SlideShare ist ein Scribd-Unternehmen logo
1 von 38
Data Loss Prevention: Protecting Your
Information and Reputation
April 2016
Reza Kopaee, Frank Coburn, Omid Esfandiari - RiskView
Neil Greenberg – Bell Canada
Agenda
Data Loss Prevention Presentation
• Introduction
• RiskView - Threatview
• Conceptual Understanding
• Technical Demo
• Bell Case Study
Suite 281, 3044 Bloor
Street West, Toronto, On,
M8X 2Y8
Trends, News and What’s at Stake
Data Loss Prevention Presentation
64% of data
loss caused by
well-meaning
insiders
50% of
employees
leave with
data
$3.5 million
average cost
of a breach
Legal and
compliance
penalties
A corporate
black eye
Well-meaning Insiders Malicious Insiders Malicious Outsiders
The Faces of Data Loss Prevention
It’s about people.
Data Loss Prevention Presentation
Symantec Solutions Protect What’s Important
Customer Information Company Information
Financials
SSNs and
Government IDs
Medical Records
Credit Card Info
HR Records
Internal Auditing
M&A and Strategy
Intellectual
Property
You need more than technology.
A Non-Transparent Solution
Data Loss Prevention Presentation
Where is my
confidential data?
DISCOVER
How is it
being used?
MONITOR
How do I
prevent loss and theft?
PROTECT
How Data Loss Prevention Works
Data Loss Prevention Presentation
DATA LOSS POLICY
Content
Credit Cards
SSNs
Intellectual
Property
Context
Who?
What?
Where?
Action
Notify
Justify
Encrypt
Prevent
Notification
User
Manager
Security
Escalate
RESPONSEDETECTION
Find it. Fix it.
DLP is About People
Data Loss Prevention Presentation
Action
Detection and
Response
Problem
Betty attempts to
email confidential
employee data
without knowing it
DLP Response
Network: DLP inspects
content and context
for policy match as
email leaves server
Endpoint: DLP
inspects the mail
when user hits “send”
Network: Monitor,
notify user, encrypt or
block
Endpoint: Display pop-
up, justify, block
email, remove content
Result
Help users understand
and justify risk
transparently
Block or encrypt data
in some cases
Betty G. Well Meaning Insider
Asst. HR Manager | Midwestern Insurance Company
SITUATION: Sending sensitive data over email
Symantec Advantage
Detection High-performance
Off Network Coverage Flexible Response
DLP is About People
Data Loss Prevention Presentation
Sanjay V. Well Meaning Insider
Assistant Controller | Manufacturing Company
SITUATION: Copying sensitive data to removable storage devices
ActionProblem
Sanjay copies pre-
released financial data
to removable media
DLP Response
Endpoint agent
analyzes content
based on policies
Monitor, record or
notify
Automatically encrypt
files using SEE
Result
Automatically encrypt
content
Higher visibility into
where data is going
Change users’
behavior
Symantec Advantage
Lightweight agent Trusted devices
Group based policies Automatic encryption
Detection and
Response
DLP is About People
Data Loss Prevention Presentation
ActionProblem
Charles inadvertently
stores source code on
an unprotected share
DLP Response
Network Discover
scan finds the exposed
source code, Data
Insight IDs Charles as
the file owner
Network Protect can:
• Notify Charles
• Encrypt the data
• Move the file
• Apply rights
management
policies
Result
Secure your most
sensitive assets – keep
the malicious outsider
from finding them
Charles N. Well Meaning Insider
Software Developer | Investment Banking Firm
SITUATION: Discovering data “spills” and cleaning them up
Detection and
Response
Symantec Advantage
Broad scan coverage Data owner ID
Encryption Data owner remediation
DLP is About People
Data Loss Prevention Presentation
ActionProblem
Unhappy or departing
employees copy or
share sensitive data
via email or
removable storage
DLP Response
DLP monitors desktop
and network activity
Notify (warn) the user
of their actions
Inform manager,
security and/or HR
Stop the transmission
or copy
Result
Information assets
don’t leave with the
employee
People know they are
being monitored
Mimi L. Malicious Insider
Soon-to-be-former Account Executive | Staffing Firm
SITUATION: Attempting to copy customer records and resumes
Detection and
Response
Symantec Advantage
Continuous coverage on PCs Custom pop-ups
Incident escalation Content removal
Products – Architecture
Symantec Data Loss
Prevention Solution
Symantec Data Loss Prevention Scope
Data Loss Prevention Presentation
Office 365
iOS
Android
Email
Web
FTP
IM
USB
Hard Drives
Removable Storage
Network Shares
Print/Fax
Cloud & Web Apps
File Servers
Exchange, Lotus
SharePoint
Databases
Web Servers
Unified
Management
Symantec Data Loss Prevention Products
Data Loss Prevention Presentation
MANAGEMENT AND REPORTING
Symantec Data Loss Prevention Enforce Platform & IT Analytics
NETWORK ENDPOINT STORAGE CLOUD & MOBILE
Network Monitor
Network Prevent
for Email
Network Prevent
for Web
Endpoint Discover
Endpoint Prevent
Network Discover
Data Insight
Data Insight Self-
Service Portal
Network Protect
Cloud Prevent for
Office 365
Mobile Email
Monitor
Mobile Prevent
Symantec Data Loss Prevention Architecture
Data Loss Prevention Presentation
DMZCorporate LAN
