Securing the laptop with SafeNet & Sophos
With almost daily disclosures of data leaks and spying activities, it should be clear that simple password protection is a thing of the past. To secure your information, especially on computers that leave the office, two factor authentication should be a requirement.
Whatever security you use, it is important that it is easy, comprehensive, not hampering productivity, and can be used in the field.
Privileged Activity Monitoring
Shell Control Box is an activity monitoring appliance that controls privileged access to remote IT systems, records activities in searchable, movie-like audit trails, and prevents malicious actions. SCB is a quickly deployable enterprise tool with the widest protocol coverage on the market. It is completely independent from clients and servers - integrating seamlessly into existing infrastructures.
Webinar: Beyond Two-Factor: Secure Access Control for Office 365SecureAuth
James Romer, Chief Security Architect, discussed the requirements for achieving secure access control for Office 365, leveraging existing infrastructure and increasing security without compromising your user experience.
Explore how to move beyond two-factor authentication towards adaptive authentication which continuously analyzes risk-factors including, geo-location, behavioral biometrics and threat intelligence, to ensure your users are who they say they are.
A Symantec Advisory Guide Migrating to Symantec™ Validation and ID Protection...Symantec
Who should read this paper:
IT, security managers, and executives who use legacy on-premise two factor authentication solutions and are considering a switch to another provider’s solution for two-factor authentication should read this document. This solution brief offers advice about gauging the security of a new solution, understanding the ease of deployment and management, choosing the right strategy for migration, and measuring the total cost effectiveness of a new solution.
Privileged Activity Monitoring
Shell Control Box is an activity monitoring appliance that controls privileged access to remote IT systems, records activities in searchable, movie-like audit trails, and prevents malicious actions. SCB is a quickly deployable enterprise tool with the widest protocol coverage on the market. It is completely independent from clients and servers - integrating seamlessly into existing infrastructures.
Webinar: Beyond Two-Factor: Secure Access Control for Office 365SecureAuth
James Romer, Chief Security Architect, discussed the requirements for achieving secure access control for Office 365, leveraging existing infrastructure and increasing security without compromising your user experience.
Explore how to move beyond two-factor authentication towards adaptive authentication which continuously analyzes risk-factors including, geo-location, behavioral biometrics and threat intelligence, to ensure your users are who they say they are.
A Symantec Advisory Guide Migrating to Symantec™ Validation and ID Protection...Symantec
Who should read this paper:
IT, security managers, and executives who use legacy on-premise two factor authentication solutions and are considering a switch to another provider’s solution for two-factor authentication should read this document. This solution brief offers advice about gauging the security of a new solution, understanding the ease of deployment and management, choosing the right strategy for migration, and measuring the total cost effectiveness of a new solution.
It's been over 8 months since HEAT and LANDESK merged to create Ivanti. Now that the dust has settled, you may be wondering, "what does Ivanti do anyway?" In this webinar, Kevin J Smith (former HEAT SVP), Steve Morton (Ivanti CMO), and Chris Goettl (Ivanti Product Manager) will discuss Ivanti's products and how they're helping to unify IT.
Panda Endpoint Protection Plus is the cloud-based solution that allows you to manage the security of all of the computers in your network and control user productivity at the lowest possible cost of ownership.
More info: http://www.pandasecurity.com/enterprise/solutions/cloud-office-protection-advanced/
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud SecuritySymantec
Nico Popp, Vice President, Information Protection, Symantec explains. As users, infrastructure and applications move to the cloud at a record-breaking pace, the cloud has become a paradox: both a dream and a nightmare. Accessibility, scale, price and elasticity drive high adoption while security is a source of constant concern. This session will focus on a practical four pillar model for enterprise cloud security, all supported by real-world implementation.
Using a smart building as their case study, Forescout Research Labs investigated how IoT devices can be leveraged as an entry point to a building’s network, where legacy OT assets, IT systems and IoT devices all intersect. Key findings from our research include:
• How the IoT is impacting the organizational threat landscape
• The additional risks that IoT devices introduce
• How to evolve your cybersecurity strategy for the age of IoT
The answer is no for about 90% of the cyber assets due to the very minimal risk reduction achieved. Spend your effort elsewhere. Presentation goes over categories of security patching in ICS and recommends prioritized security patching.
