Published on October 1, 2014
An Ounce of Prevention Is Worth… $5.9M How to use Symantec Unified Security to prevent data breaches due to lost or stolen devices Presenter: Chris Wargo, CISSP, CISA WEBCAST: AN OUNCE OF PREVENTION 1
Agenda About infoLock Technologies The Lost or Stolen Device Problem The Symantec Unified Security Solution Business Use Cases Q&A WEBCAST: AN OUNCE OF PREVENTION 2
About infoLock Technologies WEBCAST: AN OUNCE OF PREVENTION 3 • Information security consulting & integration services • Symantec Security Focus Partner • DLP Master Specialist & INSIGHT DLP Appliance developer • 100+ DLP, Encryption, and Mobility implementations; customers range from 100 to 40,000+ users • Customers in all industry verticals – financial services, healthcare, insurance, government, technology, legal, manufacturing, and telecommunications View slide
Mobile Workforce + BYOD = Risk Credit Suisse Says VP Stole Secrets WEBCAST: AN OUNCE OF PREVENTION 58% of employees store company-sensitive information on their personal devices 40% of employees use sensitive business data they have taken with them when they changed companies More than 50% of employees send business documents to their personal email and don’t delete them after use One-third of employees move work files to file sharing apps without permission Sources: What’s Yours Is Mine: How Employees are Putting Your Intellectual Property at Risk, Symantec & Ponemon Institute Security Awareness Training: It's Not Just for Compliance, Enterprise Management Associates 4 View slide
The lost or stolen device problem The average value of one lost laptop is $49,2461 49% of data breaches in the healthcare industry are caused by lost or stolen computing devices2 31% of data breaches across all industries are caused by human error, including lost or stolen devices3 When the loss or theft of a device causes a data breach, the total cost increases by as much as $18 per lost record3 Sources: (1) The Billion Dollar Lost Laptop Problem, Ponemon Institute, 2010 (2) Fourth Annual Benchmark Study on Patient Privacy & Data Security, Ponemon Institute, 2014 (3) 2014 Cost of Data Breach Study: United States, Ponemon Institute WEBCAST: AN OUNCE OF PREVENTION 5
The average cost of a data breach in the US is $5.9 Million WEBCAST: AN OUNCE OF PREVENTION 6
Symantec Unified Security is the Solution No single technology can prevent data breaches due to lost or stolen devices. By using Symantec’s multi-layered Unified Security approach, however, you get the comprehensive protection you need to safeguard your critical data and ensure that a lost or stolen device doesn't end up costing you millions. WEBCAST: AN OUNCE OF PREVENTION 7
Unified Security Model 1. Locate and monitor your critical data DATA LOSS PREVENTION 2. Encrypt and protect data on endpoints ENCRYPTION 3. Manage and secure mobile devices MOBILITY SUITE WEBCAST: AN OUNCE OF PREVENTION 8
Locate and monitor critical data DATA LOSS PREVENTION Symantec Data Loss Prevention enables you to discover, monitor and protect confidential information wherever it is stored or used • Email, web, and other network-based communications • Servers, databases and other document repositories • Laptops, desktops, and removable storage • Mobile devices • Cloud applications WEBCAST: AN OUNCE OF PREVENTION 9
• Inspect data being sent • Monitor network & endpoint events MANAGE MANAGE DISCOVER 2 3 • Identify scan targets • Run scan to find sensitive data on network & endpoint • Enable or customize policy templates • Remediate and report on risk reduction MONITOR 1 PROTECT 4 5 • Block, remove or encrypt • Quarantine or copy files • Notify employee & manager How It Works WEBCAST: AN OUNCE OF PREVENTION 10
Threat Coverage USB/CD/DVD Print/Fax Stored data Email Instant Message FTP SharePoint / Exchange Databases File Servers DLP Policy Monitoring & Prevention Discovery & Protection Webmail Web servers Untrusted networks WEBCAST: AN OUNCE OF PREVENTION 11
Detection Technology Described Content Matching WEBCAST: AN OUNCE OF PREVENTION Indexed Document Matching Vector Machine Learning DESCRIBED DATA Non-indexable data Lexicons Regular Expressions Data Identifiers STRUCTURED DATA CUSTOMER DATA Customer / Employee Data Partial row matching Near perfect accuracy UNSTRUCTURED DATA INTELLECTUAL PROPERTY Designs / Source / Financials Derivative match Near perfect accuracy UNSTRUCTURE DATA INTELLECTUAL PROPERTY Designs / Source / Financials Derivative match Very High Accuracy 300M+ rows per server 5M+ docs per server Exact Data Matching 12