Network Discover - Data Insight -
Network Protect
Enforce - IT Analytics
Endpoint Discover - Endpoint Prevent
SPAN Port or Tap
MTA or Proxy
STORAGE
MANAGEMENT
ENDPOINT
Network Monitor - Network Prevent -
Mobile Monitor - Mobile Prevent
INTERNET
Cloud Prevent for Office 365
NETWORK &
MOBILE
CLOUD
Accuracy – Workflow – Remediation
The Symantec Advantage
Symantec Advantage: Highest Detection Accuracy
Data Loss Prevention Presentation
Described
Content Matching
Indexed Document
Matching
Vector Machine
Learning
Exact Data
Matching
DESCRIBED DATA
Non-indexable data
Lexicons
Data Identifiers
STRUCTURED DATA
CUSTOMER DATA
Customer / Employee
Pricing
Partial row matching
Near perfect accuracy
UNSTRUCTURED DATA
IP
Designs / Source /
Financials
Derivative match
Near perfect accuracy
UNSTRUCTURED DATA
IP
Designs / Source /
Financials
Derivative match
Very High Accuracy
Symantec Advantage: Sophisticated Workflow
90% of DLP is Incident Response
Data Loss Prevention Presentation
Right Automation Resolution, Enforcement, Notification
Right Person Route Incidents to Right Responder
Right Order High Severity of Incidents First
Right Information 5-Second Test
Right Action 1-Click Response
Right Metrics Prove Results to Execs and Auditors
Symantec Advantage: Data Insight
Data Loss Prevention Presentation
Competitive
Trap
Symantec Advantage: Data Insight
Data Loss Prevention Presentation
Competitive
Trap
Symantec Advantage: Data Insight
Data Loss Prevention Presentation
Competitive
Trap
Symantec Advantage: Data Insight
Data Loss Prevention Presentation
Competitive
Trap
Symantec Advantage: Zero-Day Content Detection
Data Loss Prevention Presentation
Competitive
Trap
Symantec Advantage: Zero-Day Content Detection
Data Loss Prevention Presentation
TRAINING
Symantec Advantage: Zero-Day Content Detection
Data Loss Prevention Presentation
TRAINING PROFILE
Symantec Advantage: Zero-Day Content Detection
Symantec Data Loss Prevention First Meeting
TRAINING POLICYPROFILE
Symantec Advantage: Zero-Day Content Detection
Data Loss Prevention Presentation
TRAINING PROFILE POLICY
RE-TRAINING
Methodology – Technology Leadership
Why Symantec DLP?
Symantec Data Loss Prevention Methodology
Data Loss Prevention Presentation
Competitive
Trap
1000
800
600
400
200
0
Risk Reduction Over Time
IncidentsPerWeek
Visibility
Remediation
Notification
Prevention
Why Symantec?
Data Loss Prevention Presentation
8 Consecutive Years of
Technology Leadership
Used by over half of
the Fortune 100
The Global Market
Leader in DLP
Appendix:
Market & Technology
Leadership
Evolution of the DLP Market
20132010
2006 2008 20092007
20142011
Data Loss Prevention Presentation
Symantec is the only 8-time Leader in the Gartner
Magic Quadrant for Data Loss Prevention
Data Loss Prevention Presentation
This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger
research note and should be evaluated in the context of the entire report. The
Gartner report is available upon request from Symantec. Gartner does not
endorse any vendor, product or service depicted in our research publications, and
does not advise technology users to select only those vendors with the highest
ratings. Gartner research publications consist of the opinions of Gartner's
research organization and should not be construed as statements of fact. Gartner
disclaims all warranties, expressed or implied, with respect to this research,
including any warranties of merchantability or fitness for a particular purposed
Source: Gartner, Inc., Magic Quadrant for Content-
Aware Data Loss Prevention, Brian Reed, Neil
Wynne
The Market Leader in Data Loss Prevention
Greater than next three competitors combined
Data Loss Prevention Presentation
Symantec
34.7%
McAfee
15.7%
Websense
9.4%
CA
7.2%
RSA
7.1%
Others
25.9%
Source: Worldwide Data Loss Prevention 2014 – 2018 Forecast And 2013 Vendor Shares, IDC, November 2014
Appendix:
What’s New in Data Loss
Prevention
What’s New in Data Loss Prevention 14
Data Loss Prevention Presentation
Unified
ManagementGreater Control, Simpler Management
Office 365
iOS
Android
Email
Web
FTP
IM
USB
Hard Drives
Removable Storage
Network Shares
Print/Fax
Cloud & Web Apps
File Servers
Exchange, Lotus
SharePoint
Databases
Web Servers
Greater Control, Simpler Management
Data Loss Prevention Presentation
14.0
Endpoint Agent for Mac OS
Enhanced endpoint scalability
Dynamic agent groups
Enhanced agent health status reporting
Expanded endpoint event coverage
Cloud Prevent for Microsoft Office 365
OWA & Outlook.com
Hyperlinks in pop-ups
Windows 8/8.1
Office 2013
Natural Language Processing for
Chinese, Japanese, Korean
HIPAA and Caldicott policy
template updates
Remote Desktop Protocol
(RDP) support
Data Insight Self-Service Portal
Multi-token Exact Data
Matching
Hyper-V & VMware View
Mobile email monitoring for
Android and iOS
Reusable policy rules
Endpoint Indexed Document
Matching
Randomized SSN Data
Identifier
Network monitoring for IPv6
Single-Server Installation
38
THANK YOU
Suite 281, 3044 Bloor
Street West, Toronto, On,
M8X 2Y8
© Symantec DLP Presentation by RISKVIEW