The CIS Top 5 provide the building blocks of a solid security foundation and provide the essential cybersecurity hygiene all companies should have in place. Follow their recommendations and you’ll be able to prevent 85% of modern cyberattacks. But sometimes that’s easier said than done. Let Ivanti IT security expert Chris Goettl guide you through the CIS framework and share best practices for boosting your security defenses.
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.Cristian Garcia G.
El control de cuentas y accesos privilegiados enfrenta la realidad actual que involucra complejidad de ambientes de nube, sistemas y plataformas SAAS, así como sistemas legados y bajo premisa. ¿Cómo se adecúan los productos de administración de accesos actuales a esta realidad tecnológica? ¿En torno a qué deben estar listas estas soluciones?
Most organizations recognize the benefits of single sign-on (SSO): Users love it because they have only one password to remember; security teams love it because they can require that one password to be strong; and management loves it because it boosts productivity while reducing password reset calls.
But how secure is your SSO? A great user experience sometimes means sacrificing security. And even the strongest passwords won’t protect you from the misuse of stolen credentials.
Discuss the shortcomings of traditional SSO and how an adaptive approach can strengthen security while still delivering an amazing user experience.
Despite the constant stream of drama-filled news about the latest security exploits, many businesses lag behind in making investments in patch management. Whether the mindset is “Windows updates itself” or “we’ll deal with problems as they occur” – many have yet to invest in a regular patch management program. Explaining patch management is not only necessary but is in fact vital to business productivity and continuity.
Join N-able’s Scott Parker for some great data and hard numbers on patch management and some tips on how to get your customers on a regular patch management program. He’ll cover:
• How to position patch management (and deal with common objections)
• Where are the missing patches?
• What are the consequences of unpatched systems?
Supply Chain Threats to the US Energy SectorKaspersky
This presentation by Cynthia James discusses steps to take towards cyber-securing the supply chain of Energy sector organizations in the U.S. From the biggest challenges to a review of regulation and compliance guidelines, this deck covers three areas of Energy: nuclear, electric and "other".
Cynthia James is a CISSP (Certified Information Systems Security Professional) and frequent presenter for the TABD group at Kaspersky Lab, global provider of cybersecurity solutions. With 9 years of experience in the cybersecurity space, Cynthia is a regular speaker on the subject and has authored a book on cybercrime: “Stop Cybercrime from Ruining Your Life".
Symantec and ForeScout Delivering a Unified Cyber Security SolutionDLT Solutions
Tom Blauvelt from Symantec and Sean Telles and Chris Dullea from ForeScout share how both companies together can deliver a unified cyber security solution.
Adopting A Zero-Trust Model. Google Did It, Can You?Zscaler
Based on 6 years of creating zero trust networks at Google, the BeyondCorp framework has led to the popularization of a new network security model within enterprises, called the software-defined perimeter.
Kaspersky endpoint security business presentationData Unit
A presentation of the kaspersky portofolio for business. The antivirus package of kaspersky Endpoints, can secure your mobiles, desktops, servers and more.
Next-generation Zero Trust Cybersecurity for the Space AgeBlock Armour
Space infrastructure has become an integral part of everyday life, with individuals, businesses and governments relying overwhelmingly on it. However, despite the space industry’s technical sophistication, its cybersecurity efforts have lagged behind that of other high-tech sectors.
Block Armour has developed a next-gen Zero Trust Cybersecurity solution explicitly designed for connected devices, integrated IoT systems and related communication networks. And, is extending the solution to deliver Zero Trust Cybersecurity for Software-defined Space based Systems.
SafeNet is trusted to protect, control access to, and manage the worlds most sensitive data. SafeNet has 2 core activities: Strong authentication (2FA) and Data Encryption & Crypto Management because DATA IS THE NEW PERIMETER!
It's been over 8 months since HEAT and LANDESK merged to create Ivanti. Now that the dust has settled, you may be wondering, "what does Ivanti do anyway?" In this webinar, Kevin J Smith (former HEAT SVP), Steve Morton (Ivanti CMO), and Chris Goettl (Ivanti Product Manager) will discuss Ivanti's products and how they're helping to unify IT.
