Professional Documents
Culture Documents
Allen Schmidt
CCIE 4860, CISSP, CISA Security Solution Architect allen.schmidt@cdw.com
800.800.4239 | CDW.com/peoplewhogetit
AGENDA
Threats to Data Data Loss Prevention Methods
Symantec DLP
DLP Examples Why CDW for Security
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
2 2
THREATS TO DATA
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
3 3
RISK IS A COST
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
4 4
RISK ANALYSIS
Risk Analysis Is Tricky
The Allies in WWII wanted to improve pilot return rates from
bombing raids over Europe Abraham Wald (statistician) studied the problem of adding armor to planes to protect the pilots and the planes Bullet holes on planes returning to base were observed Distribution of new armor seemed obvious Taking data at face value can be misleading
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
5 5
Writers
Tool and Toolkit Writers
Asset
Compromise Individual Host or Application
End Value
Fame
Compromise Environment
Espionage
Corporate Government
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
6 6
Middle Men
Compromised Host and Application
End Value
Fame Theft
Espionage
Corporate Government
Extorted Pay-Offs Commercial Sales Pharmer/DNS Poisoning Fraudulent Sales Click-Through Revenue Identity Theft Financial Fraud
Information Harvesting
Personal Information
Internal Theft
Abuse of Privilege
Information Brokerage
Electronic IP Leakage
7 7
DLP IS IMPERATIVE
41%
of breaches
31%
of breaches
$7.2
2010 Annual Study: US Cost of a Data Breach; Ponemon Institute; March 2011
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
8 8
Source: http://datalossdb.org
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
9 9
10 10
DLP METHODS
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
11 11
WHAT IS DLP?
Where is your confidential data? How is it being used?
How best to prevent its loss?
DISCOVER
MONITOR
PROTECT
12 12
WHAT IS DLP?
DISCOVER
Find data wherever it is stored
Create inventory of sensitive data Manage data clean up
MONITOR
Understand how data is being used
Understand content and context
PROTECT
Proactively secure data Prevent confidential data loss Enforce data protection policies
MANAGE
Define unified policy across enterprise Remediate and report on incidents Detect content accurately
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
13 13
HOW IT WORKS
DISCOVER
2
MONITOR
3
4
PROTECT
Identify scan targets Run scan to find sensitive data on network & endpoint
MANAGE
1
Enable or customize policy templates
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
14 14
Healthcare
Insurance
Business Services
Manufacturing
95% reduction in new incidents within one year due to automated protection
97% risk reduction due to structured data detection of every U.S. citizens SSN and identify information
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
15 15
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
16 16
ability to execute
Symantec McAfee Websense RSA (EMC) Trustwave CA Verdasys Fidelis Security Systems Palisade Systems Trend Micro Code Green Networks
The Magic Quadrant is copyrighted 2010 by Gartner, Inc. and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner's analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the "Leaders" quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Symantec.
GTB Technologies
niche players
visionaries
completeness of vision
As of June2010
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
17 17
MTA or Proxy
Disconnected
DMZ
18 18
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
Storage
Network Network Discover Discover Network Protect
Endpoint
Endpoint Discover Endpoint Prevent
Network
Network Network Monitor Monitor Network Network Prevent Prevent
Management Platform
Enforce Platform
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
19 19
Sponsor
Data in Motion
Ease to Deploy
DLP "Lite
70%
IT or Email Admin
Simple
DLP "Full"
30%
Servers, Databases
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
20 20
Remediation
800
Notification
600
400
Prevention
200
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
21 21
DLP EXAMPLES
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
22 22
Find it. Fix it. Remove from open share and leave a file marker.
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
23 23 23
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
24 24
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
25 25
Fix Exposed Data on a Desktop Call center records improperly stored on an Endpoint
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
26 26
Clean Up Exposed Data on a Desktop Call center records improperly stored on an Endpoint
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
27 27
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
28 28
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
29 29 29
Prevent Breach of Customer Data Sensitive data sent via personal webmail
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
30 30
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
31 31
WHY CDW?
CDW is a recognized security leader. Our ability to help you protect your diverse assets is backed up by:
The Best Engineers in the Industry
Assessment
Firewall and Perimeter Design Endpoint Protection Data Loss Prevention
and More
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
32 32
Our people and our experience have earned us these top-notch qualifications.
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
33 33
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
34 34
35
Data in Motion
Data at Rest
Endpoint Software
Endpoint Monitor
(Agent Software)
Endpoint Prevent
(Agent Software)
35 35
Finish
Customer erases/ships server back to CDW
Closeout meeting
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
36 36
Report of Findings
Summary information related to risk Detailed findings and analysis No confidential information in document
CDW PROPRIETARY AND CONFIDENTIAL. COPYING RESTRICTED. FOR INTERNAL USE ONLY.
37 37
THANK YOU
800.800.4239 | CDW.com/peoplewhogetit