Data Leakage is an important concern for the business organizations in this increasingly networked world these days. Unauthorized disclosure may have serious consequences for an organization in both long term and short term. Risks include losing clients and stakeholder confidence, tarnishing of brand image, landing in unwanted lawsuits, and overall losing goodwill and market share in the industry.
Data loss is considered by security experts to be one of the most serious threats that businesses currently face.
Maintaining the confidentiality of personal information and data is an essential factor in operating a successful business. People must be able to trust that their service provider takes the appropriate measures to implement security controls that will ultimately protect their privacy.
However, some of the largest and most reputable organizations have fallen victim to data loss security breaches resulting in significant legal, financial, and reputation loss, including [1]:
The Bank of America: Losing the personal employee information of over one million employees
The United States Government: Losing data related to the military
Heartland Payment Systems: Transferring credit card information and other personal records of over 130 million customers
In 2013, it was estimated that data breaches had resulted in the exploitation of over 800 million personal records [2]. This number is also expected to rise over the next several years given the advanced tools that cybercriminals use to steal information and data.
Interestingly, it is not just cybercriminals who represent a threat as:
64% of data loss is caused by well-meaning insiders.
50% of employees leave with data.
$3.5 million average cost of a security breach.
Considering these extensive data breaches, it is practical for organizations to understand where their critical data is located and understanding current security controls that can stop data loss.
Data Loss Prevention (DLP) solutions locate critical and personal data for organizations and help prevent data loss. By having a deeper understanding of efficient DLP security controls, you will help protect the reputation of your organization.
For more information contact: rkopaee@riskview.ca
https://www.threatview.ca
http://www.riskview.ca
DATA LOSS PREVENTION ENSURES CRITICAL INFORMATION ARE KEPT SAFELY AT THE CORPORATE NETWORK AND HELPS ADMINISTRATOR CONTROL THE DATA WHAT
END-USERS WISH TO TRANSFER.
Technology Overview - Symantec Data Loss Prevention (DLP)Iftikhar Ali Iqbal
The presentation provides the following:
- Symantec Corporate Overview
- Solution Portfolio of Symantec
- Symantec Data Loss Prevention - Introduction
- Symantec Data Loss Prevention - Components
- Symantec Data Loss Prevention - Features & Use Cases
- Symantec Data Loss Prevention - System Requirements
- Symantec Data Loss Prevention - Appendix (extra information)
This provides a brief overview of Symantec Data Loss Prevention (DLP). Please note all the information is based prior to May 2016 and the full integration of Blue Coat Systems's set of solutions.
Data Leakage is an important concern for the business organizations in this increasingly networked world these days. Unauthorized disclosure may have serious consequences for an organization in both long term and short term. Risks include losing clients and stakeholder confidence, tarnishing of brand image, landing in unwanted lawsuits, and overall losing goodwill and market share in the industry.
Data loss is considered by security experts to be one of the most serious threats that businesses currently face.
Maintaining the confidentiality of personal information and data is an essential factor in operating a successful business. People must be able to trust that their service provider takes the appropriate measures to implement security controls that will ultimately protect their privacy.
However, some of the largest and most reputable organizations have fallen victim to data loss security breaches resulting in significant legal, financial, and reputation loss, including [1]:
The Bank of America: Losing the personal employee information of over one million employees
The United States Government: Losing data related to the military
Heartland Payment Systems: Transferring credit card information and other personal records of over 130 million customers
In 2013, it was estimated that data breaches had resulted in the exploitation of over 800 million personal records [2]. This number is also expected to rise over the next several years given the advanced tools that cybercriminals use to steal information and data.
Interestingly, it is not just cybercriminals who represent a threat as:
64% of data loss is caused by well-meaning insiders.
50% of employees leave with data.
$3.5 million average cost of a security breach.
Considering these extensive data breaches, it is practical for organizations to understand where their critical data is located and understanding current security controls that can stop data loss.
Data Loss Prevention (DLP) solutions locate critical and personal data for organizations and help prevent data loss. By having a deeper understanding of efficient DLP security controls, you will help protect the reputation of your organization.
For more information contact: rkopaee@riskview.ca
https://www.threatview.ca
http://www.riskview.ca
DATA LOSS PREVENTION ENSURES CRITICAL INFORMATION ARE KEPT SAFELY AT THE CORPORATE NETWORK AND HELPS ADMINISTRATOR CONTROL THE DATA WHAT
END-USERS WISH TO TRANSFER.
