Ssi Data Protection Solutions V0.2


Published on

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Ssi Data Protection Solutions V0.2

  1. 1. SSI Data Protection Solutions O:99 Staff FoldersolaSSI CorpSSI Data Protection Solutions v0.1.ppt
  2. 2. SSI Security Software International Content 1. Understanding Data Protection 2. What is Data Leakage Prevention? 3. How SSI can help – Protecting Data throughout its cycle - SSI Capabilities & Solutions 4. Summary – Partnerships - Contacts
  3. 3. SSI Security Software International Understanding Data Protection Did you know? The impact of security breaches on well Established brands in recent years has resulted in huge financial losses, meaning:  IP losses of $4.6B worldwide in 2008  Data losses worldwide reportedly topped $1 trillion in 2008  Two in three Australian organizations experienced a serious data breach in the last twelve months  Over 900 flash drives collected by dry cleaner in ANZ in 2008  12000 laptops/week lost in US airports Sources:  January 2009 MacAfee findings for Davos World Economic Forum  
  4. 4. SSI Security Software International What is Data Leakage Prevention? • Data Leakage Prevention (DLP) is a computer security term referring to systems that identify, monitor, and protect data in use (e.g., endpoint actions), data in motion (e.g., network actions), and data at rest (e.g., data storage). • Regulatory compliance - Data Mandatory Disclosure Law HIPAA in health and benefits, GLBA and BASEL II in finance Payment Card Industry DSS standards. In the US, UK and EU Data Mandatory Disclosure Law required an organization to inform their customers of any loss of their personal information. The right to data privacy is heavily regulated and rigidly enforced particularly in Europe. However, as we speak, the Australian Law Reform Commission is looking at some 300 changes to Federal privacy laws, which includes data disclosure.
  5. 5. SSI Security Software International Data Leakage - compelling examples • 2007 NAB Melbourne: 598 names and account numbers of 397 people sent to wrong addresses. • 2007 HSBC Sydney: More than 100 HSBC Australian customers had their banking details, names and home addresses as well as other personal financial information exposed. • In 2008, an Australian Pharmaceutical Company was getting complaints of adverse patient reactions from geography they had minuscule sales. Counterfeit drugs were being manufactured and sold in that geography under the same brand name. Sources  Information Age October/November 2009
  6. 6. SSI Security Software International Data Leakage Prevention – It does not apply to me! Very few organizations take into account the threat from the average employee leaking data. Denial kicks in and “it does not apply to me”, becomes the preferred answer. Well consider these 2 questions: 1. Assuming that most of your employees in your organization including yourself use laptops and/or PDAs, what kind of data is stored on these and what is its value? 2. How do you monitor what users are doing with sensitive data and how do you control what users can install or introduce onto their computers, for example iPod, iPhone or USB devices?
  7. 7. SSI Security Software International How SSI can help Data Leakage will become an ever-larger concern, especially with the increasing use of mobile technologies. Many countries have introduced strict disclosure laws, or will soon do so. Then ask yourself this question, are you ready for it? At SSI, we are passionate about sharing our experience and expertise by helping businesses better understand and address:  What data is most sensitive to their business and where it resides?  What are the origin and nature of their risks?  How to select the appropriate controls based on policy and risk?  How to manage security centrally?  How to conduct audit security to constantly improve?
  8. 8. SSI Security Software International Protecting Data throughout its Cycle E-Card Servers Personalization Archiving Document Workstations Management Data in Data at Use Rest Laptops E-Payment Smartphones / PDA E-Business Processes Data in Motion USB Device E-Mail Firewire-Device CD/DVD
  9. 9. SSI Security Software International Data Protection CryptoServer-HSM PCI Compliance Products Network Access Control (NAC) Full Disk Encryption (FDE) Encryption Devices-Enterprise USB Policy Management Data Leakage Prevention (DLP) Solutions Data Protection Lifecycle / Support Consulting Services Quality Assurance Implementation Project Management Solution Architecture Design Audit/Assessment
  10. 10. SSI Security Software International SSI Data Protection Solutions SSI advise on the following full suite of Enterprise Data Protection Solutions:  PCI DSS Compliance (Policy development & implementation to ensure secure management of credit card data and network access control).  Full disk encryption (FDE), device encryption-hardware encrypted USB flash drives - FIPS 140-2 Level 3  Managed Service Policies covering: who can use drives, how drives can be used and how the data on drives is protected.  Network Access Control (NAC)  Highest level of data and business processes security with a tamper-resistant Hardware Security Module (HSM) - FIPS 140-2 Level 4
  11. 11. SSI Security Software International Data Protection Application Control SSI Solutions Device Anti-Malware Control DLP NAC Encryption
  12. 12. SSI Security Software International Summary Remember Today organizations must underscore the importance of security on the company’s reputation. But after all, by marketing your Data-IP Protection, don’t you think it will help your organizations to find new business? “According to Bank of America, they have successfully managed itself as a bank that values its clients privacy and security. They have come up with innovative ways to increase revenue through consumer security such as offering two factors authentication tokens for a small fee. For companies in such Industries data protection is an absolute necessity just for both their internal users and their customers.’ Sources: Information Age October/November 2009
  13. 13. SSI Security Software International
  14. 14. SSI Security Software International SSI Pacific New Zealand Level 16, Vodafone on the Quay 157 Lambton Quay, Wellington 6140 SSI Pacific Australia New Zealand SSI Pacific Hong Kong Level 27, 101 Collins Street Tel: + (64) 4 460 5263 Levels 25 & 30, Bank of China Melbourne, VIC Fax: + (64) 4 460 5252 Tower Tel: + (61) 3 9 653 9163 1 Garden Road, CENTRAL Fax: + (61) 3 9 653 9307 Hong Kong, China Tel: +852 (2251) 8795 Fax: +852 (2251) 1618