Internet Security Threat Report (ISTR) Vol. 16


Published on

Published in: Technology, News & Politics
1 Like
  • Be the first to comment

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide

Internet Security Threat Report (ISTR) Vol. 16

  1. 1. Information & Identity Protection Data Loss Prevention, Encryption, User AuthenticationInformation & Identity Protection Overview 1
  2. 2. Agenda 1 People and Information-Centric Security 2 Symantec’s Information & Identity Protection Suite 3 Next StepsInformation & Identity Protection Overview 2
  3. 3. Data Breaches are Top of Mind Insiders and Partners • Employees and partners stealing customer data and IP • 68% of breaches are caused by user negligence and system glitches Compliance • Breach notification and encryption enforcement laws are pervasive and now have real costs • Average cost of a data breach is up to $7.2 million External Threats • Lead to the most expensive cost per record breached: $318 • Attackers are profit driven or politically motivatedInformation & Identity Protection Overview 3
  4. 4. Evolving to Information-Centric Security System- Information- People & Centric Centric Information- Centric NEW BUSINESS TRENDS NEW THREATS • Collaborative apps and social • WikiLeaks media • Hacker Collectives • Information explosion • LulzSec • Virtual infrastructure and cloud • Anonymous • Mobile workforce • State-sponsored, targeted attacksInformation & Identity Protection Overview 4
  5. 5. As companies focus on securing their data, security professionals increasingly recognize that access control and information management are key components of data security. Proper management and control of user accounts, access permissions, and privileges is one of the most effective avenues to ensuring that data doesn’t walk out the door. Often, you must Khalid Kark demonstrate controls around segregation of CISO Advisor, Forrester duties, privileged access, and stronger authentication for Internet-facing applications to meet regulatory requirements.Information & Identity Protection Overview 5
  6. 6. Key Components of Information-Centric Security • Where is the sensitive data? AWARENESS • How is it being used? IDENTITY • Who should have access to sensitive data? • How to enforce data policies? PROTECTION • How to prevent breach?Information & Identity Protection Overview 6
  7. 7. Reducing Risk with Information and Identity Protection IDENTITY AWARENESS PROTECTION Authentication DLP Encryption Passwords Network Email + RISK Heuristics + Endpoint Endpoint Two Factor + + Biometric Storage StorageInformation & Identity Protection Overview 7
  8. 8. Information & Identity Protection Solution PortfolioMap Storage DLP Network DLP Endpoint DLP • Where is the sensitive data? AWARENESS • How is it being used? User Authentication IDENTITY • Who should have access to that data? Behavior Two-Factor PKI Shared Storage Email Endpoint • Encryption How to enforce data policies? Encryption Encryption PROTECTION • How to prevent breach?Information & Identity Protection Overview 8
  9. 9. Information & Identity Protection SolutionsInformation & Identity Protection Overview 9
  10. 10. Symantec User Authentication Products Risk-Based Tokens & Mobile Certificate • Machine and • Cloud based configuration • Multiple form factors infrastructure registered • Over 700 handsets • Certificates for • Risk score determined supported devices and people by machine, access pattern Symantec™ Management Platform Symantec™ VIP/PKI Authentication ServicesInformation & Identity Protection Overview 10
  11. 11. Symantec Encryption Products Storage Endpoint Email • PGP™ • PGP™ Whole Disk • PGP™ Gateway Email NetShareEncryption Encryption Encryption • PGP™ Command Line • Symantec Endpoint • PGP™ BlackBerry/iOS Encryption Encryption™ Encryption Removable Storage • PGP™ Desktop Email Encryption Symantec™ Management Platform PGP™ Universal ServerInformation & Identity Protection Overview 11
  12. 12. Symantec Data Loss Prevention Products Storage Endpoint Network • Symantec™ • Symantec™ • Symantec™ Data Loss Data Loss Data Loss PreventionNetwork PreventionEndpoint PreventionNetwork Discover Discover Monitor • Symantec™ • Symantec™ • Symantec™ Data Loss Prevention Data Loss Prevention Data Loss Prevention Data Insight Endpoint Prevent Network Prevent • Symantec™ Data Loss Prevention Network Protect Symantec™ Management Platform Symantec™ Data Loss Prevention Enforce PlatformInformation & Identity Protection Overview 12
  13. 13. Defense-In-Depth: Encryption + Data Loss Prevention Network DLP / Email Gateway Encryption • Automatically encrypt emails containing sensitive data • Notify employees in real time/context about encryption policies and tools Storage DLP / Shared Storage Encryption • Discover where confidential data files are stored and automatically apply encryption • Ease the burden to IT staff with near transparence to users Endpoint DLP / Endpoint Encryption • Target high risk users by discovering what laptops contain sensitive data • Protect AND enable the business by targeting encryption efforts to sensitive data moving to USB devicesInformation & Identity Protection Overview 13
  14. 14. The Symantec Advantage Integrated Flexible User Broad DLP Encryption Authentication Protects data across Identifies sensitive Strong authenticationlaptops, mobile devices, information requiring for people and their servers, and email protection across devices communications endpoints, network, and storageInformation & Identity Protection Overview 14
  15. 15. Thank you! For more information, download: Whitepaper: Data Protection Strategies Copyright © 2011 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.Information & Identity Protection Overview 15