Panda Endpoint Protection Plus is the cloud-based solution that allows you to manage the security of all of the computers in your network and control user productivity at the lowest possible cost of ownership.
More info: http://www.pandasecurity.com/enterprise/solutions/cloud-office-protection-advanced/
Get Your Head in the Cloud: A Practical Model for Enterprise Cloud SecuritySymantec
Nico Popp, Vice President, Information Protection, Symantec explains. As users, infrastructure and applications move to the cloud at a record-breaking pace, the cloud has become a paradox: both a dream and a nightmare. Accessibility, scale, price and elasticity drive high adoption while security is a source of constant concern. This session will focus on a practical four pillar model for enterprise cloud security, all supported by real-world implementation.
Using a smart building as their case study, Forescout Research Labs investigated how IoT devices can be leveraged as an entry point to a building’s network, where legacy OT assets, IT systems and IoT devices all intersect. Key findings from our research include:
• How the IoT is impacting the organizational threat landscape
• The additional risks that IoT devices introduce
• How to evolve your cybersecurity strategy for the age of IoT
The answer is no for about 90% of the cyber assets due to the very minimal risk reduction achieved. Spend your effort elsewhere. Presentation goes over categories of security patching in ICS and recommends prioritized security patching.
The CIS Top 5 provide the building blocks of a solid security foundation and provide the essential cybersecurity hygiene all companies should have in place. Follow their recommendations and you’ll be able to prevent 85% of modern cyberattacks. But sometimes that’s easier said than done. Let Ivanti IT security expert Chris Goettl guide you through the CIS framework and share best practices for boosting your security defenses.
RETOS ACTUALES E INNOVACIÓN SOBRE EL CONTROL DE ACCESOS PRIVILEGIADOS.Cristian Garcia G.
El control de cuentas y accesos privilegiados enfrenta la realidad actual que involucra complejidad de ambientes de nube, sistemas y plataformas SAAS, así como sistemas legados y bajo premisa. ¿Cómo se adecúan los productos de administración de accesos actuales a esta realidad tecnológica? ¿En torno a qué deben estar listas estas soluciones?
Most organizations recognize the benefits of single sign-on (SSO): Users love it because they have only one password to remember; security teams love it because they can require that one password to be strong; and management loves it because it boosts productivity while reducing password reset calls.
But how secure is your SSO? A great user experience sometimes means sacrificing security. And even the strongest passwords won’t protect you from the misuse of stolen credentials.
Discuss the shortcomings of traditional SSO and how an adaptive approach can strengthen security while still delivering an amazing user experience.
Despite the constant stream of drama-filled news about the latest security exploits, many businesses lag behind in making investments in patch management. Whether the mindset is “Windows updates itself” or “we’ll deal with problems as they occur” – many have yet to invest in a regular patch management program. Explaining patch management is not only necessary but is in fact vital to business productivity and continuity.
Join N-able’s Scott Parker for some great data and hard numbers on patch management and some tips on how to get your customers on a regular patch management program. He’ll cover:
• How to position patch management (and deal with common objections)
• Where are the missing patches?
• What are the consequences of unpatched systems?
Supply Chain Threats to the US Energy SectorKaspersky
This presentation by Cynthia James discusses steps to take towards cyber-securing the supply chain of Energy sector organizations in the U.S. From the biggest challenges to a review of regulation and compliance guidelines, this deck covers three areas of Energy: nuclear, electric and "other".
Cynthia James is a CISSP (Certified Information Systems Security Professional) and frequent presenter for the TABD group at Kaspersky Lab, global provider of cybersecurity solutions. With 9 years of experience in the cybersecurity space, Cynthia is a regular speaker on the subject and has authored a book on cybercrime: “Stop Cybercrime from Ruining Your Life".
Symantec and ForeScout Delivering a Unified Cyber Security SolutionDLT Solutions
Tom Blauvelt from Symantec and Sean Telles and Chris Dullea from ForeScout share how both companies together can deliver a unified cyber security solution.