Más contenido relacionado

Was ist angesagt?

Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityThe Open Group SA
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness TrainingDaniel P Wallace
 
Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Iftikhar Ali Iqbal
 
DLP Data leak prevention
DLP Data leak preventionDLP Data leak prevention
DLP Data leak preventionAriel Evans
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptOoXair
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]David Sweigert
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Stephen Cobb
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUlf Mattsson
 
DLP Systems: Models, Architecture and Algorithms
DLP Systems: Models, Architecture and AlgorithmsDLP Systems: Models, Architecture and Algorithms
DLP Systems: Models, Architecture and AlgorithmsLiwei Ren任力偉
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsKrishna Srikanth Manda
 
microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxGenericName6
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewTandhy Simanjuntak
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesSeccuris Inc.
 
Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11Symantec
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتReZa AdineH
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to CybersecurityKrutarth Vasavada
 

Was ist angesagt? (20)

Enterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber SecurityEnterprise Security Architecture for Cyber Security
Enterprise Security Architecture for Cyber Security
 
DLP
DLPDLP
DLP
 
Security Awareness Training
Security Awareness TrainingSecurity Awareness Training
Security Awareness Training
 
Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)Technology Overview - Symantec Data Loss Prevention (DLP)
Technology Overview - Symantec Data Loss Prevention (DLP)
 
DLP Data leak prevention
DLP Data leak preventionDLP Data leak prevention
DLP Data leak prevention
 
IT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.pptIT Security Awareness-v1.7.ppt
IT Security Awareness-v1.7.ppt
 
Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]Overview of the Cyber Kill Chain [TM]
Overview of the Cyber Kill Chain [TM]
 
Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...Cyber Security 101: Training, awareness, strategies for small to medium sized...
Cyber Security 101: Training, awareness, strategies for small to medium sized...
 
Dlp notes
Dlp notesDlp notes
Dlp notes
 
Understanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External ThreatsUnderstanding Your Attack Surface and Detecting & Mitigating External Threats
Understanding Your Attack Surface and Detecting & Mitigating External Threats
 
DLP Systems: Models, Architecture and Algorithms
DLP Systems: Models, Architecture and AlgorithmsDLP Systems: Models, Architecture and Algorithms
DLP Systems: Models, Architecture and Algorithms
 
Cyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionalsCyber Security Awareness Session for Executives and Non-IT professionals
Cyber Security Awareness Session for Executives and Non-IT professionals
 
microsoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptxmicrosoft-cybersecurity-reference-architectures (1).pptx
microsoft-cybersecurity-reference-architectures (1).pptx
 
NIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An OverviewNIST CyberSecurity Framework: An Overview
NIST CyberSecurity Framework: An Overview
 
Cybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for ExecutivesCybersecurity Roadmap Development for Executives
Cybersecurity Roadmap Development for Executives
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective Strategies
 
Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11Symantec Data Loss Prevention 11
Symantec Data Loss Prevention 11
 
Information security
Information securityInformation security
Information security
 
Security operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیتSecurity operations center-SOC Presentation-مرکز عملیات امنیت
Security operations center-SOC Presentation-مرکز عملیات امنیت
 
Introduction to Cybersecurity
Introduction to CybersecurityIntroduction to Cybersecurity
Introduction to Cybersecurity
 

Andere mochten auch

Adapt or Die: The Evolution of Endpoint Security
Adapt or Die: The Evolution of Endpoint SecurityAdapt or Die: The Evolution of Endpoint Security
Adapt or Die: The Evolution of Endpoint SecurityTripwire
 
5 Myths About Data Loss Prevention
5 Myths About Data Loss Prevention5 Myths About Data Loss Prevention
5 Myths About Data Loss PreventionGary Bahadur
 
Redefining Endpoint Security
Redefining Endpoint SecurityRedefining Endpoint Security
Redefining Endpoint SecurityBurak DAYIOGLU
 
Data Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItData Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItMarc Crudgington, MBA
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...Kaspersky
 
NextGen Endpoint Security for Dummies
NextGen Endpoint Security for DummiesNextGen Endpoint Security for Dummies
NextGen Endpoint Security for DummiesAtif Ghauri
 
Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?ThinAir
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?Priyanka Aash
 
Mastering The Fourth Industrial Revolution
Mastering The Fourth Industrial Revolution Mastering The Fourth Industrial Revolution
Mastering The Fourth Industrial Revolution Monty C. M. Metzger
 

Andere mochten auch (10)

Adapt or Die: The Evolution of Endpoint Security
Adapt or Die: The Evolution of Endpoint SecurityAdapt or Die: The Evolution of Endpoint Security
Adapt or Die: The Evolution of Endpoint Security
 
5 Myths About Data Loss Prevention
5 Myths About Data Loss Prevention5 Myths About Data Loss Prevention
5 Myths About Data Loss Prevention
 
Redefining Endpoint Security
Redefining Endpoint SecurityRedefining Endpoint Security
Redefining Endpoint Security
 
Data Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify ItData Security: Why You Need Data Loss Prevention & How to Justify It
Data Security: Why You Need Data Loss Prevention & How to Justify It
 
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
A Buyers Guide to Investing in Endpoint Detection and Response for Enterprise...
 
