Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved.
Best Practices for Implementing
Data Loss Prevention (DLP)
...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 2
Welcome!
• Type in questions using the Ask A Question but...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 3
Today’s Speakers
Michael Avdeev
DLP Enterprise Solution A...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 4
Motivations
“A world of needs…
… essential considerations...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 5
Considerations
“The obvious...
… and not so obvious”
• Bu...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 6
Challenges
“Securing the Data…
… loss / theft / corruptio...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 7
Data-in-Motion
Data-at-Rest
Data-in-Use
Data Types
WILDWI...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 8
DLP
Governance
Risk
Assessment
Compliance
Classification
...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 9
Governance
Summary:
• Data Governance = confidentiality, ...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 10
Risk Assessment
Summary:
• Identify all data types, thre...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 11
Compliance
Summary:
• Sensitive information regulated by...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 12
Classification
Summary:
• Classify data according to its...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 13
Policies
Summary:
• Flexible policies that grows with th...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 14
Discovery
Summary:
• Find sensitive data in areas you do...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 15
Remediation
Summary:
• More than fixing the data – look ...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 16
Awareness
Summary:
• Your employees are a critical line ...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 17
Approaching the Task
Deployment Best Practices
• Solid p...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 18
Deployment Best Practices
• Scope the hardware appropria...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 19
Who? What? When? How?
Data Type Risk Level Findings
PCI ...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 20
Streamline Policies
 Fine tune and test policies withou...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 21
Inventory with
Metadata
Categorization &
Classification
...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 22
Management ModelProactiveReactive
Decentralized Centrali...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 23
What You Learned Today
• The 8 Essential DLP Elements
• ...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 24
Resource & Tools
• Verizon Data Breach Investigation rep...
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 25
Questions?
2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 26
Thank You!
Michael Avdeev, michael_avdeev@mcafee.com
Joh...
Upcoming SlideShare
Loading in …5
×

Best Practices for Implementing Data Loss Prevention (DLP)

21,476 views

Published on

Vast amounts of your organization's sensitive data are accessible, stored, and used by authorized employees and partners on a host of devices and servers. Protecting that data where ever it is stored or travels is a top priority.

Published in: Technology
  • DOWNLOAD FULL BOOKS, INTO AVAILABLE FORMAT ......................................................................................................................... ......................................................................................................................... ,DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ,DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ,DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ,DOWNLOAD FULL. PDF EBOOK here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ,DOWNLOAD FULL. EPUB Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ,DOWNLOAD FULL. doc Ebook here { https://tinyurl.com/yyxo9sk7 } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here
  • DOWNLOAD FULL BOOKS INTO AVAILABLE FORMAT ......................................................................................................................... ......................................................................................................................... 1.DOWNLOAD FULL PDF EBOOK here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... 1.DOWNLOAD FULL EPUB Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... 1.DOWNLOAD FULL doc Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... 1.DOWNLOAD FULL PDF EBOOK here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... 1.DOWNLOAD FULL EPUB Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... 1.DOWNLOAD FULL doc Ebook here { https://tinyurl.com/y8nn3gmc } ......................................................................................................................... ......................................................................................................................... ......................................................................................................................... .............. Browse by Genre Available eBooks ......................................................................................................................... Art, Biography, Business, Chick Lit, Children's, Christian, Classics, Comics, Contemporary, Cookbooks, Crime, Ebooks, Fantasy, Fiction, Graphic Novels, Historical Fiction, History, Horror, Humor And Comedy, Manga, Memoir, Music, Mystery, Non Fiction, Paranormal, Philosophy, Poetry, Psychology, Religion, Romance, Science, Science Fiction, Self Help, Suspense, Spirituality, Sports, Thriller, Travel, Young Adult,
       Reply 
    Are you sure you want to  Yes  No
    Your message goes here

Best Practices for Implementing Data Loss Prevention (DLP)