Technology Overview - Symantec Data Loss Prevention (DLP)Iftikhar Ali Iqbal
The presentation provides the following:
- Symantec Corporate Overview
- Solution Portfolio of Symantec
- Symantec Data Loss Prevention - Introduction
- Symantec Data Loss Prevention - Components
- Symantec Data Loss Prevention - Features & Use Cases
- Symantec Data Loss Prevention - System Requirements
- Symantec Data Loss Prevention - Appendix (extra information)
This provides a brief overview of Symantec Data Loss Prevention (DLP). Please note all the information is based prior to May 2016 and the full integration of Blue Coat Systems's set of solutions.
Overview of Data Loss Prevention (DLP) TechnologyLiwei Ren任力偉
DLP is a technology that detects potential data breach incidents in timely manner and prevents them by monitoring data in-use (endpoints), in-motion (network traffic), and at-rest (data storage). It has been driven by regulatory compliances and intellectual property protection. This talk will introduce DLP models that describe the capabilities and scope that a DLP system should cover. A few system categories will be discussed accordingly with high-level system architecture. DLP is an interesting technology in that it provides advanced content inspection techniques. As such, a few content inspection techniques will be proposed and investigated in rigorous terms.
Symantec Data Loss Prevention 11 simplifies the detection and protection of intellectual property. Symantec’s market-leading data security suite features Vector Machine Learning, which makes it easier to detect hard-to-find intellectual property, and enhancements to Data Insight that streamline remediation, increasing the effectiveness of an organization’s data protection initiatives.
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...Edureka!
** Cyber Security Course: https://www.edureka.co/cybersecurity-certification-training **
This Edureka tutorial on "What is Cyber Security" gives an introduction to the Cyber Security world and talks about its basic concepts. You get to know different kinds of attack in today's IT world and how cybersecurity is the solution to these attacks. Below are the topics covered in this tutorial:
1. Why we need Cyber Security?
2. What is Cyber Security?
3. The CIA Triad
4. Vulnerability, Threat and Risk
5. Cognitive Cyber Security
Cybersecurity Training Playlist: https://bit.ly/2NqcTQV
At the highest level, our mission continues to be about keeping our customers (companies and governments) safe from ever-evolving digital threats, so they are confident to move business forward. Our strategy to accomplish this mission centers around four key pillars: Advanced Threat Protection, Information Protection for On Premise and Cloud, Security as a Service -- all anchored by a Unified Security Analytics Platform. Symantec Data Loss Prevention is a foundational product in the Information Protection for On Premise and Cloud pillar.
Everyone knows that storing and accessing data and applications in the cloud and on mobile devices provides makes work much easier and productive by allowing employees to work everywhere they need to.
It allows for great business agility – applications are always up to date, new functionality and processes can be deployed and activated quickly and organizations can adjust things on the fly if they need to.
It also brings the convenience factor – all employees to work in the way that they need to, collaboration and sharing is made vastly easier with cloud applications and storage.
But it brings with it all the challenges of securing devices and applications that your don’t own, and whilst saying NO might be the right thing for security, end users will find a way around it. Right now, close to 30% of employees use their personal devices for work. And that number is on the rise, potentially turning BYOD into Bring Your Own Disaster.
Best Practices for Implementing Data Loss Prevention (DLP)Sarfaraz Chougule
Vast amounts of your organization's sensitive data are accessible, stored, and used by authorized employees and partners on a host of devices and servers. Protecting that data where ever it is stored or travels is a top priority.
All the essential information you need about DLP in one eBook.
As security professionals struggle with how to keep up with threats, DLP - a technology designed to ensure sensitive data isn't stolen or lost - is hot again. This comprehensive guide provides what you need to understand, evaluate, and succeed with today's DLP. It includes insights from DLP Experts, Forrester Research, Gartner, and Digital Guardian's security analysts.
What's Inside:
-The seven trends that have made DLP hot again
-How to determine the right approach for your organization
-Making the business case to executives
-How to build an RFP and evaluate vendors
-How to start with a clearly defined quick win
-Straight-forward frameworks for success
The presentation explains about Data Security as an industrial concept. It addresses
its concern on Data Loss Prevention in detail, from what it is, its approach, the best practices and
common mistakes people make for the same. The presentation concludes with highlighting
Happiest Minds' expertise in the domain.
