SlideShare a Scribd company logo

Best Practices for Implementing Data Loss Prevention (DLP)

Sarfaraz Chougule
Sarfaraz Chougule

Vast amounts of your organization's sensitive data are accessible, stored, and used by authorized employees and partners on a host of devices and servers. Protecting that data where ever it is stored or travels is a top priority.

Technology
1 of 26
Download to read offline
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. Best Practices for Implementing Data Loss Prevention (DLP) • Michael Avdeev DLP Solution Architect, McAfee • John Callaghan Sr. Mgr. Engineering Research , SilverSky
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 2 Welcome! • Type in questions using the Ask A Question button • All audio is streamed over your computer – Having technical issues? Click the ? Button • Click Attachments button to find a printable copy of this presentation • After the webinar, ISACA members may earn 1 CPE credit – Find a link to the Event Home Page on the Attachments button – Click the CPE Quiz link on the Event Home Page to access the quiz – Once you pass the quiz, you’ll receive a link to a printable CPE Certificate • Tell us what you thought of this event! – By using the FEEDBACK button – Complete the Webinar Survey on the Attachments button • Question or suggestion? Email them to eLearning@isaca.org
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 3 Today’s Speakers Michael Avdeev DLP Enterprise Solution Architect McAfee John J. Callaghan, CISM, Senior Manager Security & Engineering Research, SilverSky
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 4 Motivations “A world of needs… … essential considerations” What • Another Tool or Governance approach Why • Mandate, IP, Regulatory, Compliance When • Immediately .vs. Planned Where • Across the business, by geography How • “By Policy”, Training, Top-Down, Inter-organizational
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 5 Considerations “The obvious... … and not so obvious” • Business Goals • Company Primary IP • Industry & Legal Requirements • Corporate Security Policies • New Projects ‘rollout’ history • Secondary IP concerns • Business unit Practices & Repositories • Varying adherence to Corporate Policy • Exposed IP • Extranet/sharing issues
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 6 Challenges “Securing the Data… … loss / theft / corruption” • Today: Data = Dollars • Crime: Cybercrime is simply Crime • News: Success stories need to outweigh breaches • Statistics: At the close
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 7 Data-in-Motion Data-at-Rest Data-in-Use Data Types WILDWILDWEST Data Loss Vectors Email Web Post Network IM Chat Desktop/LaptopDatabase Removable Media ScreenPrinter File Share Clipboard
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 8 DLP Governance Risk Assessment Compliance Classification Policies Discovery Remediation Awareness DLP Elements
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 9 Governance Summary: • Data Governance = confidentiality, integrity and availability of data • Monitor the flow/storage of data in your environment Action: • Develop a governance structure • Define roles & responsibility • Create a communication plan • Create governance metrics Examples: • Centralized vs. De-Centralized • Set up a central site for document storage & communications • Use DLP policies to generate metrics
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 10 Risk Assessment Summary: • Identify all data types, threat vectors, and potential business impact • Prioritize ranking of risks and a list of initiatives to mitigate the risk Action: • Execute the RA • Create a detailed action plan • Assign owners to RA results • Formalize a recurring RA plan Examples: • Use asset management tools to catalog assets • Use DLP to identify risk in systems, applications, lines of business, etc.
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 11 Compliance Summary: • Sensitive information regulated by governmental and industry statutes • Avoid fines, increased audit costs, embarrassment, or prosecution Action: • Identify governing bodies • Identify statutes • Create a data element mapping • Create compliance metrics Examples: • Monitor PCI data movement both within and outside of the company • Use IT GRC tools to manage compliance
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 12 Classification Summary: • Classify data according to its value and risk • Protect classes of data; not individual elements Action: • Gather initial and new data elements • Develop a standard framework • Identify data owners and users • Identify approved data storage systems Examples: • Set up workshops to gather initial data elements • Use DLP data discovery scans to gather new data elements • Catalog locations and move data to approved storage locations
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 13 Policies Summary: • Flexible policies that grows with the organization over time • User education on policies, standards, and guidelines Action: • Review existing policies • Create new policies • Socialize polices with users • Evaluate effectiveness Examples: • Educate key stake holders (HR, compliance team, biz units) • Set up a recurring update program to measure policy effectiveness
