data loss prevention overvie · what is dlp? •data loss prevention is the approach a company...
TRANSCRIPT
![Page 1: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/1.jpg)
Copyright 20091
Data Loss Prevention Overview
Bob Bagheri
Chesapeake Netcraftsmen
Cisco Mid-Atlantic Users Group
March 2010
![Page 2: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/2.jpg)
Copyright 20092
Background Information
• Bob Bagheri, Network Consultant
• CCSP,CCNP,CICSA
• Working with Netcraftsmen since 2007
• Prior to Netcraftsmen mostly internal OPS
– Fortune 500
– Telco
– Financial Institution
– Biotech
![Page 3: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/3.jpg)
Copyright 20093
Agenda
• What is DLP?
![Page 4: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/4.jpg)
Copyright 2009
Agenda
• What is DLP?
• What/Why/How
– What are we protecting?
– Why are we protecting it?
– How are we protecting it?
4
![Page 5: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/5.jpg)
Copyright 2009
Agenda
• What is DLP?
• What/Why/How
– What are we protecting?
– Why are we protecting it?
– How are we protecting it?
• Three functional areas of DLP
– Policies
– People
– Technology
5
![Page 6: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/6.jpg)
Copyright 2009
WHAT IS DLP?
• Data Loss Prevention is the approach a
company takes to protecting its Intellectual
Property (IP), Personal Identifiable Information
(PII) and/or sensitive corporate information
from leaving the company.
6
![Page 7: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/7.jpg)
Copyright 2009
WHAT IS DLP?
• Data Loss Prevention is the approach a
company takes to protecting its Intellectual
Property (IP), Personal Identifiable Information
(PII) and/or sensitive corporate information
from leaving the company.
• DLP is monitoring your company data from
the inside out.
7
![Page 8: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/8.jpg)
Copyright 2009
WHAT IS DLP?
• Data Loss Prevention is the approach a
company takes to protecting its Intellectual
Property (IP), Personal Identifiable Information
(PII) and/or sensitive corporate information
from leaving the company.
• DLP is monitoring your company data from
the inside out.
• Also knows as CMF (Content Monitoring &
Filtering) or Data Leakage Prevention
8
![Page 9: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/9.jpg)
Copyright 2009
WHAT IS DLP?
• Data Loss Prevention is the approach a
company takes to protecting its Intellectual
Property (IP), Personal Identifiable Information
(PII) and/or sensitive corporate information
from leaving the company.
• DLP is monitoring your company data from
the inside out.
• Also knows as CMF (Content Monitoring &
Filtering) or Data Leakage Prevention
• For Cisco engineers: EDLP - Egress Data Loss
Prevention
9
![Page 10: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/10.jpg)
Copyright 2009
TYPES OF THREATS
• Loss of IP (Intellectual Property)
10
![Page 11: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/11.jpg)
Copyright 2009
TYPES OF THREATS
• Loss of IP (Intellectual Property)
• Loss of PII (Personal Identity Information)
11
![Page 12: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/12.jpg)
Copyright 2009
TYPES OF THREATS
• Loss of IP (Intellectual Property)
• Loss of PII (Personal Identity Information)
• Loss of Talented Staff
12
![Page 13: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/13.jpg)
Copyright 2009
TYPES OF THREATS
• Loss of IP (Intellectual Property)
• Loss of PII (Personal Identity Information)
• Loss of Talented Staff
• Loss of Sensitive Corporate Information
13
![Page 14: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/14.jpg)
Copyright 2009
TYPES OF THREATS
• Loss of IP (Intellectual Property)
• Loss of PII (Personal Identity Information)
• Loss of Talented Staff
• Loss of Sensitive Corporate Information
• Failure of Regulatory Compliance Audits
14
![Page 15: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/15.jpg)
Copyright 2009
TYPES OF THREATS
• Loss of IP (Intellectual Property)
• Loss of PII (Personal Identity Information)
• Loss of Talented Staff
• Loss of Sensitive Corporate Information
• Failure of Regulatory Compliance Audits
• Disgruntled Employee
15
![Page 16: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/16.jpg)
Copyright 2009
TYPES OF THREATS
• Loss of IP (Intellectual Property)
• Loss of PII (Personal Identity Information)
• Loss of Talented Staff
• Loss of Sensitive Corporate Information
• Failure of Regulatory Compliance Audits
• Disgruntled Employee
• Over Worked Employees
16
![Page 17: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/17.jpg)
Copyright 2009
Why Do We Need DLP
Methods
17
![Page 18: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/18.jpg)
Copyright 2009
WHY DLP?