Learn more about Happiest Minds Data Security Service Offerings
http://www.happiestminds.com/IT-security-services/data-security-services/
In this presentation we have covered the topic Data Security from the subject of Information Security. Where Data, Data Security, Security, Security Policy, Tools to secure data, Security Overview (Availability, Integrity, Authenticity, Confidentiality), Some myths and Dimensions of System Security and Security Issues are discussed.
Cyber Threat Intelligence is a process in which information from different sources is collected, then analyzed to identify and detect threats against any environment. The information collected could be evidence-based knowledge that could support the context, mechanism, indicators, or implications about an already existing threat against an environment, and/or the knowledge about an upcoming threat that could potentially affect the environment. Credit: Marlabs Inc
At SearchInform we help businesses to monitor the movement of sensitive data and prevent data loss and leakage, be it a result of deliberate or negligent action, as well as prevent harmful activities by the insiders, like espionage, terrorist recruitment, drug and alcohol abuse, gambling, bullying, sexual harassment and more. We empower businesses to control all data channels in the stealth mode, thus securing their information perimeter, including web and corporate e-mail, popular instant messengers, voice and text via the likes of Skype and Viber, posts on forums, blogs and websites, info transferred to external devices, info sent to print, workstation monitors and microphones, as well as potentially harmful activities related to changes in Active Directory, software and hardware equipment.
Overview of Data Loss Prevention (DLP) TechnologyLiwei Ren任力偉
DLP is a technology that detects potential data breach incidents in timely manner and prevents them by monitoring data in-use (endpoints), in-motion (network traffic), and at-rest (data storage). It has been driven by regulatory compliances and intellectual property protection. This talk will introduce DLP models that describe the capabilities and scope that a DLP system should cover. A few system categories will be discussed accordingly with high-level system architecture. DLP is an interesting technology in that it provides advanced content inspection techniques. As such, a few content inspection techniques will be proposed and investigated in rigorous terms.
Symantec Data Loss Prevention 11 simplifies the detection and protection of intellectual property. Symantec’s market-leading data security suite features Vector Machine Learning, which makes it easier to detect hard-to-find intellectual property, and enhancements to Data Insight that streamline remediation, increasing the effectiveness of an organization’s data protection initiatives.
What is Cyber Security? | Introduction to Cyber Security | Cyber Security Tra...Edureka!
** Cyber Security Course: https://www.edureka.co/cybersecurity-certification-training **
This Edureka tutorial on "What is Cyber Security" gives an introduction to the Cyber Security world and talks about its basic concepts. You get to know different kinds of attack in today's IT world and how cybersecurity is the solution to these attacks. Below are the topics covered in this tutorial:
1. Why we need Cyber Security?
2. What is Cyber Security?
3. The CIA Triad
4. Vulnerability, Threat and Risk
5. Cognitive Cyber Security
Cybersecurity Training Playlist: https://bit.ly/2NqcTQV
At the highest level, our mission continues to be about keeping our customers (companies and governments) safe from ever-evolving digital threats, so they are confident to move business forward. Our strategy to accomplish this mission centers around four key pillars: Advanced Threat Protection, Information Protection for On Premise and Cloud, Security as a Service -- all anchored by a Unified Security Analytics Platform. Symantec Data Loss Prevention is a foundational product in the Information Protection for On Premise and Cloud pillar.
Everyone knows that storing and accessing data and applications in the cloud and on mobile devices provides makes work much easier and productive by allowing employees to work everywhere they need to.
It allows for great business agility – applications are always up to date, new functionality and processes can be deployed and activated quickly and organizations can adjust things on the fly if they need to.
It also brings the convenience factor – all employees to work in the way that they need to, collaboration and sharing is made vastly easier with cloud applications and storage.
But it brings with it all the challenges of securing devices and applications that your don’t own, and whilst saying NO might be the right thing for security, end users will find a way around it. Right now, close to 30% of employees use their personal devices for work. And that number is on the rise, potentially turning BYOD into Bring Your Own Disaster.
