• Like
  • Save

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Data Breaches and Security Rights in SharePoint Webinar

  • 251 views
Published

70% of all security breaches are due to an organization’s own staff. Register for this webinar and find out how not to become a statistic. Security is increasingly becoming a significant challenge, …

70% of all security breaches are due to an organization’s own staff. Register for this webinar and find out how not to become a statistic. Security is increasingly becoming a significant challenge, regarding how ensuring unstructured and semi-structured content is protected, and also the security rights of the individuals within the organization that need to be given or denied rights to organizational assets.

This Concept Searching webinar will focus on all aspects of security in a SharePoint environment, using native SharePoint tools, conceptClassifier for SharePoint, or integrated with your security application. conceptClassifier for SharePoint and conceptClassifier for Office 365 deliver semantic metadata generation, auto-classification, and taxonomy tools integrated natively with the SharePoint Term Store.

How does it work with privacy and confidential content? The products identify unknown security or confidential exposures in real-time from diverse repositories. Identification of not only standard descriptors but also organizationally defined vocabulary can also be identified. Once identified they are routed to a repository and removed from unauthorized access and portability.

Published in Technology
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Be the first to comment
    Be the first to like this
No Downloads

Views

Total Views
251
On SlideShare
0
From Embeds
0
Number of Embeds
4

Actions

Shares
Downloads
0
Comments
0
Likes
0

Embeds 0

No embeds

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
    No notes for slide

Transcript

  • 1. Data Breaches and Security Rights in SharePoint Webinar Don Miller Vice President of Commercial Accounts Concept Searching donm@conceptsearching.com Twitter @conceptsearch Coby Royer Director of Product Management CipherPoint croyer@cipherpoint.com Twitter @CipherPointSW
  • 2. Expert Speakers Coby Royer – Director of Product Management at CipherPoint has experience spanning product development, enterprise architecture and security, cloud computing, Internet security products, financial services, social networking, intellectual property, and software development tools. Coby holds over a dozen US patents for security and financial instruments. Don Miller – Vice President of Sales at Concept Searching has over 20 years’ experience in knowledge management. He is a frequent speaker on records management, and information architecture challenges and solutions, and has been a guest speaker at Taxonomy Boot Camp, and numerous SharePoint events about information organization and records management.
  • 3. Agenda • CipherPoint • Identify, Secure, and Audit access to sensitive and regulated data • On-premises • Cloud file sharing • Collaboration systems • SharePoint Online/Office 365 • Protection from Insider Threat • Concept Searching • Unique Approach • Intelligent Security • Demonstration • Partnership
  • 4. CipherPoint Overview • Founded 2010 • Information centric security at the web tier • HQ in Denver, CO • CONUS for all software development and support • Focus on FedGov, Financial Services and Healthcare • FIPS 140-2 validated crypto • Microsoft Business-Critical SharePoint Program partner • Army Certificate of Networthiness • “Most Innovative Cloud Security Solution for 2014″ awarded by Cyber Defense Magazine
  • 5. Identify. Secure. Audit. CipherPoint: Leader in Data Security
  • 6. Identify. Secure. Audit. CipherPoint: Leader in Data Security • Locate PII, ePHI, PAN, etc. • Patterns (regex), keywords, and phrases • Post-processing to reduce false positives
  • 7. Identify. Secure. Audit. CipherPoint: Leader in Data Security • Data at-rest encryption • Role based access controls • Separation of duties, need to know
  • 8. Identify. Secure. Audit. CipherPoint: Leader in Data Security • Track permitted and denied access • Track changes to security controls • Compliance reporting
  • 9. What Problems Does This Solve? • Compliance (PHIPA, HIPAA HITECH, GLBA, PCI, …) • Audit and Reporting (Who, what, when was data accessed or attempted and denied?) • Protection from Insider Threat • Protect Intellectual Property • Protect Sensitive Documents and Data (Human Resources, Merger and Acquisition, Legal Proceedings) • Enable use of SharePoint and Office 365/SharePoint Online for data you might not otherwise store there • Prevent Loss of Control when storing data in the Cloud