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 14 Discovery Summary: • Find sensitive data in areas you don’t expect it to. • Identify broken process, bad actors, and “data drift” Action: • Create a data discover program • Define data storage type • Define data categories • Define data owners Examples: • Identify “data drift” in “data-at-rest” (file servers, database) • Identify “data drift” in “data-in-use” (local disks on laptops and desktops)
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 15 Remediation Summary: • More than fixing the data – look at the people and the process • Remediation is NOT done until root causes are identified and risk is mitigated Action: • Develop data/incident response programs • Perform system/data clean-up • Implement mitigation actions Examples: • Root caused PCI data leakage due to a broken business process • Automatically encrypt all patient data via outbound email traffic
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 16 Awareness Summary: • Your employees are a critical line of defense • Embed employee education into your DLP program Action: • Develop a security awareness program for employees • Develop specific data protection training for data owners Examples: • Posters • Webpage with guidelines • Quick situational videos
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 17 Approaching the Task Deployment Best Practices • Solid preparation • Understand the data & rules • Be realistic with the project plan • Communication, communication, communication Protecting Data is a Process Problem…
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 18 Deployment Best Practices • Scope the hardware appropriately • Get buy-in from key stakeholders early • Evaluate DLP endpoint strategies • Have a realistic test environment so you can see problems early Solid Preparation • Privacy rules differ state by state, country by country • Understand how data is being used in your company before building policies • Understand chain-of-custody implications of collecting evidence in a DLP solution Understand the Data & Rules • You can’t watch everything - prioritize what’s important • Start small and grow your coverage • Know what you need to watch for and what you cannot watch for • Document well and define key statistical performance metrics Be Realistic • Weekly calls (technical level & governance level calls with senior management) • Define departmental champions to help overcome roadblocks • Keep the CISO actively involved • Train downstream – don’t limit it to just security Good Communication
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 19 Who? What? When? How? Data Type Risk Level Findings PCI Data Exposed User Ignorance of Policy PII Data Exposed PII data sent, received and stored UNENCRYPTED Intellectual Property Leaks “Confidential” files sent to questionable destinations State Privacy Law Violations Broken business process You cannot protect the data you don’t know about!
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 20 Streamline Policies  Fine tune and test policies without interrupting business Define Policy Test Policy Tune Rules Data Analytics Violations Data
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 21 Inventory with Metadata Categorization & Classification Remediation Prioritized Discovery Best Practices PCI Data Sensitive IP Encrypt Delete Move
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 22 Management ModelProactiveReactive Decentralized Centralized • Complex IP environment • Business driven needs • Small security team Business Flex Dedicated Team Light Coverage Part-Timer • High regulatory requirements • Mature business model • Strong security team • Low regulatory environment • Low business drivers • Small security team • High business drivers • Little management buy-in • Strong security team
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 23 What You Learned Today • The 8 Essential DLP Elements • DLP Deployment Best Practices & Examples • Different DLP Management Models Remember … You cannot protect the data you don’t know about! Start small and be realistic about your project plan. Get buy-in from business users early. Protecting data is a process problem.
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 24 Resource & Tools • Verizon Data Breach Investigation report: http://www.verizonenterprise.com/DBIR/2013/ • “Implementing and Managing a DLP Solution” Whitepaper http://mcaf.ee/dphvg -> White Papers To find out more about McAfee DLP solution • Public page http://mcaf.ee/dphvg • Regulation link http://www.mcafee.com/data-protection-laws • Data Risk Assessment http://dataprotection.mcafee.com/forms/RiskAssessment • Blogs http://siblog.mcafee.com/category/data-protection • Videos http://www.youtube.com/McafeeDLP • Twitter handle @McAfeeDLP
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 25 Questions?
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 26 Thank You! Michael Avdeev, michael_avdeev@mcafee.com John Callaghan, jcallaghan@silversky.com