Adopting A Zero-Trust Model. Google Did It, Can You?Zscaler
Based on 6 years of creating zero trust networks at Google, the BeyondCorp framework has led to the popularization of a new network security model within enterprises, called the software-defined perimeter.
Kaspersky endpoint security business presentationData Unit
A presentation of the kaspersky portofolio for business. The antivirus package of kaspersky Endpoints, can secure your mobiles, desktops, servers and more.
Next-generation Zero Trust Cybersecurity for the Space AgeBlock Armour
Space infrastructure has become an integral part of everyday life, with individuals, businesses and governments relying overwhelmingly on it. However, despite the space industry’s technical sophistication, its cybersecurity efforts have lagged behind that of other high-tech sectors.
Block Armour has developed a next-gen Zero Trust Cybersecurity solution explicitly designed for connected devices, integrated IoT systems and related communication networks. And, is extending the solution to deliver Zero Trust Cybersecurity for Software-defined Space based Systems.
SafeNet is trusted to protect, control access to, and manage the worlds most sensitive data. SafeNet has 2 core activities: Strong authentication (2FA) and Data Encryption & Crypto Management because DATA IS THE NEW PERIMETER!
Learn how to get more out of your PCI investment with this presentation from SafeNet titled: "Life After Compliance". Derek Tumulak discusses current approaches to PCI DSS compliance, challenges to ensuring compliance, and how to achieve best practices while addressing compliance challenges.
[Webinar] Why Security Certification is Crucial for IoT SuccessElectric Imp
[View the Webinar] - https://electrici.mp/2v1fQlI
Electric Imp CEO, Hugo Fiennes, and UL’s Director of Connected Technologies, Rachna Stegall discuss the unique demands of helping to secure the IoT — and why independent certification is even more critical in the fast-evolving world.
Join us to hear Fiennes & Stegall share candid insights into why establishing an IoT Security Benchmark, such as UL 2900-2-2 Cybersecurity Certification, is critical for due diligence of edge to enterprise technologies — and the future of commercial, industrial and consumer IoT overall.
Task Force on IoT Security
About CISO Platform
Largest DDOS Attack Against DYN
How can we minimize the risk?
IoT Architectural Layers
Components of an IoT Node
A lot of times large volume data needs to be exchanged over the internet securely! emSafe with its advanced PKI integration allows for encrypting and signing data to ensure confidentiality, integrity and non-repudiation.
Global banks that receive payment files from large Corporates use emSafe combined with digital signatures to ensure security of data in transit.
Typical use cases include multi-platform enabled secure data transfer, enterprise host-to-host secured communication, secure remote data sharing, and personal level file protection. emSafe is available in desktop, SDK and Web service versions.
OASIS: open source and open standards: internet of thingsJamie Clark
How FOSS projects and open ICT standards often interact in a virtuous cycle. Recent examples, and a list of IoT-relevant open standards projects at OASIS. Feb 2014
Internet of things are exploding. This whitepaper would help product developers to understand the Security and Privacy issues, their impact and a recommendation for embedding the best practices during PDLC.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...
The Secure laptop - intro BXL
1. Insert Your Name
Insert Your Title
Insert Date
SafeNet – Sophos
Secure Laptop session
26th of February 2014 – Atomium Brussels
Len Lavens – Yves Van Tongerloo – Richard Nitters
– Vincent Vanbiervliet – Peter Magez
2. Agenda
Introduction: 17.00 - 17.30
Yves Van Tongerloo (SafeNet) & Peter Magez (Sophos)
Challenges of securing the laptop: 17.30 - 18.15
Len Lavens
See it in action - live demo: 18.15 - 19.00
Richard Nitters (SafeNet) & Vincent Vanbiervliet (Sophos)
Dinner: 19.00 onwards
2
3. About Sophos
Founded 1985 in Oxford, UK
Appx. $400 million in FY13 billings
Appx. 2,200 employees
Over 220,000 customers
Over 100 million users
HQ in Oxford, UK and Boston, MA
Best in class renewal rates (90+%)
20,000+ channel partners
OEM Partners: Cisco, IBM, Juniper, Citrix, Lenovo, Rackspace
Key development centers: Abingdon, UK; Vancouver, BC;
Karlsruhe, Germany; Linz, Austria; Budapest, Hungary;
Ahmedabad, India
20+ additional offices worldwide
Sophos in Oxford, UK
4.