  • 10. 2013 Law Enforcement Data Requests Requests Accounts Disclosures Comments Microsoft 72,279 125,215 79% Google 25,879 42,500 65% 1st half of 2013 Dropbox 367 573 54% Sources: http://www.microsoft.com/about/corporatecitizenship/en-us/reporting/transparency http://www.google.com/transparencyreport/userdatarequests/countries https://www.dropbox.com/transparency
  • 11. Solutions Insider Threat
  • 12. Control of Security by Customers is Critical
  • 13. Key Management • Probably the critical thing to look for, and to make sure the vendor has gotten right • Specialized domain, requires specialized knowledge to balance capability/functionality with usability • Key rotation, key life, multiple key management • Look for solutions that link security and compliance requirements with simple to implement policies
  • 14. CipherPoint Eclipse
  • 15. On-Premises Architecture DB or File System App Server Process CipherPoint Plugin Web Server Process
  • 16. Cloud Architecture CipherPoint Gateway
  • 17. Solutions
  • 18. Solutions
  • 19. Solutions
  • 20. Solutions
  • 21. • Company founded in 2002 • Product launched in 2003 • Focus on management of structured and unstructured information • Technology Platform • Delivered as a web service • Automatic concept identification, content tagging, auto-classification, taxonomy management • Only statistical vendor that can extract conceptual metadata • 2009, 2010, 2011, 2012, 2013, 2014 ‘100 Companies that Matter in KM’ KMWorld and Trend Setting product of 2009, 2010, 2011, 2012, 2013 • Authority to Operate enterprise wide US Air Force and enterprise wide NETCON US Army • Locations: US, UK, and South Africa • Client base: Fortune 500/1000 organizations • Microsoft Business-Critical SharePoint Program partner, Gold Certification in Application Development • Smart Content Framework™ for Information Governance comprising • Five Building Blocks for success • Product Platforms: conceptClassifier for SharePoint, conceptClassifier for Office 365, conceptClassifier, and Concept Searching Technology The Global Leader in Managed Metadata Solutions
  • 22. “Symantec asserted that cybercrime was costing us about $110 billion per year. McAfee stated that cybercrime was instead costing us approximately $1 trillion per year.” The Global Cost of Cyber Security The Hidden Costs of Information Security
  • 23. The Typical Information Security Approach • Many global organizations do not have an information security strategy • You may think your organization is protected – most likely it’s not • The issue is not the security architecture or strategy – it’s the inability to identify potential sensitive information exposures that are unknown • Sensitive information exists in documents, scanned items, faxed items, emails, and could be in any unstructured or semi-structured content • Most exposures are caused by an organization’s own staff • This is costly, damages the brand, and increases organizational risk
  • 24. “88% of security breaches are attributed to negligence.” Wharton Information Security Best Practices The Hidden Costs of Information Security
  • 25. The Intelligent Information Security Approach • The Concept Searching approach is fully customizable and identifies unique or industry standard descriptors • Content is automatically meta-tagged and classified to the appropriate node in the taxonomy • Based upon descriptors, phrases, or keywords from within the content • Once tagged and classified, content can be managed in accordance with regulatory or government guidelines • Proactive identification and protection of unknown privacy exposures before they occur • Monitor in real time organizationally defined vocabulary and descriptors in content as it is created or ingested
  • 26. The Benefits • Reduces organizational costs associated with data exposures, remediation, litigation, and fines and sanctions • Eliminates the risk associated with end user non-compliance issues • Eliminates manual metadata tagging and human inconsistencies that prohibit accurate identification and • Protection of unknown privacy/confidential data assets • Protects an organization by identifying and securing unknown data privacy/confidential information and preventing the portability and electronic transmission of secured assets
  • 27. Metadata driven applications – conceptClassifier for SharePoint platform has been deployed by clients in diverse industries to automatically generate metadata and use that metadata to apply and enforce Information Governance policies Smart Content Framework™ Sum of parts is greater than whole