Best Practices for Implementing Data Loss Prevention (DLP)Sarfaraz Chougule
Vast amounts of your organization's sensitive data are accessible, stored, and used by authorized employees and partners on a host of devices and servers. Protecting that data where ever it is stored or travels is a top priority.
All the essential information you need about DLP in one eBook.
As security professionals struggle with how to keep up with threats, DLP - a technology designed to ensure sensitive data isn't stolen or lost - is hot again. This comprehensive guide provides what you need to understand, evaluate, and succeed with today's DLP. It includes insights from DLP Experts, Forrester Research, Gartner, and Digital Guardian's security analysts.
What's Inside:
-The seven trends that have made DLP hot again
-How to determine the right approach for your organization
-Making the business case to executives
-How to build an RFP and evaluate vendors
-How to start with a clearly defined quick win
-Straight-forward frameworks for success
The presentation explains about Data Security as an industrial concept. It addresses
its concern on Data Loss Prevention in detail, from what it is, its approach, the best practices and
common mistakes people make for the same. The presentation concludes with highlighting
Happiest Minds' expertise in the domain.
Learn more about Happiest Minds Data Security Service Offerings
http://www.happiestminds.com/IT-security-services/data-security-services/
In this presentation we have covered the topic Data Security from the subject of Information Security. Where Data, Data Security, Security, Security Policy, Tools to secure data, Security Overview (Availability, Integrity, Authenticity, Confidentiality), Some myths and Dimensions of System Security and Security Issues are discussed.
Cyber Threat Intelligence is a process in which information from different sources is collected, then analyzed to identify and detect threats against any environment. The information collected could be evidence-based knowledge that could support the context, mechanism, indicators, or implications about an already existing threat against an environment, and/or the knowledge about an upcoming threat that could potentially affect the environment. Credit: Marlabs Inc
At SearchInform we help businesses to monitor the movement of sensitive data and prevent data loss and leakage, be it a result of deliberate or negligent action, as well as prevent harmful activities by the insiders, like espionage, terrorist recruitment, drug and alcohol abuse, gambling, bullying, sexual harassment and more. We empower businesses to control all data channels in the stealth mode, thus securing their information perimeter, including web and corporate e-mail, popular instant messengers, voice and text via the likes of Skype and Viber, posts on forums, blogs and websites, info transferred to external devices, info sent to print, workstation monitors and microphones, as well as potentially harmful activities related to changes in Active Directory, software and hardware equipment.
Data Loss Prevention (DLP) - Fundamental Concept - ErykEryk Budi Pratama
Presented at APTIKNAS (Indonesia ICT Business Association) DKI Jakarta regular webinar.
Title:Data Loss Prevention: Fundamental Concept in Enabling DLP System
2 July 2020
Typical system servicesProgram executionIO operationsFile Sy.pdfaptexx
Typical system services:
Program execution
I/O operations
File System manipulation
Communication
Error Detection
Resource Allocation
Protection
Cyber security or IT security is the safety of information systems from theft or damage to the
hardware, the software, and the information, as well as from disturbance or misdirection of the
services they give.
The single most significant step in protecting data from loss is to back it up frequently. To keep
others out of your data, the primary step is to put permissions on the data files and folders. Many
efficiency applications, such as Microsoft Office uses and Adobe Acrobat, will permit you to set
passwords on personal documents. Windows 2000, XP Pro, and Server 2003 maintain the
Encrypting File System (EFS). There are a lot of third-party products accessible that will allow
encrypting a complete disk. A public key infrastructure (PKI) is a system for managing
public/private key couples and digital credentials. You can utilize a steganography program to
conceal data inside other data. Data can be captured while it\'s itinerant over the network by a
hacker with sniffer software. Data that send through a wireless network is especially subject to
interception than that send over an Ethernet network. If you need to send data to others but are
concerned about protecting it once it departs your own system, you can employ Windows Rights
Management Services (RMS) to manage what the recipients are clever to do with it. Port
Scanning is the name for the method used to recognize open ports and services accessible on a
network host. It is occasionally utilized by security methods to audit computers for
vulnerabilities; but, it is also utilized by hackers to object
Solution
Typical system services:
Program execution
I/O operations
File System manipulation
Communication
Error Detection
Resource Allocation
Protection
Cyber security or IT security is the safety of information systems from theft or damage to the
hardware, the software, and the information, as well as from disturbance or misdirection of the
services they give.