Symantec Difference – Workflow 80% of DLP is Incident Response WEBCAST: AN OUNCE OF PREVENTION 13 Right Automation Resolution, Enforcement, Notification Right Person Route Incidents to Right Responder Right Order High Severity of Incidents First Right Information 5 Second Test Right Action 1 Click Response Right Metrics Prove Results to Execs and Auditors
Symantec Data Loss Prevention Products STORAGE ENDPOINT Network Discover Data Insight Network Protect WEBCAST: AN OUNCE OF PREVENTION 14 Endpoint Discover Endpoint Prevent Mobile Email Monitor Mobile Prevent Management Platform NETWORK Network Monitor Network Prevent for Email Network Prevent for Web Symantec Data Loss Prevention Enforce Platform
Symantec Data Loss Prevention for Mobile Mobile Email Monitor Mobile Prevent WEBCAST: AN OUNCE OF PREVENTION Corporate Email Web Applications Third Party Apps Monitor confidential data downloaded to company and employee-owned devices Monitor and block confidential data sent from company-owned devices 15
Encrypt and protect data on endpoints ENCRYPTION Symantec Encryption enables organizations to deliver enterprise-wide data protection. Our solutions provide standards-based technology, centralized policy management, compliance-based reporting, and universal management for your encryption products. WEBCAST: AN OUNCE OF PREVENTION 16
Symantec Encryption Products STORAGE ENDPOINT NETWORK WEBCAST: AN OUNCE OF PREVENTION 17 Management Console Symantec Encryption Management Server File Share Encryption Drive Encryption Removable Storage Encryption Gateway Email Encryption
Symantec Encryption Management Server Reduces cost and accelerates deployment using a single unified console to oversee operations Enforces security policies automatically from a centrally-managed console Provides robust compliance reporting across multiple products (endpoint encryption, email encryption, etc.) Integration with Symantec Protection Center; correlates endpoint status to identify unprotected systems and remediate accordingly WEBCAST: AN OUNCE OF PREVENTION 18
Symantec Drive Encryption Comprehensive Multi-Platform Coverage Optional Silent Deployment High Performance Provides Safe Harbor should a device be lost or stolen Protects against unauthorized access WEBCAST: AN OUNCE OF PREVENTION 19
Symantec Removable Storage Encryption Safeguard intellectual property Share encrypted data easily and seamlessly Transparently manage security policies through directory integration Decrypts and encrypts data without an installed client (offline access) Enables access to encrypted data on Windows and Mac computers WEBCAST: AN OUNCE OF PREVENTION 20
Defense-In-Depth: Encryption + Data Loss Prevention WEBCAST: AN OUNCE OF PREVENTION 21 Network DLP / Email Gateway Encryption •Automatically encrypt emails containing sensitive data •Notify employees in real time/context about encryption policies and tools Storage DLP / Shared Storage Encryption •Discover where confidential data files are stored and automatically apply encryption •Ease the burden to staff with near transparence Endpoint DLP / Endpoint Encryption •Target high risk users by discovering what laptops contain sensitive data •Protect & enable the business by targeting encryption efforts to sensitive data moving to USB devices
Manage and secure mobile devices MOBILITY SUITE Symantec Mobility: Suite 5.0 provides an integrated modular solution to centrally manage and provide secure use of mobile devices for your organization WEBCAST: AN OUNCE OF PREVENTION 22
Symantec Mobility: Suite 5.0 Symantec™ Mobility: Suite Mobility: Device Management (MDM) WEBCAST: AN OUNCE OF PREVENTION Mobility: Application Management (MAM) Includes Secure Email and Secure Web Mobility: Threat Protection powered by Norton™ 23
Symantec Mobility: Mobile Device Management Provides visibility and control over smartphones and tablets Provides anti-theft functions to locate, lock, reset, and wipe the device Advanced security settings ensure compliance to internal and external security requirements Prevents non-compliant devices from connecting to corporate assets. WEBCAST: AN OUNCE OF PREVENTION 24
Symantec Mobility: Application Management Protects corporate apps and data by wrapping a layer of security and policy management around mobile apps without any source code changes or SDK embedding Provides granular control of corporate apps and data with comprehensive per-app policies Containerizes corporate apps – providing clean separation between corporate and personal data for BYOD organizations Enables self-service distribution of apps through Enterprise App Store with roles-based security and data protection WEBCAST: AN OUNCE OF PREVENTION 25