NextGen Endpoint Security for Dummies
NextGen Endpoint Security for DummiesNextGen Endpoint Security for Dummies
NextGen Endpoint Security for Dummies
 
Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?Insider Threat: How Does Your Security Stack Measure Up?
Insider Threat: How Does Your Security Stack Measure Up?
 
What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?What Is Next-Generation Endpoint Security and Why Do You Need It?
What Is Next-Generation Endpoint Security and Why Do You Need It?
 
Endpoint is not enough
Endpoint is not enoughEndpoint is not enough
Endpoint is not enough
 
Mastering The Fourth Industrial Revolution
Mastering The Fourth Industrial Revolution Mastering The Fourth Industrial Revolution
Mastering The Fourth Industrial Revolution
 

Ähnlich wie Data Loss Prevention

(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...infoLock Technologies
 
Threat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideThreat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideDLT Solutions
 
Dataguise hortonworks insurance_feb25
Dataguise hortonworks insurance_feb25Dataguise hortonworks insurance_feb25
Dataguise hortonworks insurance_feb25Hortonworks
 
dlp-sales-play-sales-customer-deck-2022.pptx
dlp-sales-play-sales-customer-deck-2022.pptxdlp-sales-play-sales-customer-deck-2022.pptx
dlp-sales-play-sales-customer-deck-2022.pptxalex hincapie
 
CIO WaterCooler Focus: GDPR Jasmit Sagoo
CIO WaterCooler Focus: GDPR   Jasmit SagooCIO WaterCooler Focus: GDPR   Jasmit Sagoo
CIO WaterCooler Focus: GDPR Jasmit SagooAndrew Pryor
 
Information security trends and concerns
Information security trends and concernsInformation security trends and concerns
Information security trends and concernsJohn Napier
 
A Survey On Data Leakage Detection
A Survey On Data Leakage DetectionA Survey On Data Leakage Detection
A Survey On Data Leakage DetectionIJERA Editor
 
Emerging Trends in Information Privacy and Security
Emerging Trends in Information Privacy and SecurityEmerging Trends in Information Privacy and Security
Emerging Trends in Information Privacy and SecurityJessica Santamaria
 
Emerging Trends in Information Privacy and Security
Emerging Trends in Information Privacy and SecurityEmerging Trends in Information Privacy and Security
Emerging Trends in Information Privacy and SecurityJessica Santamaria
 
Protecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersProtecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersJack Nichelson
 
Shariyaz abdeen data leakage prevention presentation
Shariyaz abdeen   data leakage prevention presentationShariyaz abdeen   data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentationShariyaz Abdeen
 
The Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionThe Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionDigital Guardian
 

Ähnlich wie Data Loss Prevention (20)

Symantec Data Loss Prevention 9
Symantec Data Loss Prevention 9Symantec Data Loss Prevention 9
Symantec Data Loss Prevention 9
 
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...
 
Threat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the OutsideThreat Ready Data: Protect Data from the Inside and the Outside
Threat Ready Data: Protect Data from the Inside and the Outside
 
BREACHED: Data Centric Security for SAP
BREACHED: Data Centric Security for SAPBREACHED: Data Centric Security for SAP
BREACHED: Data Centric Security for SAP
 
Information Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based ApproachInformation Leakage - A knowledge Based Approach
Information Leakage - A knowledge Based Approach
 
Data Loss During Downsizing
Data Loss During DownsizingData Loss During Downsizing
Data Loss During Downsizing
 
Microsoft 365 Compliance
Microsoft 365 ComplianceMicrosoft 365 Compliance
Microsoft 365 Compliance
 
Dataguise hortonworks insurance_feb25
Dataguise hortonworks insurance_feb25Dataguise hortonworks insurance_feb25
Dataguise hortonworks insurance_feb25
 
dlp-sales-play-sales-customer-deck-2022.pptx
dlp-sales-play-sales-customer-deck-2022.pptxdlp-sales-play-sales-customer-deck-2022.pptx
dlp-sales-play-sales-customer-deck-2022.pptx
 
InDefend-Integrated Data Privacy Offerings
InDefend-Integrated Data Privacy Offerings  InDefend-Integrated Data Privacy Offerings
InDefend-Integrated Data Privacy Offerings
 
CIO WaterCooler Focus: GDPR Jasmit Sagoo
CIO WaterCooler Focus: GDPR   Jasmit SagooCIO WaterCooler Focus: GDPR   Jasmit Sagoo
CIO WaterCooler Focus: GDPR Jasmit Sagoo
 
Information security trends and concerns
Information security trends and concernsInformation security trends and concerns
Information security trends and concerns
 
Spo2 t17
Spo2 t17Spo2 t17
Spo2 t17
 
A Survey On Data Leakage Detection
A Survey On Data Leakage DetectionA Survey On Data Leakage Detection
A Survey On Data Leakage Detection
 