The single most significant step in protecting data from loss is to back it up frequently. To keep
others out of your data, the primary step is to put permissions on the data files and folders. Many
efficiency applications, such as Microsoft Office uses and Adobe Acrobat, will permit you to set
passwords on personal documents. Windows 2000, XP Pro, and Server 2003 maintain the
Encrypting File System (EFS). There are a lot of third-party products accessible that will allow
encrypting a complete disk. A public key infrastructure (PKI) is a system for managing
public/private key couples and digital credentials. You can utilize a steganography program to
conceal data inside other data. Data can be captured while it\'s itinerant over the network by a
hacker with sniffer software. Data that send through a wireless network is especially subject to
interception than that send over an Ethernet network.
Webinar: Endpoint Backup is not Enough - You Need an End-user Data StrategyStorage Switzerland
More data outside of the data center is staying on endpoints and in the cloud than ever before. That means the risks to that data are also at an all time high. Plus regulations encompassing end-user data are also increasing, challenging IT to manage data when they have less control than ever. IT needs more than an endpoint protection plan, it needs an end-user data strategy.
In this webinar, learn how to evolve from an endpoint data protection plan to a comprehensive end-user data strategy.
Data Loss Prevention technologies are needed to protect data coming into and leaving the organization. There are a number of problems and challenges with the many vendors supplying DLP technology. This presenation reviews some of the Myths around Data Loss Prevention.
ITS 833 – INFORMATION GOVERNANCEChapter 11 – Information Gov.docxdonnajames55
ITS 833 – INFORMATION GOVERNANCE
Chapter 11 – Information Governance
Privacy and Security Functions
University of the Cumberlands
Dr Isaac T. Gbenle
1
1
CHAPTER GOALS AND OBJECTIVES
2
Things To Know:
Sources of Threats to protection of data
Solution
s to threats to protection of data
Identify some privacy laws that apply to securing an organization’s data
What is meant by redaction
What are the limitations on perimeter security?
What is IAM?
What are the challenges of securing confidential e-documents?
What are the limitations on an repository-based approach to securing confidential e-documents?
Things to Know:
What are some solutions to securing confidential e-documents?
What is stream messaging?
How is a digital signature different from an electronic signature?
What is DLP Technology?
What are some basic DLP methods?
What are some of the limitations of DLP?
What is IRM?
What are some key characteristics or requirements for effective IRM?
What are some approaches to security data once it leaves the organization?
2
Who are the victims ?
Government
Corporations
Banks
Schools
Defense Contractors
Private Individuals
Cyberattack Proliferation
3
Who are the perpetrators?
Foreign Governments
Domestic and foreign businesses
Individual Hackers/Hacking societies
Insiders
3
INSIDER THREATS
4
Some malicious/some not malicious
Insider threats can be more costly than outside threats
Nearly 70% of employees have engaged in IP theft
Nearly 33% have taken customer contact information, databases and customer data
Most employees send e-documents to their personal email accounts
Nearly 60% of employees believe this is acceptable behavior
Thieves who are insiders feel they are somewhat entitled as partial ownership because they created the documents or data
58% say the would take data from their company if terminated and believe they could get away with it
4
SOLUTION?
Security – including document life cycle security
Risk Education
Employee Use Policy
IG Training and Education
Enforcement and Prosecution – Make an example!
Monitoring
5
5
PRIVACY LAW THAT MAY APPLY
Federal Wire Tapping Act
Prohibits the unauthorized interception and/or disclosure of wire, oral or electronic communications
Electronic Communications Privacy Act of 1986
Amended Federal Wire Tapping Act
Included specifics on email privacy
Stored Communications and Transactional Records Act
Part of ECPA
Sometimes can be used to protect email and other internal communications from discovery
Computer Fraud and Abuse Act
Crime to intentionally breach a “protected computer”
Used extensively in the banking industry for interstate commerce
Freedom of Information Act
Citizens ability to request government documents – sometimes redacted
6
6
LIMITATIONS ON SECURITY
“Traditional Security Techniques”
Perimeter Security
Firewalls
Passwords
Two-factor authentication
Identity verification
Limitations to traditional techniques
Limited effectiveness
Haphazard protections
Complexity.
Multi-cluster Kubernetes Networking- Patterns, Projects and GuidelinesSanjeev Rampal
Talk presented at Kubernetes Community Day, New York, May 2024.