Recommended

DLP Data leak prevention
DLP Data leak preventionDLP Data leak prevention
DLP Data leak preventionAriel Evans
 
Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14Symantec
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss Preventiondj1arry
 
Data Loss Prevention from Symantec
Data Loss Prevention from SymantecData Loss Prevention from Symantec
Data Loss Prevention from SymantecArrow ECS UK
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss PreventionReza Kopaee
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykEryk Budi Pratama
 
DATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEWDATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEWSylvain Martinez
 
Data loss prevention (dlp)
Data loss prevention (dlp)Data loss prevention (dlp)
Data loss prevention (dlp)Hussein Al-Sanabani
 

Recommended

DLP Data leak prevention
DLP Data leak preventionDLP Data leak prevention
DLP Data leak preventionAriel Evans
 
Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14Introducing Data Loss Prevention 14
Introducing Data Loss Prevention 14Symantec
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss Preventiondj1arry
 
Data Loss Prevention from Symantec
Data Loss Prevention from SymantecData Loss Prevention from Symantec
Data Loss Prevention from SymantecArrow ECS UK
 
Data Loss Prevention
Data Loss PreventionData Loss Prevention
Data Loss PreventionReza Kopaee
 
Data Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykData Loss Prevention (DLP) - Fundamental Concept - Eryk
Data Loss Prevention (DLP) - Fundamental Concept - ErykEryk Budi Pratama
 
DATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEWDATA LOSS PREVENTION OVERVIEW
DATA LOSS PREVENTION OVERVIEWSylvain Martinez
 
Data loss prevention (dlp)
Data loss prevention (dlp)Data loss prevention (dlp)
Data loss prevention (dlp)Hussein Al-Sanabani
 
Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Iftikhar Ali Iqbal
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityPriyanka Aash
 
Personal Data Protection in Indonesia
Personal Data Protection in IndonesiaPersonal Data Protection in Indonesia
Personal Data Protection in IndonesiaEryk Budi Pratama
 
Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyOverview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyLiwei Ren任力偉
 
Data Loss Threats and Mitigations
Data Loss Threats and MitigationsData Loss Threats and Mitigations
Data Loss Threats and MitigationsApril Mardock CISSP
 
Microsoft Azure Information Protection
Microsoft Azure Information Protection Microsoft Azure Information Protection
Microsoft Azure Information Protection Syed Sabhi Haider
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementEryk Budi Pratama
 
DLP Systems: Models, Architecture and Algorithms
DLP Systems: Models, Architecture and AlgorithmsDLP Systems: Models, Architecture and Algorithms
DLP Systems: Models, Architecture and AlgorithmsLiwei Ren任力偉
 
DLP Executive Overview
DLP Executive OverviewDLP Executive Overview
DLP Executive OverviewKim Jensen
 
Build an Information Security Strategy
Build an Information Security StrategyBuild an Information Security Strategy
Build an Information Security StrategyAndrew Byers
 
Forcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionForcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionMarketingArrowECS_CZ
 
Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Network Intelligence India
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesSeccuris Inc.
 
Cybersecurity & Project Management
Cybersecurity & Project ManagementCybersecurity & Project Management
Cybersecurity & Project ManagementFernando Montenegro
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...PECB
 
Urgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data PribadiUrgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data PribadiEryk Budi Pratama
 
Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11Symantec
 
2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information ProtectionAndrew Bettany
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
 
Protéger ses données avec de la DLP
Protéger ses données avec de la DLPProtéger ses données avec de la DLP
Protéger ses données avec de la DLPMarc Rousselet
 
Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...
Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...
Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...Cartegraph
 
Forging an Analytics Center of Excellence
Forging an Analytics Center of ExcellenceForging an Analytics Center of Excellence
Forging an Analytics Center of ExcellenceLewandog, Inc,
 

More Related Content

What's hot

Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Iftikhar Ali Iqbal
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityPriyanka Aash
 
Personal Data Protection in Indonesia
Personal Data Protection in IndonesiaPersonal Data Protection in Indonesia
Personal Data Protection in IndonesiaEryk Budi Pratama
 
Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyOverview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyLiwei Ren任力偉
 
Data Loss Threats and Mitigations
Data Loss Threats and MitigationsData Loss Threats and Mitigations
Data Loss Threats and MitigationsApril Mardock CISSP
 
Microsoft Azure Information Protection
Microsoft Azure Information Protection Microsoft Azure Information Protection
Microsoft Azure Information Protection Syed Sabhi Haider
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementEryk Budi Pratama
 
DLP Systems: Models, Architecture and Algorithms
DLP Systems: Models, Architecture and AlgorithmsDLP Systems: Models, Architecture and Algorithms
DLP Systems: Models, Architecture and AlgorithmsLiwei Ren任力偉
 
DLP Executive Overview
DLP Executive OverviewDLP Executive Overview
DLP Executive OverviewKim Jensen
 
Build an Information Security Strategy
Build an Information Security StrategyBuild an Information Security Strategy
Build an Information Security StrategyAndrew Byers
 
Forcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionForcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionMarketingArrowECS_CZ
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesSeccuris Inc.
 
Cybersecurity & Project Management
Cybersecurity & Project ManagementCybersecurity & Project Management
Cybersecurity & Project ManagementFernando Montenegro
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...PECB
 
Urgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data PribadiUrgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data PribadiEryk Budi Pratama
 
Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11Symantec
 
2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information ProtectionAndrew Bettany
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationEryk Budi Pratama
 
Protéger ses données avec de la DLP
Protéger ses données avec de la DLPProtéger ses données avec de la DLP
Protéger ses données avec de la DLPMarc Rousselet
 

What's hot (20)

Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)
 
Ciso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data securityCiso round table on effective implementation of dlp & data security
Ciso round table on effective implementation of dlp & data security
 
Personal Data Protection in Indonesia
Personal Data Protection in IndonesiaPersonal Data Protection in Indonesia
Personal Data Protection in Indonesia
 
Overview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) TechnologyOverview of Data Loss Prevention (DLP) Technology
Overview of Data Loss Prevention (DLP) Technology
 
Data Loss Threats and Mitigations
Data Loss Threats and MitigationsData Loss Threats and Mitigations
Data Loss Threats and Mitigations
 
Microsoft Azure Information Protection
Microsoft Azure Information Protection Microsoft Azure Information Protection
Microsoft Azure Information Protection
 
Common Practice in Data Privacy Program Management
Common Practice in Data Privacy Program ManagementCommon Practice in Data Privacy Program Management
Common Practice in Data Privacy Program Management
 
DLP Systems: Models, Architecture and Algorithms
DLP Systems: Models, Architecture and AlgorithmsDLP Systems: Models, Architecture and Algorithms
DLP Systems: Models, Architecture and Algorithms
 
DLP Executive Overview
DLP Executive OverviewDLP Executive Overview
DLP Executive Overview
 
Build an Information Security Strategy
Build an Information Security StrategyBuild an Information Security Strategy
Build an Information Security Strategy
 
Forcepoint Dynamic Data Protection
Forcepoint Dynamic Data ProtectionForcepoint Dynamic Data Protection
Forcepoint Dynamic Data Protection
 
Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)Data Leakage Prevention (DLP)
Data Leakage Prevention (DLP)
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective Strategies
 
Cybersecurity & Project Management
Cybersecurity & Project ManagementCybersecurity & Project Management
Cybersecurity & Project Management
 
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
CIA Triad in Data Governance, Information Security, and Privacy: Its Role and...
 
Urgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data PribadiUrgensi RUU Perlindungan Data Pribadi
Urgensi RUU Perlindungan Data Pribadi
 
Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11
 
2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection2 Modern Security - Microsoft Information Protection
2 Modern Security - Microsoft Information Protection
 
Privacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program ImplementationPrivacy-ready Data Protection Program Implementation
Privacy-ready Data Protection Program Implementation
 
Protéger ses données avec de la DLP
Protéger ses données avec de la DLPProtéger ses données avec de la DLP
Protéger ses données avec de la DLP
 

Similar to Best Practices for Implementing Data Loss Prevention (DLP)

Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...
Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...
Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...Cartegraph
 
Forging an Analytics Center of Excellence
Forging an Analytics Center of ExcellenceForging an Analytics Center of Excellence
Forging an Analytics Center of ExcellenceLewandog, Inc,
 
Privacies are coming
Privacies are comingPrivacies are coming
Privacies are comingErnest Staats
 
Advanced Project Data Analytics for Improved Project Delivery
Advanced Project Data Analytics for Improved Project DeliveryAdvanced Project Data Analytics for Improved Project Delivery
Advanced Project Data Analytics for Improved Project DeliveryMark Constable
 
Key Elements of a Successful Data Governance Program
Key Elements of a Successful Data Governance ProgramKey Elements of a Successful Data Governance Program
Key Elements of a Successful Data Governance ProgramDATAVERSITY
 
4 Security Guidelines for SharePoint Governance
4 Security Guidelines for SharePoint Governance4 Security Guidelines for SharePoint Governance
4 Security Guidelines for SharePoint GovernanceImperva
 
Data analytics software selection and implementation
Data analytics software selection and implementationData analytics software selection and implementation
Data analytics software selection and implementationJim Kaplan CIA CFE
 
Getting Data Quality Right
Getting Data Quality RightGetting Data Quality Right
Getting Data Quality RightDATAVERSITY
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...TrustArc
 
Découvrez comment mettre en place un programme de protection des données effi...
Découvrez comment mettre en place un programme de protection des données effi...Découvrez comment mettre en place un programme de protection des données effi...
Découvrez comment mettre en place un programme de protection des données effi...Benoît H. Dicaire
 
Securing Web Applications
Securing Web ApplicationsSecuring Web Applications
Securing Web ApplicationsMark Garratt
 
The Changing Role of a DBA in an Autonomous World
The Changing Role of a DBA in an Autonomous WorldThe Changing Role of a DBA in an Autonomous World
The Changing Role of a DBA in an Autonomous WorldMaria Colgan
 
Too much data and not enough analytics!
Too much data and not enough analytics!Too much data and not enough analytics!
Too much data and not enough analytics!Emma Kelly
 
Data-Ed Webinar: Data Architecture Requirements
Data-Ed Webinar: Data Architecture RequirementsData-Ed Webinar: Data Architecture Requirements
Data-Ed Webinar: Data Architecture RequirementsDATAVERSITY
 
Data-Ed: Data Architecture Requirements
Data-Ed: Data Architecture Requirements Data-Ed: Data Architecture Requirements
Data-Ed: Data Architecture Requirements Data Blueprint
 
Understanding New Technology and Security Risks as you respond to COVID-19
Understanding New Technology and Security Risks as you respond to COVID-19Understanding New Technology and Security Risks as you respond to COVID-19
Understanding New Technology and Security Risks as you respond to COVID-19Emma Kelly
 
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...Comprehensive Security for the Enterprise IV: Visibility Through a Single End...
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...Cloudera, Inc.
 
The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)Kirsty Donovan
 
First bankcard presentation 3.3.15
First bankcard presentation 3.3.15First bankcard presentation 3.3.15
First bankcard presentation 3.3.15Julie McDonald
 

Similar to Best Practices for Implementing Data Loss Prevention (DLP) (20)

Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...
Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...
Loras College 2014 Business Analytics Symposium | Aaron Lanzen: Creating Busi...
 