Emerging Trends in Information Privacy and Security
Emerging Trends in Information Privacy and SecurityEmerging Trends in Information Privacy and Security
Emerging Trends in Information Privacy and Security
 
Emerging Trends in Information Privacy and Security
Emerging Trends in Information Privacy and SecurityEmerging Trends in Information Privacy and Security
Emerging Trends in Information Privacy and Security
 
Protecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the BeefeatersProtecting the Crown Jewels – Enlist the Beefeaters
Protecting the Crown Jewels – Enlist the Beefeaters
 
ISACA ISSA Presentation
ISACA ISSA PresentationISACA ISSA Presentation
ISACA ISSA Presentation
 
Shariyaz abdeen data leakage prevention presentation
Shariyaz abdeen   data leakage prevention presentationShariyaz abdeen   data leakage prevention presentation
Shariyaz abdeen data leakage prevention presentation
 
The Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss PreventionThe Definitive Guide to Data Loss Prevention
The Definitive Guide to Data Loss Prevention
 

Último

CXO 2.0 Conference (Event Information Deck | Dec'24-Mar'25)
CXO 2.0 Conference (Event Information Deck | Dec'24-Mar'25)CXO 2.0 Conference (Event Information Deck | Dec'24-Mar'25)
CXO 2.0 Conference (Event Information Deck | Dec'24-Mar'25)CXO 2.0 Conference
 
Bus Eth ch3 ppt.ppt business ethics and corporate social responsibilities ppt
Bus Eth ch3 ppt.ppt business ethics and corporate social responsibilities pptBus Eth ch3 ppt.ppt business ethics and corporate social responsibilities ppt
Bus Eth ch3 ppt.ppt business ethics and corporate social responsibilities pptendeworku
 
NVIDIA's overall business overview Presentation.pptx
NVIDIA's overall business overview Presentation.pptxNVIDIA's overall business overview Presentation.pptx
NVIDIA's overall business overview Presentation.pptxKrutik Rakade
 
pitchdeck ORPC 2019 data info turine.pdf
pitchdeck ORPC 2019 data info turine.pdfpitchdeck ORPC 2019 data info turine.pdf
pitchdeck ORPC 2019 data info turine.pdflebob12
 
HOW TO START EARNING WITH AFFILIATE MARKETING
HOW TO START EARNING WITH AFFILIATE MARKETINGHOW TO START EARNING WITH AFFILIATE MARKETING
HOW TO START EARNING WITH AFFILIATE MARKETINGNATHAN SPEAKS
 
Importance of Commercial Vehicle Insurance.pptx
Importance of Commercial Vehicle Insurance.pptxImportance of Commercial Vehicle Insurance.pptx
Importance of Commercial Vehicle Insurance.pptxBonano Insurance
 
The Smart Bridge Interview now Veranda Learning
The Smart Bridge Interview now Veranda LearningThe Smart Bridge Interview now Veranda Learning
The Smart Bridge Interview now Veranda LearningNaval Singh
 
Reframing Requirements: A Strategic Approach to Requirement Definition, with ...
Reframing Requirements: A Strategic Approach to Requirement Definition, with ...Reframing Requirements: A Strategic Approach to Requirement Definition, with ...
Reframing Requirements: A Strategic Approach to Requirement Definition, with ...Jake Truemper
 
Project Work on Consumer Behavior in Fast Food Restaurants. Their behavior to...
Project Work on Consumer Behavior in Fast Food Restaurants. Their behavior to...Project Work on Consumer Behavior in Fast Food Restaurants. Their behavior to...
Project Work on Consumer Behavior in Fast Food Restaurants. Their behavior to...BilalAhmed717
 
Digital Marketing Training Program skills s
Digital Marketing Training Program skills sDigital Marketing Training Program skills s
Digital Marketing Training Program skills sgodxzyrox
 
A Case Study On SQUARE GROUP Bangladesh.pdf
A Case Study On SQUARE GROUP Bangladesh.pdfA Case Study On SQUARE GROUP Bangladesh.pdf
A Case Study On SQUARE GROUP Bangladesh.pdfmeftaul987
 
Dashboards y paneles - CP Home - Area de Operaciones
Dashboards y paneles - CP Home - Area de OperacionesDashboards y paneles - CP Home - Area de Operaciones
Dashboards y paneles - CP Home - Area de OperacionesLPI ONG
 
0311 National Accounts Online Giving Trends.pdf
0311 National Accounts Online Giving Trends.pdf0311 National Accounts Online Giving Trends.pdf
0311 National Accounts Online Giving Trends.pdfBloomerang
 
PHX Corporate Presentation March 2024 Final
PHX Corporate Presentation March 2024 FinalPHX Corporate Presentation March 2024 Final
PHX Corporate Presentation March 2024 FinalPanhandleOilandGas
 
The Vietnam Believer_Newsletter_Vol.001_Mar12 2024
The Vietnam Believer_Newsletter_Vol.001_Mar12 2024The Vietnam Believer_Newsletter_Vol.001_Mar12 2024
The Vietnam Believer_Newsletter_Vol.001_Mar12 2024believeminhh
 
Meet Raj Shamani: A Trailblazing Entrepreneur
Meet Raj Shamani: A Trailblazing EntrepreneurMeet Raj Shamani: A Trailblazing Entrepreneur
Meet Raj Shamani: A Trailblazing Entrepreneurramya202104
 
