Proven Practices to Protect Critical Data - DarkReading VTS DeckNetIQ
NetIQ was a Platinum sponsor for “Plugging the Leaks: Finding and Fixing the IT Security Holes in Your Enterprise,” a virtual trade show (VTS) produced by Information Week Magazine and Dark Reading.
This was our presentation deck: "Proven Practices to Protect Critical Data" presented by Matt Mosley, Senior Product Manager, and Matt Ulery, Director of Product Management during a live presentation. They explored some of the most significant problems facing security teams tasked with protecting critical data. And, they will reveal some of the most effective approaches and technology that can be used to quickly identify real threats.
All the essential information you need about DLP in one eBook.
As security professionals struggle with how to keep up with threats, DLP - a technology designed to ensure sensitive data isn't stolen or lost - is hot again. This comprehensive guide provides what you need to understand, evaluate, and succeed with today's DLP. It includes insights from DLP Experts, Forrester Research, Gartner, and Digital Guardian's security analysts.
What's Inside:
-The seven trends that have made DLP hot again
-How to determine the right approach for your organization
-Making the business case to executives
-How to build an RFP and evaluate vendors
-How to start with a clearly defined quick win
-Straight-forward frameworks for success
Proven Practices to Protect Critical Data - DarkReading VTS DeckNetIQ
NetIQ was a Platinum sponsor for “Plugging the Leaks: Finding and Fixing the IT Security Holes in Your Enterprise,” a virtual trade show (VTS) produced by Information Week Magazine and Dark Reading.
This was our presentation deck: "Proven Practices to Protect Critical Data" presented by Matt Mosley, Senior Product Manager, and Matt Ulery, Director of Product Management during a live presentation. They explored some of the most significant problems facing security teams tasked with protecting critical data. And, they will reveal some of the most effective approaches and technology that can be used to quickly identify real threats.
All the essential information you need about DLP in one eBook.
As security professionals struggle with how to keep up with threats, DLP - a technology designed to ensure sensitive data isn't stolen or lost - is hot again. This comprehensive guide provides what you need to understand, evaluate, and succeed with today's DLP. It includes insights from DLP Experts, Forrester Research, Gartner, and Digital Guardian's security analysts.
What's Inside:
-The seven trends that have made DLP hot again
-How to determine the right approach for your organization
-Making the business case to executives
-How to build an RFP and evaluate vendors
-How to start with a clearly defined quick win
-Straight-forward frameworks for success
Data Leakage is an important concern for the business organizations in this increasingly networked world these days. Unauthorized disclosure may have serious consequences for an organization in both long term and short term. Risks include losing clients and stakeholder confidence, tarnishing of brand image, landing in unwanted lawsuits, and overall losing goodwill and market share in the industry.
Data Loss Prevention technologies are needed to protect data coming into and leaving the organization. There are a number of problems and challenges with the many vendors supplying DLP technology. This presenation reviews some of the Myths around Data Loss Prevention.
Big Data and Security - Where are we now? (2015)Peter Wood
Peter Wood started looking at Big Data as a solution for Advanced Threat Protection in 2013. This presentation examines how Big Data is being used for security in 2015, how this market is developing and how realistic vendor offerings are.
Two large corporations have been crippled by recent information security breaches. It may not be hard to quantify the losses in terms of lost revenue and profits but what will be hard to quantify are the losses to reputation. Cited as two of the most damaging cyber-attacks on corporate America, this presentation looks at what went wrong and what could have been done to prevent these situations.
Protecting Intellectual Property and Data Loss Prevention (DLP)Arpin Consulting
Protecting Intellectual Property and Data Loss Prevention (DLP) – what makes your business unique, different, valuable, and attracts clients and customers - presented at the Boston Business Alliance 9/23/09
The REAL Impact of Big Data on PrivacyClaudiu Popa
The awesome promise of Big Data is tempered by the need to protect personal information. Data scientists must expertly navigate the legislative waters and acquire the skills to protect privacy and security. This talk provides enterprise leaders with answers and suggests questions to ask when the time comes to consider the vast opportunities offered by big data.
Shariyaz abdeen data leakage prevention presentationShariyaz Abdeen
Data leakage prevention is one of the key topics which we have been talking in present. Due to the organizations moving towards big data, financial systems.. which resides in cyber space, there is an increasing number of frauds associated with the technology revolution in the cyberspace.This post highlights the threats and the counter measures, so we can protect the sensitive personal data. I prefer the approach of “ Trust but verify model ”.