Forging an Analytics Center of Excellence
Forging an Analytics Center of ExcellenceForging an Analytics Center of Excellence
Forging an Analytics Center of Excellence
 
Privacies are coming
Privacies are comingPrivacies are coming
Privacies are coming
 
Advanced Project Data Analytics for Improved Project Delivery
Advanced Project Data Analytics for Improved Project DeliveryAdvanced Project Data Analytics for Improved Project Delivery
Advanced Project Data Analytics for Improved Project Delivery
 
Key Elements of a Successful Data Governance Program
Key Elements of a Successful Data Governance ProgramKey Elements of a Successful Data Governance Program
Key Elements of a Successful Data Governance Program
 
4 Security Guidelines for SharePoint Governance
4 Security Guidelines for SharePoint Governance4 Security Guidelines for SharePoint Governance
4 Security Guidelines for SharePoint Governance
 
Data analytics software selection and implementation
Data analytics software selection and implementationData analytics software selection and implementation
Data analytics software selection and implementation
 
Getting Data Quality Right
Getting Data Quality RightGetting Data Quality Right
Getting Data Quality Right
 
BREACHED: Data Centric Security for SAP
BREACHED: Data Centric Security for SAPBREACHED: Data Centric Security for SAP
BREACHED: Data Centric Security for SAP
 
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
Unlocking AI Potential: Leveraging PIA Processes for Comprehensive Impact Ass...
 
Découvrez comment mettre en place un programme de protection des données effi...
Découvrez comment mettre en place un programme de protection des données effi...Découvrez comment mettre en place un programme de protection des données effi...
Découvrez comment mettre en place un programme de protection des données effi...
 
Securing Web Applications
Securing Web ApplicationsSecuring Web Applications
Securing Web Applications
 
The Changing Role of a DBA in an Autonomous World
The Changing Role of a DBA in an Autonomous WorldThe Changing Role of a DBA in an Autonomous World
The Changing Role of a DBA in an Autonomous World
 
Too much data and not enough analytics!
Too much data and not enough analytics!Too much data and not enough analytics!
Too much data and not enough analytics!
 
Data-Ed Webinar: Data Architecture Requirements
Data-Ed Webinar: Data Architecture RequirementsData-Ed Webinar: Data Architecture Requirements
Data-Ed Webinar: Data Architecture Requirements
 
Data-Ed: Data Architecture Requirements
Data-Ed: Data Architecture Requirements Data-Ed: Data Architecture Requirements
Data-Ed: Data Architecture Requirements
 
Understanding New Technology and Security Risks as you respond to COVID-19
Understanding New Technology and Security Risks as you respond to COVID-19Understanding New Technology and Security Risks as you respond to COVID-19
Understanding New Technology and Security Risks as you respond to COVID-19
 
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...Comprehensive Security for the Enterprise IV: Visibility Through a Single End...
Comprehensive Security for the Enterprise IV: Visibility Through a Single End...
 
The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)The 3 Phased Approach to Data Leakage Prevention (DLP)
The 3 Phased Approach to Data Leakage Prevention (DLP)
 
First bankcard presentation 3.3.15
First bankcard presentation 3.3.15First bankcard presentation 3.3.15
First bankcard presentation 3.3.15
 

Recently uploaded

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Patryk Bandurski
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdfhans926745
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxMalak Abu Hammad
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure servicePooja Nehwal
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationRadu Cotescu
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountPuma Security, LLC
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAndikSusilo4
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...HostedbyConfluent
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024Scott Keck-Warren
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 

Recently uploaded (20)

From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
Integration and Automation in Practice: CI/CD in Mule Integration and Automat...
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf[2024]Digital Global Overview Report 2024 Meltwater.pdf
[2024]Digital Global Overview Report 2024 Meltwater.pdf
 
The Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptxThe Codex of Business Writing Software for Real-World Solutions 2.pptx
The Codex of Business Writing Software for Real-World Solutions 2.pptx
 
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure serviceWhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
WhatsApp 9892124323 ✓Call Girls In Kalyan ( Mumbai ) secure service
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Breaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path MountBreaking the Kubernetes Kill Chain: Host Path Mount
Breaking the Kubernetes Kill Chain: Host Path Mount
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Azure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & ApplicationAzure Monitor & Application Insight to monitor Infrastructure & Application
Azure Monitor & Application Insight to monitor Infrastructure & Application
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
Transforming Data Streams with Kafka Connect: An Introduction to Single Messa...
 
SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024SQL Database Design For Developers at php[tek] 2024
SQL Database Design For Developers at php[tek] 2024
 
AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 

Best Practices for Implementing Data Loss Prevention (DLP)

  • 1. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. Best Practices for Implementing Data Loss Prevention (DLP) • Michael Avdeev DLP Solution Architect, McAfee • John Callaghan Sr. Mgr. Engineering Research , SilverSky
  • 2. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 2 Welcome! • Type in questions using the Ask A Question button • All audio is streamed over your computer – Having technical issues? Click the ? Button • Click Attachments button to find a printable copy of this presentation • After the webinar, ISACA members may earn 1 CPE credit – Find a link to the Event Home Page on the Attachments button – Click the CPE Quiz link on the Event Home Page to access the quiz – Once you pass the quiz, you’ll receive a link to a printable CPE Certificate • Tell us what you thought of this event! – By using the FEEDBACK button – Complete the Webinar Survey on the Attachments button • Question or suggestion? Email them to eLearning@isaca.org
  • 3. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 3 Today’s Speakers Michael Avdeev DLP Enterprise Solution Architect McAfee John J. Callaghan, CISM, Senior Manager Security & Engineering Research, SilverSky
  • 4. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 4 Motivations “A world of needs… … essential considerations” What • Another Tool or Governance approach Why • Mandate, IP, Regulatory, Compliance When • Immediately .vs. Planned Where • Across the business, by geography How • “By Policy”, Training, Top-Down, Inter-organizational
  • 5. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 5 Considerations “The obvious... … and not so obvious” • Business Goals • Company Primary IP • Industry & Legal Requirements • Corporate Security Policies • New Projects ‘rollout’ history • Secondary IP concerns • Business unit Practices & Repositories • Varying adherence to Corporate Policy • Exposed IP • Extranet/sharing issues
  • 6. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 6 Challenges “Securing the Data… … loss / theft / corruption” • Today: Data = Dollars • Crime: Cybercrime is simply Crime • News: Success stories need to outweigh breaches • Statistics: At the close
  • 7. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 7 Data-in-Motion Data-at-Rest Data-in-Use Data Types WILDWILDWEST Data Loss Vectors Email Web Post Network IM Chat Desktop/LaptopDatabase Removable Media ScreenPrinter File Share Clipboard
  • 8. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 8 DLP Governance Risk Assessment Compliance Classification Policies Discovery Remediation Awareness DLP Elements
  • 9. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 9 Governance Summary: • Data Governance = confidentiality, integrity and availability of data • Monitor the flow/storage of data in your environment Action: • Develop a governance structure • Define roles & responsibility • Create a communication plan • Create governance metrics Examples: • Centralized vs. De-Centralized • Set up a central site for document storage & communications • Use DLP policies to generate metrics
  • 10. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 10 Risk Assessment Summary: • Identify all data types, threat vectors, and potential business impact • Prioritize ranking of risks and a list of initiatives to mitigate the risk Action: • Execute the RA • Create a detailed action plan • Assign owners to RA results • Formalize a recurring RA plan Examples: • Use asset management tools to catalog assets • Use DLP to identify risk in systems, applications, lines of business, etc.
  • 11. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 11 Compliance Summary: • Sensitive information regulated by governmental and industry statutes • Avoid fines, increased audit costs, embarrassment, or prosecution Action: • Identify governing bodies • Identify statutes • Create a data element mapping • Create compliance metrics Examples: • Monitor PCI data movement both within and outside of the company • Use IT GRC tools to manage compliance
  • 12. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 12 Classification Summary: • Classify data according to its value and risk • Protect classes of data; not individual elements Action: • Gather initial and new data elements • Develop a standard framework • Identify data owners and users • Identify approved data storage systems Examples: • Set up workshops to gather initial data elements • Use DLP data discovery scans to gather new data elements • Catalog locations and move data to approved storage locations
  • 13. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 13 Policies Summary: • Flexible policies that grows with the organization over time • User education on policies, standards, and guidelines Action: • Review existing policies • Create new policies • Socialize polices with users • Evaluate effectiveness Examples: • Educate key stake holders (HR, compliance team, biz units) • Set up a recurring update program to measure policy effectiveness