EPC Contractors aspects Presentation.pdf
EPC Contractors  aspects Presentation.pdfEPC Contractors  aspects Presentation.pdf
EPC Contractors aspects Presentation.pdfGiuseppe Tommasone
 
We are inviting you on board, to move forward together in the Right Direction
We are inviting you on board, to move forward together in the Right DirectionWe are inviting you on board, to move forward together in the Right Direction
We are inviting you on board, to move forward together in the Right DirectionRight Direction Aero
 
Shravan Kumaran and sanjay kumaran.pdf..
Shravan Kumaran and sanjay kumaran.pdf..Shravan Kumaran and sanjay kumaran.pdf..
Shravan Kumaran and sanjay kumaran.pdf..ranjithapriya2
 

Último (20)

CXO 2.0 Conference (Event Information Deck | Dec'24-Mar'25)
CXO 2.0 Conference (Event Information Deck | Dec'24-Mar'25)CXO 2.0 Conference (Event Information Deck | Dec'24-Mar'25)
CXO 2.0 Conference (Event Information Deck | Dec'24-Mar'25)
 
Bus Eth ch3 ppt.ppt business ethics and corporate social responsibilities ppt
Bus Eth ch3 ppt.ppt business ethics and corporate social responsibilities pptBus Eth ch3 ppt.ppt business ethics and corporate social responsibilities ppt
Bus Eth ch3 ppt.ppt business ethics and corporate social responsibilities ppt
 
WAM Corporate Presentation Mar 12 2024_Video.pdf
WAM Corporate Presentation Mar 12 2024_Video.pdfWAM Corporate Presentation Mar 12 2024_Video.pdf
WAM Corporate Presentation Mar 12 2024_Video.pdf
 
NVIDIA's overall business overview Presentation.pptx
NVIDIA's overall business overview Presentation.pptxNVIDIA's overall business overview Presentation.pptx
NVIDIA's overall business overview Presentation.pptx
 
pitchdeck ORPC 2019 data info turine.pdf
pitchdeck ORPC 2019 data info turine.pdfpitchdeck ORPC 2019 data info turine.pdf
pitchdeck ORPC 2019 data info turine.pdf
 
HOW TO START EARNING WITH AFFILIATE MARKETING
HOW TO START EARNING WITH AFFILIATE MARKETINGHOW TO START EARNING WITH AFFILIATE MARKETING
HOW TO START EARNING WITH AFFILIATE MARKETING
 
Importance of Commercial Vehicle Insurance.pptx
Importance of Commercial Vehicle Insurance.pptxImportance of Commercial Vehicle Insurance.pptx
Importance of Commercial Vehicle Insurance.pptx
 
The Smart Bridge Interview now Veranda Learning
The Smart Bridge Interview now Veranda LearningThe Smart Bridge Interview now Veranda Learning
The Smart Bridge Interview now Veranda Learning
 
Reframing Requirements: A Strategic Approach to Requirement Definition, with ...
Reframing Requirements: A Strategic Approach to Requirement Definition, with ...Reframing Requirements: A Strategic Approach to Requirement Definition, with ...
Reframing Requirements: A Strategic Approach to Requirement Definition, with ...
 
Project Work on Consumer Behavior in Fast Food Restaurants. Their behavior to...
Project Work on Consumer Behavior in Fast Food Restaurants. Their behavior to...Project Work on Consumer Behavior in Fast Food Restaurants. Their behavior to...
Project Work on Consumer Behavior in Fast Food Restaurants. Their behavior to...
 
Digital Marketing Training Program skills s
Digital Marketing Training Program skills sDigital Marketing Training Program skills s
Digital Marketing Training Program skills s
 
A Case Study On SQUARE GROUP Bangladesh.pdf
A Case Study On SQUARE GROUP Bangladesh.pdfA Case Study On SQUARE GROUP Bangladesh.pdf
A Case Study On SQUARE GROUP Bangladesh.pdf
 
Dashboards y paneles - CP Home - Area de Operaciones
Dashboards y paneles - CP Home - Area de OperacionesDashboards y paneles - CP Home - Area de Operaciones
Dashboards y paneles - CP Home - Area de Operaciones
 
0311 National Accounts Online Giving Trends.pdf
0311 National Accounts Online Giving Trends.pdf0311 National Accounts Online Giving Trends.pdf
0311 National Accounts Online Giving Trends.pdf
 
PHX Corporate Presentation March 2024 Final
PHX Corporate Presentation March 2024 FinalPHX Corporate Presentation March 2024 Final
PHX Corporate Presentation March 2024 Final
 
The Vietnam Believer_Newsletter_Vol.001_Mar12 2024
The Vietnam Believer_Newsletter_Vol.001_Mar12 2024The Vietnam Believer_Newsletter_Vol.001_Mar12 2024
The Vietnam Believer_Newsletter_Vol.001_Mar12 2024
 
Meet Raj Shamani: A Trailblazing Entrepreneur
Meet Raj Shamani: A Trailblazing EntrepreneurMeet Raj Shamani: A Trailblazing Entrepreneur
Meet Raj Shamani: A Trailblazing Entrepreneur
 
EPC Contractors aspects Presentation.pdf
EPC Contractors  aspects Presentation.pdfEPC Contractors  aspects Presentation.pdf
EPC Contractors aspects Presentation.pdf
 
We are inviting you on board, to move forward together in the Right Direction
We are inviting you on board, to move forward together in the Right DirectionWe are inviting you on board, to move forward together in the Right Direction
We are inviting you on board, to move forward together in the Right Direction
 
Shravan Kumaran and sanjay kumaran.pdf..
Shravan Kumaran and sanjay kumaran.pdf..Shravan Kumaran and sanjay kumaran.pdf..
Shravan Kumaran and sanjay kumaran.pdf..
 

