6. Sensitive Information Assets
•Applications
-Standard
•Documents -Custom
• Database Tables
Asset Discovery is a Foundational Capability.
Dreamforce 2012 6
7. SaaS Information Asset Classification
• PII
• PCI
Data Classification
Force.com Apex agents
• Context-based: DLP-Lite
• Content Inspection: Traditional DLP
Dreamforce 2012 7
8. SaaS Information Asset Classification: Context-
Based
Identifies data owners based on activity streams
Enables Data Classification based on sensitivity of owner roles
Dreamforce 2012 8
9. Polling Question
Which sensitive data do you have in the Cloud?
•PCI – Credit card data
•PII/EU DP privacy-related
•HIPAA – Health Care
•FERPA - Education
•Other Company Sensitive
Dreamforce 2012 9
16. PLAYING DEFENSE
Best Practices/Solutions
Presentation Identifier Goes Here 1
17. Data Classification
Content-Based Classification
Context-based Classification
Multiple Deployment Models
Agents as Salesforce Apps
Activity Monitoring
Cloud Security Brokers
Presentation Identifier Goes Here 1
18. User Management
User Provisioning/De-Provisioning
Access Control
Context-aware e.g. location-based, data sensitvity-aware
Strong Authentication
Presentation Identifier Goes Here 1
19. Configuration Assessment
Permissions
Applications, Users, Roles/Profiles
Configuration Change Assessments
Did someone’s permission to sensitive data increase “unusually”?
Applications
Which apps, What data, What users, What external services?
Presentation Identifier Goes Here 1
20. Encryption/Tokenization
Geo-Residency and Privacy Requirements
Defense in Depth
Encryption
Key Management
Impact on hosted application
Network Deployment Model
Cloud Security Brokers
Dreamforce 2012 2
22. Solution Architecture: Extending Out From The Security Ops
Cloud
Enterprise Security
End User
Brokers
Control Asset Compliance
Assessment View
SFDC Config
Checks
Information
DLP Classification View Security &
Remediation DLP Agent Content & Compliance
Agent(APEX) (APEX) Context Admin
SFDC SFDC
API API
Activity-based
Remediation Asset Feed Asset Metadata FeedActivity Feed SIEM/DI Threat detection
SFDC Security Ops
Asset Asset Activity Asset Feeds Collector
Remediation
Discovery Classification Log
API Orchestration
Dreamforce 2012 2
23. Polling Question
Which Security Solutions are you using today?
•Data Classification
•User Provisioning and Access Management
•Encryption/Tokenization
•Configuration Assessment
•Activity Monitoring
Dreamforce 2012 2