  1. 1. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. Best Practices for Implementing Data Loss Prevention (DLP) • Michael Avdeev DLP Solution Architect, McAfee • John Callaghan Sr. Mgr. Engineering Research , SilverSky
  2. 2. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 2 Welcome! • Type in questions using the Ask A Question button • All audio is streamed over your computer – Having technical issues? Click the ? Button • Click Attachments button to find a printable copy of this presentation • After the webinar, ISACA members may earn 1 CPE credit – Find a link to the Event Home Page on the Attachments button – Click the CPE Quiz link on the Event Home Page to access the quiz – Once you pass the quiz, you’ll receive a link to a printable CPE Certificate • Tell us what you thought of this event! – By using the FEEDBACK button – Complete the Webinar Survey on the Attachments button • Question or suggestion? Email them to eLearning@isaca.org
  3. 3. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 3 Today’s Speakers Michael Avdeev DLP Enterprise Solution Architect McAfee John J. Callaghan, CISM, Senior Manager Security & Engineering Research, SilverSky
  4. 4. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 4 Motivations “A world of needs… … essential considerations” What • Another Tool or Governance approach Why • Mandate, IP, Regulatory, Compliance When • Immediately .vs. Planned Where • Across the business, by geography How • “By Policy”, Training, Top-Down, Inter-organizational
  5. 5. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 5 Considerations “The obvious... … and not so obvious” • Business Goals • Company Primary IP • Industry & Legal Requirements • Corporate Security Policies • New Projects ‘rollout’ history • Secondary IP concerns • Business unit Practices & Repositories • Varying adherence to Corporate Policy • Exposed IP • Extranet/sharing issues
  6. 6. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 6 Challenges “Securing the Data… … loss / theft / corruption” • Today: Data = Dollars • Crime: Cybercrime is simply Crime • News: Success stories need to outweigh breaches • Statistics: At the close
  7. 7. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 7 Data-in-Motion Data-at-Rest Data-in-Use Data Types WILDWILDWEST Data Loss Vectors Email Web Post Network IM Chat Desktop/LaptopDatabase Removable Media ScreenPrinter File Share Clipboard
  8. 8. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 8 DLP Governance Risk Assessment Compliance Classification Policies Discovery Remediation Awareness DLP Elements
  9. 9. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 9 Governance Summary: • Data Governance = confidentiality, integrity and availability of data • Monitor the flow/storage of data in your environment Action: • Develop a governance structure • Define roles & responsibility • Create a communication plan • Create governance metrics Examples: • Centralized vs. De-Centralized • Set up a central site for document storage & communications • Use DLP policies to generate metrics
  10. 10. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 10 Risk Assessment Summary: • Identify all data types, threat vectors, and potential business impact • Prioritize ranking of risks and a list of initiatives to mitigate the risk Action: • Execute the RA • Create a detailed action plan • Assign owners to RA results • Formalize a recurring RA plan Examples: • Use asset management tools to catalog assets • Use DLP to identify risk in systems, applications, lines of business, etc.
  11. 11. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 11 Compliance Summary: • Sensitive information regulated by governmental and industry statutes • Avoid fines, increased audit costs, embarrassment, or prosecution Action: • Identify governing bodies • Identify statutes • Create a data element mapping • Create compliance metrics Examples: • Monitor PCI data movement both within and outside of the company • Use IT GRC tools to manage compliance
  12. 12. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 12 Classification Summary: • Classify data according to its value and risk • Protect classes of data; not individual elements Action: • Gather initial and new data elements • Develop a standard framework • Identify data owners and users • Identify approved data storage systems Examples: • Set up workshops to gather initial data elements • Use DLP data discovery scans to gather new data elements • Catalog locations and move data to approved storage locations
  13. 13. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 13 Policies Summary: • Flexible policies that grows with the organization over time • User education on policies, standards, and guidelines Action: • Review existing policies • Create new policies • Socialize polices with users • Evaluate effectiveness Examples: • Educate key stake holders (HR, compliance team, biz units) • Set up a recurring update program to measure policy effectiveness