Data Loss Prevention

  • 1. Data Loss Prevention: Protecting Your Information and Reputation April 2016 Reza Kopaee, Frank Coburn, Omid Esfandiari - RiskView Neil Greenberg – Bell Canada
  • 2. Agenda Data Loss Prevention Presentation • Introduction • RiskView - Threatview • Conceptual Understanding • Technical Demo • Bell Case Study Suite 281, 3044 Bloor Street West, Toronto, On, M8X 2Y8
  • 3. Trends, News and What’s at Stake Data Loss Prevention Presentation 64% of data loss caused by well-meaning insiders 50% of employees leave with data $3.5 million average cost of a breach Legal and compliance penalties A corporate black eye
  • 4. Well-meaning Insiders Malicious Insiders Malicious Outsiders The Faces of Data Loss Prevention It’s about people. Data Loss Prevention Presentation
  • 5. Symantec Solutions Protect What’s Important Customer Information Company Information Financials SSNs and Government IDs Medical Records Credit Card Info HR Records Internal Auditing M&A and Strategy Intellectual Property
  • 6. You need more than technology. A Non-Transparent Solution Data Loss Prevention Presentation Where is my confidential data? DISCOVER How is it being used? MONITOR How do I prevent loss and theft? PROTECT
  • 7. How Data Loss Prevention Works Data Loss Prevention Presentation DATA LOSS POLICY Content Credit Cards SSNs Intellectual Property Context Who? What? Where? Action Notify Justify Encrypt Prevent Notification User Manager Security Escalate RESPONSEDETECTION Find it. Fix it.
  • 8. DLP is About People Data Loss Prevention Presentation Action Detection and Response Problem Betty attempts to email confidential employee data without knowing it DLP Response Network: DLP inspects content and context for policy match as email leaves server Endpoint: DLP inspects the mail when user hits “send” Network: Monitor, notify user, encrypt or block Endpoint: Display pop- up, justify, block email, remove content Result Help users understand and justify risk transparently Block or encrypt data in some cases Betty G. Well Meaning Insider Asst. HR Manager | Midwestern Insurance Company SITUATION: Sending sensitive data over email Symantec Advantage Detection High-performance Off Network Coverage Flexible Response
  • 9. DLP is About People Data Loss Prevention Presentation Sanjay V. Well Meaning Insider Assistant Controller | Manufacturing Company SITUATION: Copying sensitive data to removable storage devices ActionProblem Sanjay copies pre- released financial data to removable media DLP Response Endpoint agent analyzes content based on policies Monitor, record or notify Automatically encrypt files using SEE Result Automatically encrypt content Higher visibility into where data is going Change users’ behavior Symantec Advantage Lightweight agent Trusted devices Group based policies Automatic encryption Detection and Response
  • 10. DLP is About People Data Loss Prevention Presentation ActionProblem Charles inadvertently stores source code on an unprotected share DLP Response Network Discover scan finds the exposed source code, Data Insight IDs Charles as the file owner Network Protect can: • Notify Charles • Encrypt the data • Move the file • Apply rights management policies Result Secure your most sensitive assets – keep the malicious outsider from finding them Charles N. Well Meaning Insider Software Developer | Investment Banking Firm SITUATION: Discovering data “spills” and cleaning them up Detection and Response Symantec Advantage Broad scan coverage Data owner ID Encryption Data owner remediation
  • 11. DLP is About People Data Loss Prevention Presentation ActionProblem Unhappy or departing employees copy or share sensitive data via email or removable storage DLP Response DLP monitors desktop and network activity Notify (warn) the user of their actions Inform manager, security and/or HR Stop the transmission or copy Result Information assets don’t leave with the employee People know they are being monitored Mimi L. Malicious Insider Soon-to-be-former Account Executive | Staffing Firm SITUATION: Attempting to copy customer records and resumes Detection and Response Symantec Advantage Continuous coverage on PCs Custom pop-ups Incident escalation Content removal
  • 12. Products – Architecture Symantec Data Loss Prevention Solution
  • 13. Symantec Data Loss Prevention Scope Data Loss Prevention Presentation Office 365 iOS Android Email Web FTP IM USB Hard Drives Removable Storage Network Shares Print/Fax Cloud & Web Apps File Servers Exchange, Lotus SharePoint Databases Web Servers Unified Management
  • 14. Symantec Data Loss Prevention Products Data Loss Prevention Presentation MANAGEMENT AND REPORTING Symantec Data Loss Prevention Enforce Platform & IT Analytics NETWORK ENDPOINT STORAGE CLOUD & MOBILE Network Monitor Network Prevent for Email Network Prevent for Web Endpoint Discover Endpoint Prevent Network Discover Data Insight Data Insight Self- Service Portal Network Protect Cloud Prevent for Office 365 Mobile Email Monitor Mobile Prevent