Symantec announced it is planning to offer Symantec Data Loss Prevention for Tablet, the first comprehensive data loss prevention (DLP) solution for the monitoring and protection of sensitive information on tablet computers. Available first for the Apple iPad, Symantec Data Loss Prevention for Tablet will help solve one of the most urgent problems facing security organizations today by providing content-aware protection for this remarkably popular new corporate endpoint. The solution is designed to maintain user productivity and protect an organization’s confidential data at the same time.
On 4 October 2016, as part of the GDPR Workshop series, the Brussels Privacy Hub hosted a workshop on implementation of the EU GDPR and Privacy Impact Assessment. Trilateral delivered a joint presentation by Rowena Rodrigues and Julia Muraszkewicz, exploring some of the challenges associated to DPIAs and EPIAs. The presentation was based upon two of Trilateral’s research projects: SATORI and iTRACK.
Data Leakage is an important concern for the business organizations in this increasingly networked world these days. Unauthorized disclosure may have serious consequences for an organization in both long term and short term. Risks include losing clients and stakeholder confidence, tarnishing of brand image, landing in unwanted lawsuits, and overall losing goodwill and market share in the industry.
Data Loss Prevention technologies are needed to protect data coming into and leaving the organization. There are a number of problems and challenges with the many vendors supplying DLP technology. This presenation reviews some of the Myths around Data Loss Prevention.
Big Data and Security - Where are we now? (2015)Peter Wood
Peter Wood started looking at Big Data as a solution for Advanced Threat Protection in 2013. This presentation examines how Big Data is being used for security in 2015, how this market is developing and how realistic vendor offerings are.
Two large corporations have been crippled by recent information security breaches. It may not be hard to quantify the losses in terms of lost revenue and profits but what will be hard to quantify are the losses to reputation. Cited as two of the most damaging cyber-attacks on corporate America, this presentation looks at what went wrong and what could have been done to prevent these situations.
Protecting Intellectual Property and Data Loss Prevention (DLP)Arpin Consulting
Protecting Intellectual Property and Data Loss Prevention (DLP) – what makes your business unique, different, valuable, and attracts clients and customers - presented at the Boston Business Alliance 9/23/09
The REAL Impact of Big Data on PrivacyClaudiu Popa
The awesome promise of Big Data is tempered by the need to protect personal information. Data scientists must expertly navigate the legislative waters and acquire the skills to protect privacy and security. This talk provides enterprise leaders with answers and suggests questions to ask when the time comes to consider the vast opportunities offered by big data.
Shariyaz abdeen data leakage prevention presentationShariyaz Abdeen
Data leakage prevention is one of the key topics which we have been talking in present. Due to the organizations moving towards big data, financial systems.. which resides in cyber space, there is an increasing number of frauds associated with the technology revolution in the cyberspace.This post highlights the threats and the counter measures, so we can protect the sensitive personal data. I prefer the approach of “ Trust but verify model ”.
Symantec announced it is planning to offer Symantec Data Loss Prevention for Tablet, the first comprehensive data loss prevention (DLP) solution for the monitoring and protection of sensitive information on tablet computers. Available first for the Apple iPad, Symantec Data Loss Prevention for Tablet will help solve one of the most urgent problems facing security organizations today by providing content-aware protection for this remarkably popular new corporate endpoint. The solution is designed to maintain user productivity and protect an organization’s confidential data at the same time.
On 4 October 2016, as part of the GDPR Workshop series, the Brussels Privacy Hub hosted a workshop on implementation of the EU GDPR and Privacy Impact Assessment. Trilateral delivered a joint presentation by Rowena Rodrigues and Julia Muraszkewicz, exploring some of the challenges associated to DPIAs and EPIAs. The presentation was based upon two of Trilateral’s research projects: SATORI and iTRACK.
From Privacy Impact Assessment to Social Impact Assessment: Preserving TRrus...Lilian Edwards
Short paper by Laurence Diver and myself on why the IoT is a special problem for privacy and how we can and should try to build such systems using Privacy by Design
On Thursday 10th November 2016, in The Hague, the Netherlands, Trilateral Research carried out an Ethics and Privacy Impact Assessment (EPIA) workshop as part of the iTRACK project. iTRACK will create an open-source real-time tracking and threat detection system providing intelligent decision support to civilian humanitarian missions for the purpose of better protection, and more efficient and effective operations.
