Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Mcafee dyntek


Published on

Published in: Technology
  • Be the first to comment

Mcafee dyntek

  1. 1. McAfee Data Protection©© 2007 McAfee, Inc. 2007 McAfee, Inc.
  2. 2. Agenda • The Problem: Data is Lost or Stolen Everyday! • Securing Data Requires Different Thinking • McAfee’s Data Protection Solution — Introducing Total Protection for Data (ToPS Data) • Summary
  3. 3. The ProblemData is Lost or Stolen Everyday!© 2007 McAfee, Inc.
  4. 4. Data Loss: Next Inevitable Corporate Disaster? Explosive Growth Escalating Privacy Public Embarrassment of Mobile Devices Regulations and Disclosure Cost USB Sold Memory Sticks Units BlackBerry SmartPhone Palm/Treo PocketPC + Laptops Desktops 1995 2000 2005 2010 Data Protection: #1 CISO Priority Today 2007 CISO Survey
  5. 5. Increasing Regulatory Pressure US Government• Growing in number and OMG Initiative (USA) US Senate Bill 1350 Proposed complexity (USA) Data Protection Act (Japan)• Public disclosure is California SB 1386 (USA) Sarbanes- Oxley required in the event of (USA) Government Network data loss Security Act (USA) Gramm-Leach-Bliley• Intellectual property loss (USA) Data Protection Act and theft is also a concern HIPAA (UK) (USA) GISRA Directive on Protection (USA) of Personal Data (EU) Datenschutz (Germany)
  6. 6. Increasing Need for Mobile Access to Data USBExplosive Growth in Mobile Devices Sold Memory Sticks Units• Information and data moving out of corporate perimeter BlackBerry SmartPhone• Storage capacity grows as devices become smaller Palm/Treo PocketPC• Advances in mobile device Laptops technology will continue to produce new and more powerful devices Desktops 1995 2000 2005 2010
  7. 7. Increasing Risk of Information Theft • 19 people a minute become new victims of identity theft due to data breaches1 • During a 3 year period, over 217 million Americans were victims of identity theft or exposure2 • Each data breach costs an average of $6.3 million3 • A typical Fortune 1000 company can’t locate 2% of their PC’s4 • A typical Fortune 1000 financial institution loses 1 laptop a day51. Identity Theft Resource Center, 20072. 2007 Ponmon Institute Cost of Data Breach study3., 4., 5.
  8. 8. Understanding the RiskThe Market Value of Your Sensitive Data $980-$4,900 $147 Trojan to steal Birth certificate account information $490 $98 Credit Card Social Security card Number with PIN $6-$24 $78-$294 Credit card number Billing data $6 $147 PayPal account Drivers license logon and password
  9. 9. The Major Endpoint Threats 1 2 Physical loss or Unauthorized theft of laptops and transfer of data to mobile devices external devices 3 4 Unintentional Privileged users distribution via breach the data e-mail, web, etc. 5 6 Information User applications escapes via print, 7 hacked CD-ROM, DVD, etc. Trojans/key loggers/malware
  10. 10. The Major Endpoint Threats “I’ve seen organizations spend hundreds of millions of dollars on security safeguards that were penetrated by a knowledgeable person with a handheld device.” Bill Boni CSO, Motorola
  11. 11. Securing Data RequiresDifferent Thinking© 2007 McAfee, Inc.
  12. 12. Today’s Security Solution Gap Anti-virus• Most ―information security‖ products don’t actually ―secure information‖ Change/Patch Authentication Management — They are designed to protect Threat networks and servers VPN Detection Anti-virus — They do little to protect the LAN confidentiality and integrity of Clients information Web Filtering Anti-spyware Servers• Information is in constant motion Firewall —making it difficult to lock down
  13. 13. Current Approaches to Security Do Not Protectthe Most Valuable Asset: Your DataSystem-centric view of data protection:Protect the perimeter, one system at a time User Authentication Sensitive Data Access Control
  14. 14. Data Protection Requires Different ThinkingData is not static, so security cannot be static – it must persistwith the data itself. This is Data-Centric Protection. Encryption Strong Authentication Data Loss Prevention Device Control
  15. 15. Throwing Point Tools at the Problem Doesn’t Work! Non-security staff must manage myriad of point High Management security systems. Compounds with changes in Cost personnel and systems No Alignment You are unable to align needs with security to Policy policy requirements Managing the lifecycle of security rules becomes Life Cycle overly complex, increasing infrastructure Vulnerabilities vulnerability Broken Business Businesses processes break as systems go Processes their own way on security Lack of centralized monitoring and auditing Data Loss Risk opens vulnerabilities that could lead to data loss
  16. 16. Data Protection Requires Different Thinking Easy to Lose Easy to Transfer Enticing to Steal $490 $147 ® $98 $147 Cybercrime “Black Market” Value Data must be protected regardless of: Usage Location Device Access
  17. 17. The McAfee SolutionTotal Protection Suite for Data (ToPS Data)© 2007 McAfee, Inc.
  18. 18. The Solution: McAfee Data ProtectionMcAfee Data Loss Prevention McAfee Device ControlFull control and absolute visibility Prevent unauthorized use ofover user behavior removable media devices Data Loss Device Prevention Control Integrated McAfee Total technologies for a Protection™ total data protection for Data solution. Endpoint Encrypted Encryption USBMcAfee Endpoint Encryption McAfee Encrypted USBFull-disk, mobile device, and file Secure, portable externaland folder encryption coupled storage deviceswith strong authentication
  19. 19. McAfee is Your Trusted Advisor Too many vendors, too many use cases, too overwhelming McAfee’s guided, phased deployment path to complete data protection Block Monitor & Encrypt Encrypt Multilayer unauthorized Secure All Laptops mobile data Protection devices Channels ® Data Loss Prevention Device Control Endpoint Encrypted Encryption USB Increasing Protection and Compliance