  • 15. Symantec Data Loss Prevention Architecture Data Loss Prevention Presentation DMZCorporate LAN Network Discover - Data Insight - Network Protect Enforce - IT Analytics Endpoint Discover - Endpoint Prevent SPAN Port or Tap MTA or Proxy STORAGE MANAGEMENT ENDPOINT Network Monitor - Network Prevent - Mobile Monitor - Mobile Prevent INTERNET Cloud Prevent for Office 365 NETWORK & MOBILE CLOUD
  • 16. Accuracy – Workflow – Remediation The Symantec Advantage
  • 17. Symantec Advantage: Highest Detection Accuracy Data Loss Prevention Presentation Described Content Matching Indexed Document Matching Vector Machine Learning Exact Data Matching DESCRIBED DATA Non-indexable data Lexicons Data Identifiers STRUCTURED DATA CUSTOMER DATA Customer / Employee Pricing Partial row matching Near perfect accuracy UNSTRUCTURED DATA IP Designs / Source / Financials Derivative match Near perfect accuracy UNSTRUCTURED DATA IP Designs / Source / Financials Derivative match Very High Accuracy
  • 18. Symantec Advantage: Sophisticated Workflow 90% of DLP is Incident Response Data Loss Prevention Presentation Right Automation Resolution, Enforcement, Notification Right Person Route Incidents to Right Responder Right Order High Severity of Incidents First Right Information 5-Second Test Right Action 1-Click Response Right Metrics Prove Results to Execs and Auditors
  • 19. Symantec Advantage: Data Insight Data Loss Prevention Presentation Competitive Trap
  • 20. Symantec Advantage: Data Insight Data Loss Prevention Presentation Competitive Trap
  • 21. Symantec Advantage: Data Insight Data Loss Prevention Presentation Competitive Trap
  • 22. Symantec Advantage: Data Insight Data Loss Prevention Presentation Competitive Trap
  • 23. Symantec Advantage: Zero-Day Content Detection Data Loss Prevention Presentation Competitive Trap
  • 24. Symantec Advantage: Zero-Day Content Detection Data Loss Prevention Presentation TRAINING
  • 25. Symantec Advantage: Zero-Day Content Detection Data Loss Prevention Presentation TRAINING PROFILE
  • 26. Symantec Advantage: Zero-Day Content Detection Symantec Data Loss Prevention First Meeting TRAINING POLICYPROFILE
  • 27. Symantec Advantage: Zero-Day Content Detection Data Loss Prevention Presentation TRAINING PROFILE POLICY RE-TRAINING
  • 28. Methodology – Technology Leadership Why Symantec DLP?
  • 29. Symantec Data Loss Prevention Methodology Data Loss Prevention Presentation Competitive Trap 1000 800 600 400 200 0 Risk Reduction Over Time IncidentsPerWeek Visibility Remediation Notification Prevention
  • 30. Why Symantec? Data Loss Prevention Presentation 8 Consecutive Years of Technology Leadership Used by over half of the Fortune 100 The Global Market Leader in DLP
  • 32. Evolution of the DLP Market 20132010 2006 2008 20092007 20142011 Data Loss Prevention Presentation
  • 33. Symantec is the only 8-time Leader in the Gartner Magic Quadrant for Data Loss Prevention Data Loss Prevention Presentation This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Symantec. Gartner does not endorse any vendor, product or service depicted in our research publications, and does not advise technology users to select only those vendors with the highest ratings. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purposed Source: Gartner, Inc., Magic Quadrant for Content- Aware Data Loss Prevention, Brian Reed, Neil Wynne
  • 34. The Market Leader in Data Loss Prevention Greater than next three competitors combined Data Loss Prevention Presentation Symantec 34.7% McAfee 15.7% Websense 9.4% CA 7.2% RSA 7.1% Others 25.9% Source: Worldwide Data Loss Prevention 2014 – 2018 Forecast And 2013 Vendor Shares, IDC, November 2014
  • 35. Appendix: What’s New in Data Loss Prevention
  • 36. What’s New in Data Loss Prevention 14 Data Loss Prevention Presentation Unified ManagementGreater Control, Simpler Management Office 365 iOS Android Email Web FTP IM USB Hard Drives Removable Storage Network Shares Print/Fax Cloud & Web Apps File Servers Exchange, Lotus SharePoint Databases Web Servers
  • 37. Greater Control, Simpler Management Data Loss Prevention Presentation 14.0 Endpoint Agent for Mac OS Enhanced endpoint scalability Dynamic agent groups Enhanced agent health status reporting Expanded endpoint event coverage Cloud Prevent for Microsoft Office 365 OWA & Outlook.com Hyperlinks in pop-ups Windows 8/8.1 Office 2013 Natural Language Processing for Chinese, Japanese, Korean HIPAA and Caldicott policy template updates Remote Desktop Protocol (RDP) support Data Insight Self-Service Portal Multi-token Exact Data Matching Hyper-V & VMware View Mobile email monitoring for Android and iOS Reusable policy rules Endpoint Indexed Document Matching Randomized SSN Data Identifier Network monitoring for IPv6 Single-Server Installation
  • 38. 38 THANK YOU Suite 281, 3044 Bloor Street West, Toronto, On, M8X 2Y8 © Symantec DLP Presentation by RISKVIEW