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...IBM Security
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing the Impact of a Breach
Encryption has been viewed as the ultimate way to protect sensitive data for compliance. But it has also been considered very complex to implement. Today, encryption is essential to meet compliance objectives, and has become much simpler to implement. The challenge is knowing when and where to use encryption, how it can simplify compliance, what controls need to be in place, and the options for good encryption key management. This session will cover the options for encryption and key management, what each provides, and their requirements. Encryption and key management topics include application-level encryption for data in use, network encryption of data in motion, and storage encryption for data at rest.
This year I had the opportunity to give a presentation at the World Bank in Washington DC during one of their "brown bag sessions", focused on Privacy, Drones and IoT.
The World Bank is an organization that works worldwide with a wide range of projects, including some initiatives connected with new technologies, and every time, they should evaluate different risks involved, including privacy risks.
The purpose of the presentation was to understand the concept of ‘privacy’ and its different meanings worldwide, how to define the privacy framework and assess the risks arising from the use of new technologies such as drones or IoT, and introduce the Privacy Impact Assessment as an effective tool that we can use in any jurisdiction.
I am going to share some thoughts of these broad and complex chapters that I had to sum up within one hour in this presentation!
Here the full post: http://www.lauravivet.com
Lean Thinking in IT by Marie-Pia Ignace, Lean IT Summit 2014Institut Lean France
What does lean thinking mean in the IT world? What questions should CIOs ask themselves about the products they deliver. Marie-Pia Ignace, President of Institut Lean France is a pionneer of Lean in IT, watch her presentation slides from the closing keynote of the 4th annual Lean IT Summit. More Lean IT on www.lean-it-summit.com
Discover The Top 10 Types Of Colleagues Around YouAnkur Tandon
The best part being with different colleagues is we learn a lot from them. Good or bad, sooner or later, better or best, we learn something unique from the different personalities working with and around us at our workplace. Read more interesting content, at www.thecareermuse.co.in - We intend to inform and inspire recruiters, job seekers and anyone with an interest in the workplace and HR technology.
Hope you enjoyed reading the Infographic.
Feel free to share your feedback with us at @CareerBuilderIn
Malicious or accidental disclosure of confidential information by trusted insiders is a threat to any organization. Insiders include employees, contractors, consultants and business partners that have access to your sensitive information. Since relationships don't last forever, a trusted person today may be a competitor tomorrow. See how Fasoo customers protect sensitive information by controlling access and use at the data level through continuous encryption and persistent security policies.
Digital Finance Africa 2022 - https://itnewsafrica.com/event/ -hosted by IT News Africa is the definitive annual event on technology leadership in the
financial services industry. It asks the hard questions not asked in other
conferences, and identifies the skills required to steer a course in an age
where the entire industry is transforming rapidly. This is a Summit for bold,
visionary leaders who are willing to take calculated risks as much as they
are willing to consolidate, who know what to give up as much as what they
expect to gain.
(Slides) What's Yours Is Mine: How Employess Are Putting Your Sensitive Data ...infoLock Technologies
Learn how you can leverage Symantec DLP's superior detection technologies and comprehensive coverage to protect your confidential data against theft not only from malicious insiders but also well-meaning employees - while enabling you to comply with global data privacy laws and safeguard your reputation.
In shared infrastructures such as clouds, sensitive or regulated data—including run-time and archived data—must be properly segregated from unauthorized users. Database and system administrators may have access to multiple clients’ data, and the location of stored data in a cloud may change rapidly. Compliance requirements such as Payment Card Industry Data Security Standard (PCI-DSS), Health Insurance Portability and Accountability Act (HIPAA) and others may need to be met. This webinar will discuss how to help protect cloud-based customer information and intellectual property from both external and internal threats.
View the On-demand webinar: https://www2.gotomeeting.com/register/187735186
Exploring Data Privacy - SQL Saturday Louisville 2011John Magnabosco
This is the slide deck from the presentation given at SQL Saturday event in Louisville, October 2011. A modified version of this presentation was given at the Indianapolis SQL Saturday in May 2011.
Threat Ready Data: Protect Data from the Inside and the OutsideDLT Solutions
Is your current state really threat ready?
Amit Walia, Senior Vice President, General Manager of Data Integration and Security at Informatica, shares how to protect data from the inside and the outside from the 2015 Informatica Government Summit.