  • 14. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 14 Discovery Summary: • Find sensitive data in areas you don’t expect it to. • Identify broken process, bad actors, and “data drift” Action: • Create a data discover program • Define data storage type • Define data categories • Define data owners Examples: • Identify “data drift” in “data-at-rest” (file servers, database) • Identify “data drift” in “data-in-use” (local disks on laptops and desktops)
  • 15. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 15 Remediation Summary: • More than fixing the data – look at the people and the process • Remediation is NOT done until root causes are identified and risk is mitigated Action: • Develop data/incident response programs • Perform system/data clean-up • Implement mitigation actions Examples: • Root caused PCI data leakage due to a broken business process • Automatically encrypt all patient data via outbound email traffic
  • 16. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 16 Awareness Summary: • Your employees are a critical line of defense • Embed employee education into your DLP program Action: • Develop a security awareness program for employees • Develop specific data protection training for data owners Examples: • Posters • Webpage with guidelines • Quick situational videos
  • 17. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 17 Approaching the Task Deployment Best Practices • Solid preparation • Understand the data & rules • Be realistic with the project plan • Communication, communication, communication Protecting Data is a Process Problem…
  • 18. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 18 Deployment Best Practices • Scope the hardware appropriately • Get buy-in from key stakeholders early • Evaluate DLP endpoint strategies • Have a realistic test environment so you can see problems early Solid Preparation • Privacy rules differ state by state, country by country • Understand how data is being used in your company before building policies • Understand chain-of-custody implications of collecting evidence in a DLP solution Understand the Data & Rules • You can’t watch everything - prioritize what’s important • Start small and grow your coverage • Know what you need to watch for and what you cannot watch for • Document well and define key statistical performance metrics Be Realistic • Weekly calls (technical level & governance level calls with senior management) • Define departmental champions to help overcome roadblocks • Keep the CISO actively involved • Train downstream – don’t limit it to just security Good Communication
  • 19. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 19 Who? What? When? How? Data Type Risk Level Findings PCI Data Exposed User Ignorance of Policy PII Data Exposed PII data sent, received and stored UNENCRYPTED Intellectual Property Leaks “Confidential” files sent to questionable destinations State Privacy Law Violations Broken business process You cannot protect the data you don’t know about!
  • 20. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 20 Streamline Policies  Fine tune and test policies without interrupting business Define Policy Test Policy Tune Rules Data Analytics Violations Data
  • 21. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 21 Inventory with Metadata Categorization & Classification Remediation Prioritized Discovery Best Practices PCI Data Sensitive IP Encrypt Delete Move
  • 22. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 22 Management ModelProactiveReactive Decentralized Centralized • Complex IP environment • Business driven needs • Small security team Business Flex Dedicated Team Light Coverage Part-Timer • High regulatory requirements • Mature business model • Strong security team • Low regulatory environment • Low business drivers • Small security team • High business drivers • Little management buy-in • Strong security team
  • 23. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 23 What You Learned Today • The 8 Essential DLP Elements • DLP Deployment Best Practices & Examples • Different DLP Management Models Remember … You cannot protect the data you don’t know about! Start small and be realistic about your project plan. Get buy-in from business users early. Protecting data is a process problem.
  • 24. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 24 Resource & Tools • Verizon Data Breach Investigation report: http://www.verizonenterprise.com/DBIR/2013/ • “Implementing and Managing a DLP Solution” Whitepaper http://mcaf.ee/dphvg -> White Papers To find out more about McAfee DLP solution • Public page http://mcaf.ee/dphvg • Regulation link http://www.mcafee.com/data-protection-laws • Data Risk Assessment http://dataprotection.mcafee.com/forms/RiskAssessment • Blogs http://siblog.mcafee.com/category/data-protection • Videos http://www.youtube.com/McafeeDLP • Twitter handle @McAfeeDLP
  • 25. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 25 Questions?
  • 26. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 26 Thank You! Michael Avdeev, michael_avdeev@mcafee.com John Callaghan, jcallaghan@silversky.com