5. The idea
Infosec 2008: meeting with Len Lavens
The request: a secure laptop: simple, easy to use and
highly secure
The solution: SafeGuard Device Encryption and
SafeNet e-token
6. A quote
―Complex solutions aren’t solutions. We
make security for the real world – for
the pragmatic enterprise. Simple
security is better security.‖
• Kris Hagerman, CEO Sophos
7. Sensitive data is everywhere today
Cloud storage MobilesPersonal devices
Traditional corporate perimeter
8. Some facts and Figures
86% of organizations has had a laptop lost or stolen1
$49,246 is the average value of one lost laptop2
7.1% of laptops will be lost at some time in their life2
>8,000 laptops left behind in US airports every week3
81% of medium-size (100-1,000) companies don’t
have encrypted laptops4
64% of large-size (1,000+) companies don’t have
encrypted laptops4
1. Ponemon Institute, 2010,
2. Ponemon Institute, 2013
3. Ponemon Institute Research 2008 (67% of 12,000)
4. IDC 2012
9. Sophos Data Protection Strategy
Secure Data
Everywhere
Removable, Network
files, Mobile, Cloud
Multi-platform
Management
Windows, Mac,
Mobile
Performance
Leverage native
OS encryption
Deliver the Best of Both Worlds:
Security and Performance
11. About SafeNet
The Data Protection COMPANY – key facts
We protect the most
money that moves in
the world, $1 trillion
daily
We protect the most digital
identities in the world.
(+ 35 million identities)
We protect the most
classified information
in the world
FOUNDED
1983
REVENUE
+450m
EMPLOYEES
+1,600
- 26 countries
> 800 crypto
engineers
OWNERSHIP
Private
GLOBAL FOOTPRINT
+25,000
Customers in
100 countries
ACCREDITED
Products certified
to the highest
security standard
over 130 FIPS
certificates
11
Recognised by Gartner
as the Leader for
Authentication
13. SafeNet: THE User Authentication market leader 2014
Gartner Recognizes SafeNet in Leaders Quadrant in Magic Quadrant for User
Authentication.
SafeNet positioned as a market leader for its completeness of vision and ability to
execute
13
16. Identities Transactions Data Communications
SafeNet Data Protection Product Portfolio
Offering the broadest
range of authenticators,
from smart cards and
tokens to mobile phone
auth—all managed from
a single platform
Authentication
Offering The most
secure, and easiest to
integrate technology for
securing PKI identities
and transactions.
HSM
SafeNet’s DataSecure – a
Universal platform
delivering intelligent data
protection and control for
information assets
Data Encryption
and Control
SafeNet high-speed
network encryptors
combine the highest
performance with a unified
management platform
High-Speed
Network Encryption
16
17. File Servers
Databases
Applications
SafeNet: Protecting Your Data
Virtual Machines
SaaS Apps
Storage Networks
Encrypt Your Data
1
Internal Users +
Administrators
Cloud Providers
Admins/Superusers
Customers +
Partners
Secure &
Manage Your
Keys
2
Control
Access
3
WHERE IS YOUR DATA? WHERE ARE
YOUR KEYS
WHO AND WHAT IS
ACESSING YOUR DATA
19. • Secure laptop (ex: for 100 users):
• SafeGuard Device Encryption (with SafeGuard Management Center) +
SafeNet Etoken (software included)
Standard buying price: 150€/user
Promo (only for attendees of this session): 99€/user
*Promo valid till June 30th 2014
• How to buy
• Via your preferred Sophos or SafeNet reseller
• Peter.magez@sophos.com
• Yves.VanTongerloo@safenet-inc.com
Secure Laptop Promotion
20. Insert Your Name
Insert Your Title
Insert Date
SafeNet – Sophos
Thank You!