What i learned at the infosecurity isaca north america expo and conference 2019Ulf Mattsson
Infosecurity ISACA North America Expo and Conference will debut in New York City’s Javits Convention Center 20-21 November 2019. The event will leverage ISACA’s Cybersecurity Nexus (CSX) community and solutions with Infosecurity Group, Reed Exhibition’s immersive event series staged worldwide for the infosecurity industry.
Download Event Brochure
ISACA will bring experience developed since the 2015 launch of its CSX Conferences, expert workshop series, certification preparation sessions, and latest developments related to the CSX Training Platform, all to the new event programming. Infosecurity, which entered the North American conference arena in 2017, will build on its strengths in industry expositions, media, immersive learning and leadership networks.
Data security risks are on the rise in the digitized world we live in. Traditional perimeter security is not enough to protect your critical business data against the risk of data loss.
Similar to Dean carey - data loss-prevention - atlseccon2011 (20)
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
Encryption in Microsoft 365 - ExpertsLive Netherlands 2024Albert Hoitingh
In this session I delve into the encryption technology used in Microsoft 365 and Microsoft Purview. Including the concepts of Customer Key and Double Key Encryption.
Generating a custom Ruby SDK for your web service or Rails API using Smithyg2nightmarescribd
Have you ever wanted a Ruby client API to communicate with your web service? Smithy is a protocol-agnostic language for defining services and SDKs. Smithy Ruby is an implementation of Smithy that generates a Ruby SDK using a Smithy model. In this talk, we will explore Smithy and Smithy Ruby to learn how to generate custom feature-rich SDKs that can communicate with any web service, such as a Rails JSON API.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
UiPath Test Automation using UiPath Test Suite series, part 3DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 3. In this session, we will cover desktop automation along with UI automation.
Topics covered:
UI automation Introduction,
UI automation Sample
Desktop automation flow
Pradeep Chinnala, Senior Consultant Automation Developer @WonderBotz and UiPath MVP
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
2. SC Magazine
Data Breaches Don’t Discriminate
“DuPont scientist downloaded
22,000 sensitive documents as he
got ready to take a job with a
competitor…”
“Royal London Mutual Insurance
Society loses eight laptops and the
personal details of 2,135 people”
“The FSA has fined
Nationwide £980,000
for a stolen laptop”
“Personal data of
600,000 on lost
laptop”
“ChoicePoint to pay
$15 million over data
breach—Data broker sold
info on 163,000 people”
3. Increasing Risk of Information Theft
• 19 people a minute become new
victims of identity theft due to data
breaches1
• During a 3 year period, over 217
million Americans were victims of
identity theft or exposure2
• Each data breach costs an average
of $6.3 million3
• A typical Fortune 1000 company
can’t locate 2% of their PC’s4
• A typical Fortune 1000 financial
institution loses 1 laptop a day5
4. Understanding the risk
Market value of your sensitive data
$490
Credit Card
Number with PIN
$78-$294
Billing data
$147
Driver's license
$147
Birth certificate
$98
Social Security card
$6-$24
Credit card number
$6
PayPal account
logon and password
$980-$4,900
Trojan to steal
account information
7. Is Your Data in the Wild?
80% of CISOs see employees
as the greatest data threat
73% of data breaches come
from internal sources
77% unable to audit or quantify
loss after a data breach
8. The Problem is Rapidly Escalating
300%
2008 - 2009
Security Breach Increase
9. ...Send company confidential data to your
private email account?
…Print a confidential document on the
wrong printer?
...Send an email to the wrong recipient?
Innocent But Risky Actions
…Copy data to an non-encrypted USB
device?
DID YOU EVER...
10. ―User‖ is a Four Letter Word
86% Regularly forward documents via
corporate email
26%
Sent customer information using
web-based email such as Yahoo or
Hotmail
83%
Admitted printing out customer
records to remove from the
business
26%
Admit regularly using USB flash
drives to take confidential
information out of the company
(an uncomplimentary way to indicate that a computer problem is the fault of the user)
―PEBKAC‖ – Problem Exists Between Keyboard And Chair
...but are they IT
security experts or
employees?