  20. 20. McAfee Endpoint Encryption You need • Encryption for laptops, desktops, and mobile devices with the flexibility to choose full-disk or file/folder Data Loss Device Prevention Control encryption • Confidence in integrity of sensitive data when a device is lost or stolen • Safe Harbor protection (i.e. Loss of encrypted data = non-event and does not require public disclosure) Endpoint Encrypted Encryption USB McAfee offers • Broad support for laptops, desktops, and mobile devices • Full audit-trails for compliance & auditing needs • Support for multiple strong authentication methods • Certifications: FIPS 140-2, Common Criteria Level 4 (highest level for software products), BITS, CSIA, etc.
  21. 21. McAfee Endpoint EncryptionFull-Disk Encryption .DOC .XLS .APPS Files/APPS Files are in full text and fully viewable 1 1 by the authorized user(s) and application(s) Lorem ipsum dolor sit amet Lorem ipsum dolor sit amet 2 Files are Sectors are Operating 2 System translated assembled into sectors into files Encrypted 3 Sectors are Encryption sectors are 3 Driver encrypted in decrypted in memory #$$%%#%%&& #$$%%#%%&& memory 4 Sectors are Sectors are Hard Disk 4 stored in read from hard disk hard disk
  22. 22. McAfee Endpoint EncryptionFile and Folder Encryption 1• Define policies more granularly than with full-disk encryption 2 Corporate• Full Windows Explorer integration Administrator Directory 3• Automatic encryption and decryption with no performance loss, transparent to users 4 Client Client Client• Protect files and folders on Computer Computer Computer desktops, laptops, and servers 5 File Server Terminal Server
  23. 23. McAfee Endpoint EncryptionMobile Device Encryption• Protect your corporate data assets as your users go mobile• Creates encrypted, protected space on mobile devices to protect sensitive data• Supports multiple strong authentication methods• Renders data on mobile devices in the event of data loss or theft• Encryption policies on your mobile devices all centrally managed
  24. 24. McAfee Data Loss Prevention You need Data Loss • To prevent users from accidentally or maliciously Device Prevention Control leaking sensitive data • Full visibility and control over usage & movement of confidential data • To enable your infrastructure and data to protect itself Endpoint Encrypted Encryption USB McAfee offers Printer Copy & • Protection against accidental leakage via everyday Paste user tasks • Complete spectrum of actionable responses upon detecting loss of confidential data such as — Detailed logging & forensic evidence gathering — Real-time prevention & blocking Monitor Usage — User and administrator notification Print USB — Quarantine of confidential dataScreen Copy
  25. 25. McAfee Data Loss PreventionClassify confidential data Build content-based, reaction rules Monitor sensitive data transfer By location Prevent confidential data from leaving the enterprise By content Notify administrator and end users By file-type Quarantine confidential data By fingerprint Enforce encryption
  26. 26. McAfee Device Control You need • To monitor and allow only authorized devices to Data Loss Device connect to endpoint Prevention Control • Restriction and blocking capabilities of the use of unauthorized devices such as iPods • Enforcement control over what data can be copied onto authorized devices Endpoint Encrypted Encryption USB McAfee offers • Fine-grained control of data and devices — Only allow company-authorized devices ® — Enforce control over what data can be copied to devices FireWire • Policies per user, group or department, i.e. allow CEO to connect any device while other employees can only connect sub-set of devices • Detailed user and device-level logging for auditing and compliance needs
  27. 27. McAfee Device Control• Based on McAfee Data Loss ePO Prevention (DLP) technology Management Console• Complete content-aware, and Device and Policies context-aware device-blocking Data Events capability• Regulate how users copy data to external devices Serial/Parallel Other• Increase productivity and the ability to safely use any USB devices as CD/DVD part of daily work activities WI/IRDA• Ensure control of all external FireWire Bluetooth devices USB
  28. 28. McAfee Encrypted USB You need Data Loss Device Prevention Control • Secure external storage media for your power users • Ability to ensure sensitive data transported via external media is continuously protected Endpoint Encrypted Encryption USB McAfee offers • A range of secure portable storage devices • Strong Access Control and Encryption • Centralized Management • Internal and External Compliance Support
  29. 29. McAfee Encrypted USB• Deploy easily on an enterprise-wide scale• Easily deploy and track devices through a single console• Streamline workflow to save time and money• Leverage Active Directory to match users and devices• Encrypt data on-the-fly• Enable secure data portability
  30. 30. McAfee ePO: Centralized Management andCompliance Support • You need: — Data protection to support compliance efforts for tough global data privacy regulations — Detailed logging and auditing for internal and regulatory compliance needs • McAfee offers:MITS — Detailed auditing and logging to meet the PCI GLBA PIPEDA Sarbanes- Oxley FFIEC DPA EUDPD Solvency II Basel II R-DPL toughest regulationsHIPAA FISMA J-SOX DPA — ―Safe Harbor‖ protection with data CPC encryption Art. 43 — Rich set of policy & reporting templates to DTO-93 DPA CPA SA-PL help comply with regulations
  31. 31. Summary1. There is increasing regulatory pressure to protect data2. Insiders are the biggest threat to your data – and they are increasingly more mobile3. A breach, no matter how big or how small, puts your business at risk4. Which endpoint threats worry you the most?5. Traditional approaches to data security won’t work – you need data-centric security that enables your data and infrastructure to protect itself6. Continuing to use point tools to solve the problem creates inconsistencies in enforcement, can break business processes, and increase operational costs7. McAfee provides you with the comprehensive solution you need to address the risks to your data
  32. 32. Thank You!© 2007 McAfee, Inc.