Data Protection Presentation


Published on

If you missed last week's IT security webinar with Andrew Fry of IBM and James Turner of IBRS, you can now review their slides.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • No, not this cloud
  • Law of very large numbers – given the number of computer rooms and servers around the place; it’s likely that something will go wrong somewhere.
  • Price? Subscription? OTC? Rollout?
  • Data Protection Presentation

    1. 1. LIVE WEBINAR Data Protection: Safeguarding your business today & tomorrow Wednesday, November 25, 2009 12:30 PM - 1:30 PM (AEDST), Sydney Australia Conference Number: Australia: 1800 098 754 New Zealand: 0800 447 860 Your conference ID #: 42727822
    2. 2. Current issues in information security, and the value of data James Turner Advisor
    3. 3. Presentation outline <ul><li>About IBRS </li></ul><ul><li>Analysis of current issues </li></ul><ul><ul><li>Data Loss Prevention </li></ul></ul><ul><ul><li>Mobility of workers </li></ul></ul><ul><ul><li>The cloud </li></ul></ul>What is the common thread? “ Colour Beginning” J.(M.W.) Turner
    4. 4. Our advisors IBRS is an Australian company providing timely advice, insightful judgement, and thorough research to benefit IT and business managers in Australasian organisations. Dr Kevin McIsaac Terry Dargan Dr Colin Boswell Joseph Sweeney James Turner Alan Hansell Rob Mackinnon Guy Cranswick Irene Pimentel Brian Bowman Jorn Bettin Peter Hind
    5. 5. <ul><li>We’re focussing on: </li></ul><ul><ul><li>Confidentiality </li></ul></ul><ul><ul><ul><li>Defend </li></ul></ul></ul><ul><ul><li>Availability </li></ul></ul><ul><ul><ul><li>Recover </li></ul></ul></ul>The CIA triad Confidentiality Integrity Availability Your sensitive data needs all 3 attributes
    6. 6. <ul><li>Data Loss Prevention </li></ul><ul><li>Mobility of workers </li></ul><ul><li>The cloud </li></ul>The issues and trends
    7. 7. <ul><li>Licensing – complex (immature) </li></ul><ul><li>More resources </li></ul><ul><ul><li>False alerts and </li></ul></ul><ul><ul><li>genuine alerts </li></ul></ul><ul><li>Can be useful for audit </li></ul><ul><li>Really poorly named! </li></ul>Data Loss Prevention &quot;The scream&quot; Edvard Munch Business cases based on fear of public disclosure
    8. 8. <ul><li>Lots of people, using lots of devices, to do lots of stuff, to lots of data, on lots of systems </li></ul><ul><li>Complexity is driven by diversity (multiformity) </li></ul><ul><ul><li>Complexity is not your friend </li></ul></ul>Mobility of workers Virtualisation is the market response to rampant multiformity The PED trilemma Source: &quot; Portable electronic devices ( PEDs ): a frog close to the boil &quot;, IBRS, February 2008
    9. 9. The cloud <ul><li>The Cloud </li></ul>
    10. 10. <ul><li>Adoption: </li></ul><ul><ul><li>Yes </li></ul></ul><ul><ul><li>No </li></ul></ul><ul><ul><li>Maybe </li></ul></ul><ul><ul><li>It depends </li></ul></ul><ul><li>Resilience, and the location of the data </li></ul>The cloud Big migrations will make the news, because they are the exceptions &quot;Clouds&quot; John Constable
    11. 11. The value of the data <ul><li>These 3 threads all have the data as their core issue. Clearly the data is paramount! </li></ul><ul><ul><li>Data Loss Prevention </li></ul></ul><ul><ul><ul><li>Endpoint encryption E.g. Client USB key lost on main street </li></ul></ul></ul><ul><ul><li>Mobility of employees and data </li></ul></ul><ul><ul><ul><li>Availability of data to roaming employees </li></ul></ul></ul><ul><ul><li>Resilience/Availability </li></ul></ul><ul><ul><ul><li>E.g. Flooded computer room from faulty aircon </li></ul></ul></ul>
    12. 12. Incident response lifecycle Mitigate risks Backup important data Restore Life is too short to only learn from your own mistakes
    13. 13. Current issues in information security, and the value of data James Turner Advisor