Yves Van Tongerloo – Sales Manager SafeNet
Yves.vantongerloo@safenet-inc.com - +32 476 46 99 11
Peter Magez – Sales Manager Sophos
Peter.Magez@sophos.com - +32 497 44 00 62
Editor's Notes
Over the last decade or so there has been a big shift in how people tend to work and also how they access corporate data and corporate resources. Sensitive corporate and customer data is moving outside the relative safety of the traditional corporate security perimeter – which is computers on site and within the corporate firewall. Users today want to access information in an increasing number of ways: For example accessing files on personal computers at home, on their own tablets and mobiles, or sharing data through public cloud storage providers. Basically, sensitive data can be found EVERYWHERE today. [Having data move to so many places and devices outside the direct control of organization of course creates challenges…]
To give this some perspective, I wanted to share a few interesting stats that are relevant to data protection. It is interesting to note that a large majority of all companies – 86% – has had a laptop lost or stolen at some point. The cost of the hardware when losing a laptop is of course not particularly significant – it is the data it contains that holds the real value. The average value of every lost record is well over US $100 / about €100 per record which adds up to almost US $50,000 per lost laptop as a global average. Another fact that certainly made me raise my eyebrows when I first came across it, is that over 8,000 laptops are being left behind in US airports EVERY WEEK and these were never reclaimed - which is an absolutely astonishing number. The research behind this (by Ponemon Institute) was done quite a few years ago now - back in 2008 – although that with the way people still travel and use laptops, it is quite reasonable to assume that the numbers are at least similar today, if not even higher… Also, over 80% of medium-size companies, with 100-1000 users, don’t even encrypt their laptops – leaving over 4/5ths very vulnerable to the risks associated with data breaches or lost hardware. This of course makes this company size a very attractive target segment for SafeGuard Enterprise.
[So, that brings me to the main cornerstone in our new Data Protection Strategy, (which is) to Deliver the best of both worlds: Security and Performance…]Performance: Recent versions of both Windows and Mac already have disk encryption technology built-in: BitLocker on Windows and FileVault 2 on Mac. To make sure that encryption is as fast, reliable, and as seamless as possible, we now leverage this built-in - or “native” - encryption technology whenever it is available - which dramatically improves performance compared to any proprietary 3rd party encryption technology. Since the built-in encryption processing sits at a lower layer and integrates tighter in the OS – it can boot and run faster, making encryption virtually invisible to the user. SafeGuard Enterprise comes with excellent functions that manage clients encrypted with both BitLocker and the FileVault 2 in the same Management Center console. Meaning that there is no need to maintain separate management processes on Windows and Mac for deployment, key recovery, reporting etc. [Next pillar:]Having the ability to efficiently and centrally manage devices, keys, policies, recovery etc. across all devices in the organization is absolutely critical in order to “keep encryption simple” so the second part of our strategy is Multi-platform Management: Ensuring that all devices can be managed from the same console/Management Center regardless of platform. Windows and Mac are supported from this release and looking into the near future, also mobile devices will follow suit. [Next pillar:]Finally, the third part of our new strategy is to Secure Data Everywhere. As I already mentioned at the very beginning, with the changes to how people work these days, knowing that data is safe, no matter from where it’s accessed or shared means peace of mind and ultimately security (RM, NW files, mobile, cloud etc)[Before we take a look at the new features, I just would like to quickly cover what all of this means to who we believe is the ideal customer for SafeGuard Enterprise…]
An organization has to consider three factors when building a comprehensive data protection strategy. First, where does their sensitive data live? There is customer and employee data residing typically in databases, financial information in file servers, and back-up in storage networks. Then there is enterprise data sitting in the cloud – associated with applications such as SFDC. At least in physical data centers, enterprises are aware of where the data is…but as data centers get virtualized and move to cloud, the enterprises fear losing control over their sensitive data. But, in all scenarios, the bottom line is that organizations have to be able to encrypt their data: structured, unstructured, virtualized or cloud. To support encryption you need key management – your encryption can easily be undermined if you don’t have strong key management. Key management is a complex problem – strength of the keys, rollover policies – all depending upon the type of application or data you are encrypting. And finally, it is not just about encryption, you still have to control who has access to what application, data. Compliance mandates require clear separation of duty – which plays into strong authentication and authorization implementations within the enterprise.