Technical summary of Multi-Cluster Kubernetes Networking architectures with focus on 4 key topics.
1) Key patterns for Multi-cluster architectures
2) Architectural comparison of several OSS/ CNCF projects to address these patterns
3) Evolution trends for the APIs of these projects
4) Some design recommendations & guidelines for adopting/ deploying these solutions.
APNIC Foundation, presented by Ellisha Heppner at the PNG DNS Forum 2024APNIC
Ellisha Heppner, Grant Management Lead, presented an update on APNIC Foundation to the PNG DNS Forum held from 6 to 10 May, 2024 in Port Moresby, Papua New Guinea.
1.Wireless Communication System_Wireless communication is a broad term that i...JeyaPerumal1
Wireless communication involves the transmission of information over a distance without the help of wires, cables or any other forms of electrical conductors.
Wireless communication is a broad term that incorporates all procedures and forms of connecting and communicating between two or more devices using a wireless signal through wireless communication technologies and devices.
Features of Wireless Communication
The evolution of wireless technology has brought many advancements with its effective features.
The transmitted distance can be anywhere between a few meters (for example, a television's remote control) and thousands of kilometers (for example, radio communication).
Wireless communication can be used for cellular telephony, wireless access to the internet, wireless home networking, and so on.
Bridging the Digital Gap Brad Spiegel Macon, GA Initiative.pptxBrad Spiegel Macon GA
Brad Spiegel Macon GA’s journey exemplifies the profound impact that one individual can have on their community. Through his unwavering dedication to digital inclusion, he’s not only bridging the gap in Macon but also setting an example for others to follow.
# Internet Security: Safeguarding Your Digital World
In the contemporary digital age, the internet is a cornerstone of our daily lives. It connects us to vast amounts of information, provides platforms for communication, enables commerce, and offers endless entertainment. However, with these conveniences come significant security challenges. Internet security is essential to protect our digital identities, sensitive data, and overall online experience. This comprehensive guide explores the multifaceted world of internet security, providing insights into its importance, common threats, and effective strategies to safeguard your digital world.
## Understanding Internet Security
Internet security encompasses the measures and protocols used to protect information, devices, and networks from unauthorized access, attacks, and damage. It involves a wide range of practices designed to safeguard data confidentiality, integrity, and availability. Effective internet security is crucial for individuals, businesses, and governments alike, as cyber threats continue to evolve in complexity and scale.
### Key Components of Internet Security
1. **Confidentiality**: Ensuring that information is accessible only to those authorized to access it.
2. **Integrity**: Protecting information from being altered or tampered with by unauthorized parties.
3. **Availability**: Ensuring that authorized users have reliable access to information and resources when needed.
## Common Internet Security Threats
Cyber threats are numerous and constantly evolving. Understanding these threats is the first step in protecting against them. Some of the most common internet security threats include:
### Malware
Malware, or malicious software, is designed to harm, exploit, or otherwise compromise a device, network, or service. Common types of malware include:
- **Viruses**: Programs that attach themselves to legitimate software and replicate, spreading to other programs and files.
- **Worms**: Standalone malware that replicates itself to spread to other computers.
- **Trojan Horses**: Malicious software disguised as legitimate software.
- **Ransomware**: Malware that encrypts a user's files and demands a ransom for the decryption key.
- **Spyware**: Software that secretly monitors and collects user information.
### Phishing
Phishing is a social engineering attack that aims to steal sensitive information such as usernames, passwords, and credit card details. Attackers often masquerade as trusted entities in email or other communication channels, tricking victims into providing their information.
### Man-in-the-Middle (MitM) Attacks
MitM attacks occur when an attacker intercepts and potentially alters communication between two parties without their knowledge. This can lead to the unauthorized acquisition of sensitive information.
### Denial-of-Service (DoS) and Distributed Denial-of-Service (DDoS) Attacks
This 7-second Brain Wave Ritual Attracts Money To You.!nirahealhty
Discover the power of a simple 7-second brain wave ritual that can attract wealth and abundance into your life. By tapping into specific brain frequencies, this technique helps you manifest financial success effortlessly. Ready to transform your financial future? Try this powerful ritual and start attracting money today!
This 7-second Brain Wave Ritual Attracts Money To You.!