    14. 14. Andrew Fry Business Unit Executive Business Continuity & Resiliency Services, IBM Global Technology Services
    15. 15. Data Security Services – Endpoint Data Protection PGP Corporation Encryption Software and Support Benefits <ul><li>Help protect business data in transit and at rest—even beyond the enterprise network </li></ul><ul><li>Designed to protect sensitive data on endpoint devices—including laptops, hand-helds, and removable storage devices—against unauthorised exposure </li></ul><ul><li>Reduces the need for in-house security experts with IBM 24x7x365 support and professional services </li></ul>What does PGP Encryption do? <ul><ul><li>Full disk encryption to protect data even when a device is lost or stolen </li></ul></ul><ul><ul><li>Selective file or folder encryption to protect data during use </li></ul></ul><ul><ul><li>Control over and protection of data on removable storage devices </li></ul></ul><ul><ul><li>Identification of sensitive data and monitoring of usage </li></ul></ul><ul><ul><li>Policy engine to enforce corporate policies on endpoint devices </li></ul></ul>
    16. 16. PGP Encryption – Example Company: A mining and exploration company operating in a highly competitive and volatile market. Problem: Suffered from leakage of sensitive corporate data as a result of stolen employee’s laptop. Solution: Security specialists from IBM ISS implemented a PGP® Whole Disk Encryption solution to protect sensitive corporate data on desktops, laptops and removable media. Benefits: 1) Peace of mind that sensitive data is constantly protected from unauthorised access, providing strong security for intellectual property and reduced competitive risk 2) Data is protected without changing the user experience 3) Reduced operational costs by centrally automating encryption policies
    17. 17. Data Backup and Restoration services Cloud delivered, fully managed service Disk, tape and virtual tape-based backup and recovery for data centres, and remote sites Protect the core: Onsite and Remote data protection Scalable on-demand services architecture Disk-based backup and recovery for Desktops and laptops Protect the edge: Fastprotect Online <ul><li>Managed service including scalable hardware, software, monitoring, management and reporting </li></ul><ul><li>Near 100% backup success rate in 24hr period </li></ul><ul><li>Usage based, monthly fee (pay as you go) </li></ul>
    18. 18. <ul><li>A managed service that automatically protects business critical data servers </li></ul>Remote Data Protection Automatic, reliable protection for your critical data that can be restored virtually anywhere, anytime
    19. 19. <ul><li>Fully Managed backup service </li></ul><ul><li>Internet / Private network </li></ul><ul><li>Customer network </li></ul><ul><li>Virtual Server Recovery </li></ul>A Better way to recover data and server infrastructure Combine Data backup via cloud, and virtualised disaster recovery servers IBM Recovery Centre
    20. 20. Server and Data recovery - Example Company: Financial services firm, servicing mid-size organisations in Australia Problem: Business demanded faster recovery times and assurance that data was being protected every day across distributed sites, and all within existing budget. Solution: Implemented IBM Remote Data Protection to backup critical server data to secure IBM facility, on a pay-as-you-go service. IBM coupled the backup service with IBM Virtual Server recovery to provide complete offsite server and data recovery solution, for a shared price point. Benefits: 1) Client achieved vastly improved recovery times, without needing to invest in expensive dedicated infrastructure 2) Daily reports confirming critical data is securely backed up 3) Storage capacity scales up/down based on usage (opex model)
    21. 21. Data Protection Services Avoid data loss or leakage, and have a plan for recovery Mitigate risks Backup important data Restore
    22. 22. THANK YOU