12. Use Case: Insider Threat and The Internet
1
Scenario
• An employee disagrees with
company policy or action
• Has access to ―evidence‖ of
perceived issues or abuse
• Uploads this data to a web-based
whistleblower site
DLP can stop unauthorized uploads
• Set policies to protect your sensitive data or communications
• Either block or require explicit permission to upload such data
13. Data Protection Challenges
Enabling Business
2.0
Sensitive
Data
Regulated
Data
• Easily comply with
multiple regulations
• Reduce costs associated
with audit
• Protect reputation &
reduce penalties
• Support supply chain &
partner integration
• Support safe, flexible use
of business data
• Enable safe, two-way,
B2B/B2C communication
• Protect sensitive data &
intellectual property
• Maintain competitive
advantage
• Ensure appropriate chain
of custody
14. Managing Risk
• Access + Mobility = Risk
• Protection needed 24/7/365
– Not just during business hours
• Data is constantly on the move, replicating and changing organically
• Imperative to be both legally compliant and protect your most precious
assets – your data, your competitive position, and your brand
• Holistic thinking required
– Networks, laptops, mobile devices, etc.
16. Today’s Security Solution Gap
• Most ―security‖ products don’t
actually ―secure information‖
– They are designed to protect
networks and servers
– They do little to protect the
confidentiality and integrity of
information
• Information is in constant motion
—making it difficult to lock down
Anti-spyware
Authentication
Anti-virus
Threat
Detection
Change/Patch
Management
Clients
Servers
LAN
Firewall
Anti-virus
Web
Filtering
VPN
17. Data Protection Requires Different Thinking
Data is not static, so security cannot be static – it must persist
with the data itself. This is Data-Centric Protection.
Data Loss Prevention
Encryption
Strong Authentication
Device Control
18. Data Protection Requires Different Thinking
Data must be protected regardless of:
Easy to Lose Enticing to StealEasy to Transfer
AccessUsage DeviceLocation
Cybercrime “Black Market” Value
$98
$490 $147
$147
®
19. Data Protection Platforms
Data-at-
Rest
Data-in-
Motion
Data-in-
Use
Monitor, Notify,
and Prevent
Enforce, Audit,
and Respond
Identify, Classify,
and Protect
Incident and case management
Workflow and reportingDLP Manager
Full endpoint management
and deployment
Network DLP
Discover
Endpoint
Encryption
Encrypted
USB
Network DLP
Monitor
Network DLP
Prevent
Host DLP
Host DLP
Device
Control
Encrypted
USB
20. What is DLP?
Data
Sources
At rest
In use
In motion
User
Actions
Copy to
device
Burn to
disc
Cut, copy,
paste
Print
Email
Web
IM
Enforced to
Destination
Take home
Post to web
Send via net
Policy
Actions
Encrypt
Monitor
Educate
Block
Move
23. DLP is the Enabler
• DLP integrates all data protection
– It is the coordinating technology of a
comprehensive data protection solution
• DLP provides data workflow
oversight
– It responds to events & coordinates the
responses of other components
• DLP is the one tool that enables the
safe and flexible use of data
– Stop having to say ―NO‖ to your users
and start enabling ―YES‖
DLP provides integrated workflows & flexibility resulting in simplified processes, lower
costs and more comprehensive protection for your business without constraining your
employees!
24. 2010 2011
APRIL
Publishes
classified
Baghdad
airstrike video
showing 2007
attacks by U.S.
helicopter that
killed a dozen
people.
JULY
Publishes 91,000
documents,
majority secret
U.S. military files
about war in
Afghanistan,
back to 2004
OCTOBER
Releases 400,000
classified U.S.
military files from
Iraq War (2004-
2009)
NOVEMBER
Releases 250,000
classified U.S.
diplomatic
cables with
assessments of
world leaders and
Iran’s nuclear
missile program
NOVEMBER
Forbes reports
that WikiLeaks
plans to release
tens of thousands
of internal
documents from
major U.S. banks
in early 2011
Julian Assange
DECEMBER
2
Amazon.com
ceases hosting
WikiLeaks
website
DECEMBER
7
Internet activists
attack PayPal,
Mastercard and
Visa which
have withdrawn
services from
WikiLeaks
DECEMBER
21
Apple removes
WikiLeaks apps
from App Store
JANUARY 8
U.S. relocates
some people
named in
WikiLeaks
cables
JANUARY 17
Swiss
whistleblower
hands over data
on hundreds of
offshore bank
acct. holders to
WikiLeaks
FEBRUARY
WikiLeaks still
online, but DNS
records
removed
WikiLeaks