  14. 14. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 14 Discovery Summary: • Find sensitive data in areas you don’t expect it to. • Identify broken process, bad actors, and “data drift” Action: • Create a data discover program • Define data storage type • Define data categories • Define data owners Examples: • Identify “data drift” in “data-at-rest” (file servers, database) • Identify “data drift” in “data-in-use” (local disks on laptops and desktops)
  15. 15. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 15 Remediation Summary: • More than fixing the data – look at the people and the process • Remediation is NOT done until root causes are identified and risk is mitigated Action: • Develop data/incident response programs • Perform system/data clean-up • Implement mitigation actions Examples: • Root caused PCI data leakage due to a broken business process • Automatically encrypt all patient data via outbound email traffic
  16. 16. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 16 Awareness Summary: • Your employees are a critical line of defense • Embed employee education into your DLP program Action: • Develop a security awareness program for employees • Develop specific data protection training for data owners Examples: • Posters • Webpage with guidelines • Quick situational videos
  17. 17. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 17 Approaching the Task Deployment Best Practices • Solid preparation • Understand the data & rules • Be realistic with the project plan • Communication, communication, communication Protecting Data is a Process Problem…
  18. 18. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 18 Deployment Best Practices • Scope the hardware appropriately • Get buy-in from key stakeholders early • Evaluate DLP endpoint strategies • Have a realistic test environment so you can see problems early Solid Preparation • Privacy rules differ state by state, country by country • Understand how data is being used in your company before building policies • Understand chain-of-custody implications of collecting evidence in a DLP solution Understand the Data & Rules • You can’t watch everything - prioritize what’s important • Start small and grow your coverage • Know what you need to watch for and what you cannot watch for • Document well and define key statistical performance metrics Be Realistic • Weekly calls (technical level & governance level calls with senior management) • Define departmental champions to help overcome roadblocks • Keep the CISO actively involved • Train downstream – don’t limit it to just security Good Communication
  19. 19. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 19 Who? What? When? How? Data Type Risk Level Findings PCI Data Exposed User Ignorance of Policy PII Data Exposed PII data sent, received and stored UNENCRYPTED Intellectual Property Leaks “Confidential” files sent to questionable destinations State Privacy Law Violations Broken business process You cannot protect the data you don’t know about!
  20. 20. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 20 Streamline Policies  Fine tune and test policies without interrupting business Define Policy Test Policy Tune Rules Data Analytics Violations Data
  21. 21. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 21 Inventory with Metadata Categorization & Classification Remediation Prioritized Discovery Best Practices PCI Data Sensitive IP Encrypt Delete Move
  22. 22. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 22 Management ModelProactiveReactive Decentralized Centralized • Complex IP environment • Business driven needs • Small security team Business Flex Dedicated Team Light Coverage Part-Timer • High regulatory requirements • Mature business model • Strong security team • Low regulatory environment • Low business drivers • Small security team • High business drivers • Little management buy-in • Strong security team
  23. 23. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 23 What You Learned Today • The 8 Essential DLP Elements • DLP Deployment Best Practices & Examples • Different DLP Management Models Remember … You cannot protect the data you don’t know about! Start small and be realistic about your project plan. Get buy-in from business users early. Protecting data is a process problem.
  24. 24. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 24 Resource & Tools • Verizon Data Breach Investigation report: http://www.verizonenterprise.com/DBIR/2013/ • “Implementing and Managing a DLP Solution” Whitepaper http://mcaf.ee/dphvg -> White Papers To find out more about McAfee DLP solution • Public page http://mcaf.ee/dphvg • Regulation link http://www.mcafee.com/data-protection-laws • Data Risk Assessment http://dataprotection.mcafee.com/forms/RiskAssessment • Blogs http://siblog.mcafee.com/category/data-protection • Videos http://www.youtube.com/McafeeDLP • Twitter handle @McAfeeDLP
  25. 25. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 25 Questions?
  26. 26. 2013 ISACA Webinar Program. © 2013 ISACA. All rights reserved. 26 Thank You! Michael Avdeev, michael_avdeev@mcafee.com John Callaghan, jcallaghan@silversky.com

×