Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
DRM to p0wn NSA in a few easy steps Dan Gheorghe, Software Engineer docTrackr.com
ARE YOU IN CONTROL OF YOUR DATA?
Today’s Trend/Reality in the Cloud Users Usage
Download Documents Email SYNC WITH OTHER SYSTEMS
DLP – an answer ? CATEGORIES OF DLP •  NETWORK AKA DATA IN MOTION •  STORAGE AKA DATA AT REST •  ENDPOINT AKA DATA IN USE
… NOT REALLY 1.  IT’S CUMBERSOME FOR END USERS 2. NOT DESIGNED FOR COLABORATION 3. COMPLEX ENTREPRISE-WIDE DEPLOYMENT 4. ...
DLP IS TRANSMISSION CONTROL NOT DESIGNED TO ALLOW SECURED DATA SHARING AND COLLABORATION WHILE PREVENTING DOCUMENT LEAKAGE...
Passwords ? •  Password security which uses RC4 128bit encryption or 128-bit AES Adobe 8 Generation technology •  Pu...
WE NEED A NEW APPROACH “How can we assure that only authorized people read classified data?” “How can we assure the rec...
DATA CENTRIC PROTECTION If we cannot protect the data, why not let the data protect itself?
Information Rights Management Security Control
Information Rights Management as a Service
How does it work? 3/ The server monitors who can access the file and how." 1/ You create your document as usual" 2/ Sen...
Once your recipient gets it"
Once your recipient gets it" Adobe PDF Reader" He opens it with his or her usual tools" Microsoft Office"
1/ Checks if it’s the right version" Adobe PDF Reader" Microsoft Office"
1/ Checks if it’s the right version" 2/ If the recipient has permission" Adobe PDF Reader" Microsoft Office"
‣ Revocation ‣ Cut/Paste ‣ Edit ‣ Print ‣ ..." Adobe PDF Reader" 1/ Checks if it’s the right version" 2/ If the recipien...
‣ Revocation ‣ Cut/Paste ‣ Edit ‣ Print ‣ ..." Adobe PDF Reader" 1/ Checks if it’s the right version" 2/ If the recipien...
‣ Revocation ‣ Cut/Paste ‣ Edit ‣ Print ‣ ..." Adobe PDF Reader" 1/ Checks if it’s the right version" 2/ If the recipien...
docTrackr A new approach to IRM
docTrackr + " Security Analytics Adobe & Microsoft based encryption Extended audit trail & files statistics Automatic...
docTrackr for Gmail Secure your document attachments on the fly http://bit.ly/1bJceQp
dan@doctrackr.com
DefCamp 2013 - DRM To Pown NSA in Few Easy Steps
DefCamp 2013 - DRM To Pown NSA in Few Easy Steps
DefCamp 2013 - DRM To Pown NSA in Few Easy Steps
DefCamp 2013 - DRM To Pown NSA in Few Easy Steps
Upcoming SlideShare
Loading in …5
×

DefCamp 2013 - DRM To Pown NSA in Few Easy Steps

861 views

Published on

Published in: Technology
no profile picture user

  • Be the first to comment

  • Be the first to like this

DefCamp 2013 - DRM To Pown NSA in Few Easy Steps

  1. 1. DRM to p0wn NSA in a few easy steps Dan Gheorghe, Software Engineer docTrackr.com
  2. 2. ARE YOU IN CONTROL OF YOUR DATA?
  3. 3. Today’s Trend/Reality in the Cloud Users Usage
  4. 4. Download Documents Email SYNC WITH OTHER SYSTEMS
  5. 5. DLP – an answer ? CATEGORIES OF DLP •  NETWORK AKA DATA IN MOTION •  STORAGE AKA DATA AT REST •  ENDPOINT AKA DATA IN USE
  6. 6. … NOT REALLY 1.  IT’S CUMBERSOME FOR END USERS 2. NOT DESIGNED FOR COLABORATION 3. COMPLEX ENTREPRISE-WIDE DEPLOYMENT 4. NOT 100% RELIABLE (FALSE POSITIVES)
  7. 7. DLP IS TRANSMISSION CONTROL NOT DESIGNED TO ALLOW SECURED DATA SHARING AND COLLABORATION WHILE PREVENTING DOCUMENT LEAKAGE WHAT HAPPENS BEYOND ENTREPRISE BOUNDARIES?
  8. 8. Passwords ? •  Password security which uses RC4 128bit encryption or 128-bit AES Adobe 8 Generation technology •  Public Key Infrastructure (PKI) encryption
  9. 9. WE NEED A NEW APPROACH “How can we assure that only authorized people read classified data?” “How can we assure the recipients do not share unauthorized data ” “How can we guarantee that data is not manipulated, unintentionally or fraudulently?”
  10. 10. DATA CENTRIC PROTECTION If we cannot protect the data, why not let the data protect itself?
  11. 11. Information Rights Management Security Control
  12. 12. Information Rights Management as a Service
  13. 13. How does it work? 3/ The server monitors who can access the file and how." 1/ You create your document as usual" 2/ Send it through a protection engine" And in 3 clicks you’ve got a doc ready to share securely!"
  14. 14. Once your recipient gets it"
  15. 15. Once your recipient gets it" Adobe PDF Reader" He opens it with his or her usual tools" Microsoft Office"
  16. 16. 1/ Checks if it’s the right version" Adobe PDF Reader" Microsoft Office"
  17. 17. 1/ Checks if it’s the right version" 2/ If the recipient has permission" Adobe PDF Reader" Microsoft Office"
  18. 18. ‣ Revocation ‣ Cut/Paste ‣ Edit ‣ Print ‣ ..." Adobe PDF Reader" 1/ Checks if it’s the right version" 2/ If the recipient has permission" 3/ And if yes, what he can do." Microsoft Office"
  19. 19. ‣ Revocation ‣ Cut/Paste ‣ Edit ‣ Print ‣ ..." Adobe PDF Reader" 1/ Checks if it’s the right version" 2/ If the recipient has permission" 3/ And if yes, what he can do." Microsoft Office"
  20. 20. ‣ Revocation ‣ Cut/Paste ‣ Edit ‣ Print ‣ ..." Adobe PDF Reader" 1/ Checks if it’s the right version" 2/ If the recipient has permission" 3/ And if yes, what he can do." Microsoft Office"
  21. 21. docTrackr A new approach to IRM
  22. 22. docTrackr + " Security Analytics Adobe & Microsoft based encryption Extended audit trail & files statistics Automatic Mirroring " of changes No install Bridge on-premise privacy & cloud needs
  23. 23. docTrackr for Gmail Secure your document attachments on the fly http://bit.ly/1bJceQp
  24. 24. dan@doctrackr.com

×