Symantec Mobility: Threat Protection Enables compliance with policy and regulatory requirements Protects against viruses, snoopware, data theft, SMS scams, and mobile malware Restricts vulnerabilities and possible attack vectors by enabling only required phone features WEBCAST: AN OUNCE OF PREVENTION 26
Use Case: Financial Services Firm The Situation: Auditors and accounting staff use laptops and smartphones when working at customer sites The Risk: Devices may contain sensitive corporate and/or customer data and could represent data breach if lost or stolen; Smartphones could be used to attempt unauthorized access to corporate network The Solution: Use Symantec DLP to locate and identify sensitive data on devices; Use Symantec Encryption to encrypt laptop hard drives and protect data; Use Symantec Mobility Suite to enforce corporate security policies and control access to corporate network WEBCAST: AN OUNCE OF PREVENTION 27
Use Case: High Tech Manufacturing Firm The Situation: Engineering and design staff utilize portable computing and data-bearing devices when traveling between offices and manufacturing plants The Risk: Hard drives and removable storage devices may contain sensitive corporate information, including valuable intellectual property; Malicious insiders could try to remove sensitive data and sell to competitors The Solution: Use Symantec DLP to locate sensitive data on devices, monitor use, and prevent unauthorized transfer; Use Symantec Encryption to encrypt drives and storage devices to protect data in the event of loss or theft WEBCAST: AN OUNCE OF PREVENTION 28
Use Case: Healthcare Provider The Situation: Doctors and healthcare providers use smartphones and tablets for care delivery; administrators use laptops and removable storage for business process, billing, and claims related tasks The Risk: Smartphones and tablets may be used for personal use, exposing sensitive ePHI and diagnostic information; Portable computing devices may contain large amounts of sensitive patient data and financial information The Solution: Use Symantec Mobility Suite to wrap diagnostic apps, control usage, and provide secure access; Use Symantec Encryption to ensure that all sensitive data is protected in the event of loss or theft WEBCAST: AN OUNCE OF PREVENTION 29
Conclusion The Mobile Workforce and BYOD are trends that are here to stay. Portable computing and heterogeneous mobile devices will continue to proliferate, and our sensitive data will follow with them. There is no single point solution that can protect your organization. You need a multi-layered Unified Security approach that protects your critical information wherever it is used to ensure that a lost or stolen device doesn’t end up costing you millions. WEBCAST: AN OUNCE OF PREVENTION 30
For more information: Chris Wargo firstname.lastname@example.org Thank you! WEBCAST: AN OUNCE OF PREVENTION 31
Presentación que realice en el Evento Nacional de Gobierno Abierto, realizado los ...
In this presentation we will describe our experience developing with a highly dyna...
Presentation to the LITA Forum 7th November 2014 Albuquerque, NM
Un recorrido por los cambios que nos generará el wearabletech en el futuro
Um paralelo entre as novidades & mercado em Wearable Computing e Tecnologias Assis...
Symantec Data Leak Prevention protects your cloud and ... Symantec Data Loss Prevention ... Symantec DLP’s unified management console makes it easy ...
Read the Verizon 2015 Data Breach Investigations Report as well as past reports and highlights. Protect against data breaches ... data breach security for ...
Laptop theft is a significant threat ... losses due to laptop theft ... Of the $48B lost from the U.S. economy as a result of data breaches, 28% resulted ...
Search Microsoft Security. Search Microsoft.com. Home. ... Review online security basics. Use social sites more safely. ... Loading Blog data..... Please Wait
... can ensure that human error—which is a big cause of data security breaches ... to use in case your data is stolen. ... is not worth the ...
Data Loss Prevention; Data Security and Cloud ... Identity Theft and Data Security Breaches; ... a new approach to defending endpoint devices that turns ...
... promoting openness by public bodies and data privacy for individuals. ... security Principle 8 ... About the Guide to data protection.
Disk encryption is a technology ... some disk encryption solutions use multiple ... renders the contained data useless. However, if security towards ...