  • 28. • Concept Searching’s unique statistical concept identification underpins all technologies • Multi-word suggestion is explicitly more valuable than single term suggestion algorithms Concept Searching has a unique approach to ensure success • conceptClassifier will generate conceptual metadata by extracting multi-word terms that identify ‘triple heart bypass’ as a concept as opposed to single keywords • Metadata can be used by any search engine index or any application/process that uses metadata Concept Searching provides Automatic Concept Term Extraction Triple Baseball Three Heart Organ Center Bypass Highway Avoid Unique Approach
  • 29. A Manual Metadata Approach Will Fail 95%+ Of The Time Issue Organizational Impact Inconsistent Less than 50% of content is correctly indexed, meta-tagged or efficiently searchable rendering it unusable to the organization. (IDC) Subjective Highly trained Information Specialists will agree on meta tags between 33% - 50% of the time. (C. Cleverdon) Cumbersome - expensive Average cost of manually tagging one item runs from $4 - $7 per document and does not factor in the accuracy of the meta tags nor the repercussions from mis-tagged content. (Hoovers) Malicious compliance End users select first value in list. (Perspectives on Metadata, Sarah Courier) No perceived value for end user What’s in it for me? End user creates document, does not see value for organization nor risks associated with litigation and non- conformance to policies. What have you seen Metadata will continue to be a problem due to inconsistent human behavior. The answer to consistent metadata is an automated approach that can extract the meaning from content eliminating manual metadata generation yet still providing the ability to manage knowledge assets in alignment with the unique corporate knowledge infrastructure. Manual Approach Leads to Failure
  • 30. • Provides structure to social media applications • Collaboration portals - internal, shared or external • Improves search outcomes by providing insight into content • Groups similar users, concepts, or content together • Manages and reduces the resource overhead to vet all entries • Auto-classification • Concept extraction • Automatically identifies any type of organizationally defined confidential or privacy information • Before it is posted • Routes it to an appropriate repository for disposition • Proactively identify bottlenecks and business process failures • In real time Benefits of conceptClassifier
  • 31. CipherPoint + Concept Searching Classify and Protect • Joint solution • Concept Searching finds sensitive data • CipherPoint protects it • Out-of-the-box integration
  • 32. Demonstration
  • 33. Final Comments • CipherPoint and Concept Searching are industry leaders in their respective fields • CipherPoint identifies, secures, and audits access to sensitive and regulated data in SharePoint, file servers, and Office 365 • Concept Searching provides industry unique automatic semantic metadata generation, auto-classification, and SharePoint Term Store and taxonomy management in on-premise, cloud, or hybrid environments • Together, the comprehensive solution proactively addresses inadvertent security exposures, and provides solutions for organizations that must meet complex requirements for cyber security and regulated data
  • 34. Next Steps For further information and a customized demonstration contact: Don Miller Vice President of Commercial Accounts Concept Searching donm@conceptsearching.com Coby Royer Director of Product Management CipherPoint croyer@cipherpoint.com
  • 35. Please join us for our Next Webinar Solve Records Management Challenges in Weeks Not Years Date: May 29th Time: 11:30am-12:30pm EDT Learn how one of our clients with 72,000 SharePoint site collections, and 5,300 retention codes has eliminated end user tagging for over 80,000 business users. Join Concept Searching and Collabware to earn how to address Records Management challenges in SharePoint or Office 365. conceptClassifier for SharePoint and conceptClassifier for Office 365 work with your existing records management application, to automatically declare and route documents of records, eliminating the need for end user tagging. Simple to deploy and manage. To Register: https://www3.gotomeeting.com/register/756083766
  • 36. Thank You Don Miller Vice President of Commercial Accounts Concept Searching donm@conceptsearching.com Twitter @conceptsearch Coby Royer Director of Product Management CipherPoint croyer@cipherpoint.com Twitter @CipherPointSW