middle East and North Africa–that use the software."
- ↑ "Don't Filter Me!" (PDF). American Civil Liberties Union. 10 November 2011. Retrieved 2011-04-10.
- ↑ Peacefire WebSENSE Examined
- ↑ Sana Saleem, CEO, Bolo Bhi (2012-03-02). "Thank You Websense, From Pakistan".
- ↑ China: Controls tighten as Internet activism grows "Cisco Systems, Microsoft, Nortel Networks, Websense and Sun Microsystems", citing Amnesty International: People's Republic of China: State Control of the Internet in China, ASA, 17/007/2002, November 2002.
- ↑ Internet Filtering in Yemen in 2004–2005: A Country Study. OpenNet Initiative.
- ↑ Jane Novak (6–9 March 2008). "Internet censorship in Yemen". Yemen Times (1135 (volume 8)).
The government ISP automatically denies Internet requests from Yemeni users by using Forcepoint and Antlabs to filter Internet content. Forcepoint enables the government to block websites by category and to define specific Internet sites to block
- ↑ Websense Issues Statement on Use of its URL Filtering Technology by ISPs in Yemen "Since we were informed about the potential use of our products by Yemeni ISPs based on government-imposed Internet restrictions in Yemen, we have investigated this potential non-compliance with our anti-censorship policy. Because our product operates based on a database system, we are able to block updated database downloads to locations and to end users where the use of our product would violate law or our corporate policies. We believe that we have identified the specific product subscriptions that are being used for Web filtering by ISPs in Yemen, and in accordance with our policy against government-imposed censorship and compliance review policies (http://www.websense.com/content/censorship-policy.aspx), we have taken action to discontinue the database downloads to the Yemeni ISPs"
- ↑ Websense Sets the Record Straight on its Anti-Censorship Policy, Websense General Counsel Mike Newman, 20 August 2009, "The simple answer is that we don't want or need that kind of business. The purpose of our Web filtering and Web security products is to make the Internet a safer place to do business, ensuring security and organizational productivity, while limiting legal liability for employers. Government censorship is not on our product roadmap."
- 1 2 West Censoring East: The Use of Western Technologies by Middle East Censors, 2010-2011 , March 2011, Helmi Noman and Jillian C. York. "From this we may infer, but not definitively establish, that Forcepoint categorizations were still being received and updated in Yemen as of August 2010."
- 1 2 Newman, Michael (2011-11-01). "Websense Statement on Improper Use of Technology for Suppression of Rights and in Violation of Trade Sanctions". Websense. Retrieved 2012-03-27.
- 1 2 Jillian C York. "Filtering Software Companies Should Follow Websense's Lead". Electronic Frontier Foundation. Retrieved 2012-03-30.
- ↑ Sutton, Maira; Timm, Trevor (2011-11-07). "This Week in Internet Censorship Egypt Imprisons Alaa, Other Pro-democracy Bloggers". Electronic Frontier Foundation. Retrieved 2012-03-27.
Further reading
- Access Denied: The Practice and Policy of Global Internet Filtering, Ronald Deibert, John G. Palfrey, Rafal Rohozinski, Jonathan Zittrain, MIT Press, 2008. ISBN 0-262-54196-3, ISBN 978-0-262-54196-1