• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Sophos
 

Sophos

on

  • 1,092 views

 

Statistics

Views

Total Views
1,092
Views on SlideShare
1,090
Embed Views
2

Actions

Likes
0
Downloads
42
Comments
0

1 Embed 2

http://www.slideshare.net 2

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

    Sophos Sophos Presentation Transcript

    • Sophos / Utimaco Data Loss Prevention
      Peter Szendröi, SOPHOS Nordics
      Jan 20, 2010
    • Sophos,Simply Secure
    • Changing security landscape
      Personally identifiable
      information
      Customer
      data
      Intellectual property
      Digital generation set loose
      Information theft – not graffiti
      Firewall
      $
      Complex threats....
      Corporate data
      Mobile workers
      Web-based, Invisible
      Fast changing
      Targeted
      ...targeting commercial data
      Contractors, outsourcing
      Partners, customers
      Web 2.0
      Regulatory disclosure and reputation damage
      PCI-DSS
      HIPAA
      GLBA
      95/46/EC
      CSB 1386
    • Headlines are the tip of the iceberg
      5
      Brand damage
      Loss of customers
      Incremental internal costs
      Direct costs of intellectual property loss
    • How is this data exposed?
      Insider theft accounts for only 5-15% of the data loss
      Most data breaches are accidental
      Only 2.4% were prevented by protective measures (e.g. encryption)
      6
    • What data is at risk?
      Personally identifiable
      information
      Customer
      data
      Intellectual property
      Process Work
      Knowledge Work
      Well-defined responsibilities
      Well-defined workflows
      Dealing with PII
      Risks: - Non-compliance- Criminal prosecution- Brand / reputation damage
      Changing roles / assignments
      Unstructured data
      Company information assets
      Risks: - Competitive damage - Loss of partner trust
      7
    • Conflicting Goals!
      Business challenge
      Challenge of Data Loss Prevention
      8
      Enable productivity, mobility and flexible “web 2.0” working
      Comply with regulation
      Avoid damaging data loss
      but also
      There is no “100% DLP”
    • Simply Secure Data Loss Prevention
      9
    • Four elements of an effective DLP strategy
      Control the user environment by restricting data exit points
      Control devices, applications, email and web usage
      Ensure security policy compliance
      Protect confidential and sensitive information
      Full disk, removable storage and file encryption
      Email encryption
      Prevent leakage of personal identifiable information
      Comprehensive coverage of personally identifiable information types
      Continuously assess, audit, report and enforce on endpoint and gateway
      Classify intellectual property and sensitive business data
      Empower knowledge workers to classify sensitive business data
      Apply classification to existing documents and data sets
      10
    • Control user environment
      11
      Data loss objective:
      Significantly reduce risk by managing what users can do on data exit points
      Sophos solution provides granular control of:
      Storage devices and network interfaces
      Applications
      Web site access
      Continuously monitor user behaviour and enforce security policies
      SophosLabs provide the domain expertise:
      Managed application definitions (P2P, IM, Remote Access)
      Managed web site categories (webmail, social networks, IM)
      Indentify over 150 file formats using “True File Type” technology
    • Protect confidential and sensitive information
      Data loss objective:
      Data encryption is the ultimate data loss insurance policy
      Sophos solution protects data where it is most exposed:
      Laptops
      Removable storage and optical media
      Email
      Server file shares
      Data protection platform:
      Enterprise mangement console and key management
      Integration with Active Directory
      Transparent file and folder encryption
      Audit compliance
      12
    • Prevent leakage of PII
      Data loss objective:
      Tackle the highest risk of regulatory infringement and brand damage
      Sophos solution covers all critical data leakage points:
      Storage, web, email and IM
      Fully integrated into core endpoint and gateway products
      SophosLabs provide the content expertise:
      Over 100 expert definitions of personally identifiable information
      Administrator decides appropriate enforcement action:
      Audit – silent background monitoring of events
      Training – audited end user authorisation
      Enforcement - encrypt or block transfer
      13
    • Classify and protect documents
      Data loss objective:
      Protect high value intellectual property and operations data
      Sophos solution is designed to empower knowledge workers:
      Define classification levels within policy
      Enable end user to tag and classify new documents
      Embed classification within document
      Scan for and classify existing documents using document context
      Enforce policies for classified documents on endpoint and gateway
      Integrated with enterprise encryption solution:
      Leverages existing user identity and permissions
      Provides workable enterprise rights management
      14
    • Sophos Data Loss Prevention
      15
    • Solutions designed to meet a need
      Process Work
      Knowledge Work
      Comply with regulations
      Protect data using full disk encryption
      Prevent leakage of PII from endpoints
      Prevent leakage of PII from email and web gateway
      Data at resting scanning of PII on endpoints
      Protect company assets using encryption and classification.
      Detect leakage of IP via common leak points.
      Classify and protect IP at the point of creation.
      Persistent tagging
      Identify and protect IP using automated classification and data at rest scanning.
      SafeGuard Enterprise
      Enterprise Security and Control
      16
    • SafeGuard Enterprise
      Your key to data protection with encryption
      2. Encrypt laptops, desktops
      1. Consistent policies, mgmt. of keys & certificates
      SafeGuard
      Configuration Protection
      SafeGuard
      FileShare*
      SafeGuard
      Device Encryption
      3. Encrypt removable media
      SafeGuardManagement Center
      4. PC port control & DLP
      SafeGuard
      Data Exchange
      6.Secure network file shares
      SafeGuardPartner Connect
      5. Manage external security products
      (*) Future release
    • Safeguard Mail Gateway overview
      5
      a
      1
      2
      3
      e
      d
      c
      4
      b
      Email Client sends out Email in plain text
      Email Server forwards Email to Content-Filter
      Content-Filter forwards Email to SGMG
      SGMG evaluates Email Security Policy and cryptographically handles the Email accordingly
      SGMG delivers Email to the Recipient
      External Communication Partner sends an encrypted Email
      SGMG identifies encrypted Email and decrypts this Email. The Email is now in plain-text.
      SGMG forwards Email to AV-Scanner
      AV-Scanner checks and forwards the Email to the Email Server
      Email Client receives Email in plain text
    • DLP Implementation Tips
      Senior management sponsorship
      Cross-functional team
      Identify PII data types
      Prioritize risks
      Data security policies
      End-user education
      Warn before blocking
    • Questions?
      20