Data Leakage Prevention
1. A detailed overview
By Dhananjay P. Aloorkar
Protects your data from loss or theft and
complies with privacy laws.
2. Introduction
Types of DLP’s
Key benefits achieved through Data
Leakage Prevention
Recent Data Loss Incidents Incidents
Exploitation of Data Leakage
Hardening Steps for DLP-Preparation &
Implementation
3. Data leakage refers to unauthorized transmission of data from
within an organization to an external destination or recipient.
The transmission can be done both electronically and
physically and the
types of data leaked usually include:
-Confidential / Sensitive Information
-Intellectual property
-Customer / Student Data
-Health Records
A key distinguishing feature of DLP that contrasts
with non-DLP security tools, such as data encryption, is deep
content analysis based on pre-defined security policies.
Continue..
4.
5. In general, DLP refers to any systems or tools that identify, monitor,
and protect the following type of data:
-Data in Motion – Any data that is moving through the network to the
outside via the Internet. This feature applies to all data transmitted
on wire or wirelessly. E.g. Examination results sent to students over
the Internet.
-Data in Use – Data at the endpoints of the network (e.g. data on
USB devices, external drivers, MP3 players, laptops, and other
highly-mobile devices). E.g. Patent information stored on portable
hard disks.
-Data at Rest – Data that resides in files system, databases and
other storage methods. E.g. A university’s financial data stored on
the financial application server.
In response to the above types of data having exposure to potentia
leakage problem, specific DLP systems / tools have been
engineered to mitigate the risks or detect any security violations.
6. Network DLP’s
Endpoint DLP’s
Embedded DLP’s
Network DLP:
-Designed to detect any leakage incidents related to data in motion, by
detecting if particular important data files are being transferred through
networks.
-Supports multiple protocols such as HTTP, FTP, P2P and SMTP, and is
commonly attached to network equipments (e.g. routers, switches).
-Nowadays, most universities have already implemented certain network
traffic filtering systems, such as e-mail and web activity monitoring
programs, which can achieve part of the functionalities of Network DLP.
-Some more specialized Network DLP tools include McAfee Network DLP
Manager, RSA DLP Network, and Symantec Data Loss Prevention Network
series.
7. Endpoint DLP
-Endpoint DLP products are agents or software that usually reside on end
user terminals such as mobile devices and laptops.
-To prevent users from storing sensitive information on removable media
devices such as USB flash drives and CD/ROM discs and to protect against
unauthorised transmission of sensitive information when a user is not
connected the universities’ own networks (e.g. public free Wi-Fi spot).
-An Endpoint DLP software can also utilise disk encryption, which prevents
unauthorsied access to information on a lost or stolen laptop.
-Popular Endpoint DLP products currently on the market include NextLabs
Enterprise DLP, Symantec Protection Suite Enterprise and McAfee Host
Data Loss Prevention.
8. Embedded DLP:
-Embedded DLP are planted within specific applications to effectively
monitor the data outflows, identify keywords or related patterns belong to
sensitive information and block any suspicious data leakage attempts. For
instances, scanning and rejecting outgoing e-mails for sensitive keywords or
attachments, restricting printing of copyrighted softcopy documents.
-Cisco’s IronPort e-mail
security technology provides functionalities to detect sensitive content,
patterns or images in a message body or within attachments.
-Websense Web Security Gateway
Solutions incorporated Websense TruWeb DLP capability offers embedded
DLP over outbound communications to destinations like web mail and social
networks.
9. Prevent Data Leakage
Reduce Cost of Investigation and Damage to
Reputation
Facilitate Early Risk Detection and Mitigation
Increase Comfort Level of Senior Management
10. Heartland Payment Systems Get Hacked
Heartland Payment Systems is the 6th largest credit card
processor in the USA.
Unfortunately though, a hacker by the name of Albert
Gonzalez and his team of computer experts managed to
compromise Heartland’s secure servers via some code
inserted into an SQL database.
The resulting scripts were able to collect and transmit the
credit card data and personal information of a whopping 130
million unfortunate customers, making this one of the biggest
(and scariest) data loss incidents ever.
11. British Prisoner Data Escapes
The British Home Office lost all of its data on over 80
thousand prisoners when one employee transferred all of
that data from a secure server onto a USB stick…and
then lost the USB stick.