Federal: ITAR/OFAC

International Traffic in Arms Regulations (ITAR) / Office of Foreign Assets Control (OFAC)

Export control laws are federal regulations that control the conditions under which certain information, technologies, and commodities can be transmitted to any foreign national. The laws are implemented by the Department of State through ITAR, and the Department of the Treasury through OFAC.
Download ITAR/OFAC datasheet

Key facts and data security requirements you should know

Export control laws prohibit the unlicensed export of certain materials or information for reasons of national security or protection of trade. Any organization transacting business internationally may be affected.
Export controls usually arise due to one of the following:
- The nature of the export has actual or potential military applications or economic protection issues;
- Government concerns about the destination country, organization, or individual; and
- Government concerns about the declared or suspected end use or the end user of the export
Broadly, an export could consist of:
1. Actual shipment of any covered goods or items
2. The electronic or digital transmission of any covered goods, items, or related goods or items
3. Any release or disclosure, including verbal disclosures or visual inspections, of any technology, software, or technical data to any foreign national, whether abroad or on U.S. soil; or
4. Actual use or application of covered technology on behalf of or for the benefit of a foreign entity or person anywhere.
Export controls also apply to a range of data that consists of, supports, describes, or accompanies the actual exported good or service, such as a shipper's export declaration, a foreign import certificate, a bill-of-lading, an invoice, a purchase order, or a delivery verification.

^ back to top

Proven data loss prevention for ITAR/OFAC

Vontu solutions enable organizations transacting business internationally to demonstrate compliance with ITAR/OFAC
As part of its Enterprise Governance initiative, a FORTUNE 100 chemical manufacturer needed to ensure it was not allowing sensitive Intellectual Property (IP) to proliferate across its network in a way that put the company’s competitive secrets at risk or violated IP export controls. After conducting a Vontu Risk Assessment, the manufacturer selected the entire Vontu suite for its ability to protect company intellectual property wherever it is stored or used. Now the company can discover sensitive information stored on laptops, servers or desktops across its global enterprise, monitor this data, and prevent it from leaving the network by blocking unauthorized transmission. The company can also demonstrate compliance with U.S. export controls of sensitive intellectual property, including ITAR, and protect confidential employee and customer data to help demonstrate compliance with other regulations such as HIPAA.

Vontu solutions enable organizations transacting business internationally to demonstrate compliance with ITAR/OFAC

As part of its Enterprise Governance initiative, a FORTUNE 100 chemical manufacturer needed to ensure it was not allowing sensitive Intellectual Property (IP) to proliferate across its network in a way that put the company’s competitive secrets at risk or violated IP export controls. After conducting a Vontu Risk Assessment, the manufacturer selected the entire Vontu suite for its ability to protect company intellectual property wherever it is stored or used. Now the company can discover sensitive information stored on laptops, servers or desktops across its global enterprise, monitor this data, and prevent it from leaving the network by blocking unauthorized transmission. The company can also demonstrate compliance with U.S. export controls of sensitive intellectual property, including ITAR, and protect confidential employee and customer data to help demonstrate compliance with other regulations such as HIPAA.

^ back to top

How Vontu solutions demonstrate compliance with ITAR/OFAC

Vontu solutions provide comprehensive ITAR/OFAC data loss prevention for any organization that transacts business internationally. Advantages include:

Pre-defined ITAR and OFAC policy templates with Vontu's TrueMatch™ detection suite for the highest accuracy in the industry
Discover and protect confidential data exposed on file servers, databases, Microsoft SharePoint®, Lotus Notes®, Documentum®, LiveLink®, web servers, Microsoft Exchange®, and other data repositories
Monitor and prevent confidential data loss on the network including email, IM, Web, Secure Web (HTTP over SSL), FTP, P2P, and generic TCP
Discover sensitive data stored on the endpoint, such as desktops and laptops, and prevent this data from being inappropriately used, sent, or copied to storage devices such as USB drives, CD/DVDs, or iPods
Demonstrate internal controls: Vontu enables organizations to demonstrate internal controls to comply with ITAR/OFAC requirements that mandate the establishment, documentation, and maintenance of electronic access to critical cyber assets
Role-based access control: Vontu's Role-Based Access Control enables business units and departments to review and remediate only those export control incidents relevant to their role and privileges.

^ back to top

Related Resources

Prudential Financial
case study

"Vontu DLP protects our corporate email and helps us identify and actively address potential exposures."Peter Kuzmiskas
System Technology Specialist,
Prudential Financial

Download now