The Loss Of Sensitive Data Can Lead To:
• Lost of Revenue
18
![Page 19: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/19.jpg)
Copyright 2009
WHY DLP?
The Loss Of Sensitive Data Can Lead To:
• Lost of Revenue
• Lost Jobs
19
![Page 20: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/20.jpg)
Copyright 2009
WHY DLP?
The Loss Of Sensitive Data Can Lead To:
• Lost of Revenue
• Lost Jobs
• Regulatory Compliance Penalties
20
![Page 21: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/21.jpg)
Copyright 2009
WHY DLP?
The Loss Of Sensitive Data Can Lead To:
• Lost of Revenue
• Lost Jobs
• Regulatory Compliance Penalties
• Going Out Of Business
21
![Page 22: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/22.jpg)
Copyright 2009
WHY DLP?
The Loss Of Sensitive Data Can Lead To:
•Going Out Of
Business
22
![Page 23: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/23.jpg)
Copyright 2009
SECURITY POLICY IS THE CORE OF DLP
• A solid security policy which addresses Data
Loss Prevention end-to-end is paramount to a
successful DLP strategy.
23
![Page 24: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/24.jpg)
Copyright 2009
SECURITY POLICY IS THE CORE OF DLP
• A solid security policy which addresses Data
Loss Prevention end-to-end is paramount to a
successful DLP strategy.
– Senior Executives Responsible For Security Policy
24
![Page 25: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/25.jpg)
Copyright 2009
SECURITY POLICY IS THE CORE OF DLP
• A solid security policy which addresses Data
Loss Prevention end-to-end is paramount to a
successful DLP strategy.
– Senior Executives Responsible For Security Policy
– Leaders From All Departments Must Create &
Review The Security Policy
25
![Page 26: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/26.jpg)
Copyright 2009
SECURITY POLICY IS THE CORE OF DLP
• A solid security policy which addresses Data
Loss Prevention end-to-end is paramount to a
successful DLP strategy.
– Senior Executives Responsible For Security Policy
– Leaders from All Department Create & Review The
Security Policy
– All Employees Must Be Trained Regularly On The
Security Policy
26
![Page 27: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/27.jpg)
Copyright 2009
SECURITY POLICY IS THE CORE OF DLP
• A solid security policy which addresses Data
Loss Prevention end-to-end is paramount to a
successful DLP strategy.
– Senior Executives Responsible For Security Policy
– Leaders from All Department Create & Review The
Security Policy
– All Employees Must Be Trained Regularly On The
Security Policy
– Additional Creative DLP Training Needed For All
Users
27
![Page 28: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/28.jpg)
Copyright 2009
WHAT ARE WE
PROTETING?
28
![Page 29: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/29.jpg)
Copyright 200929
WHAT ARE WE PROTECTING?
• Step 1: Classify Your Data
![Page 30: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/30.jpg)
Copyright 200930
WHAT ARE WE PROTECTING?
• Step 1: Classify Your Data
– Each business is different. Examine your business
and create different classes of data (i.e. low,
medium and high)
![Page 31: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/31.jpg)
Copyright 200931
WHAT ARE WE PROTECTING?
• Step 1: Classify Your Data
– Each business is different. Examine your business
and create different classes of data (i.e. low,
medium and high)
– Understand your regulatory compliance
requirements (PCI/SOX, IP etc.)
![Page 32: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/32.jpg)
Copyright 200932
WHAT ARE WE PROTECTING?
• Step 1: Classify Your Data
– Each business is different. Examine your business
and create different classes of data (i.e. low,
medium and high)
– Understand your regulatory compliance
requirements (PCI/SOX, IP etc.)
– Use representatives from every department.
![Page 33: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/33.jpg)
Copyright 200933
WHAT ARE WE PROTECTING?
• Step 1: Classify Your Data
– Each business is different. Examine your business
and create different classes of data (i.e. low,
medium and high)
– Understand your regulatory compliance
requirements (PCI/SOX, IP etc.)
– Use representatives from every department.
– Classification leads to proper response methods.
![Page 34: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/34.jpg)
Copyright 200934
WHAT ARE WE PROTECTING?
• Step 2: Discover Your Data
![Page 35: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/35.jpg)
Copyright 200935
WHAT ARE WE PROTECTING?
• Step 2: Discover Your Data
– Must know where the sensitive data resides within
your infrastructure.
![Page 36: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/36.jpg)
Copyright 200936
WHAT ARE WE PROTECTING?
• Step 2: Discover Your Data
– Must know where the sensitive data resides within
your infrastructure.
– Must follow the data end to end. Three general
areas where data resides.
![Page 37: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/37.jpg)
Copyright 200937
WHAT ARE WE PROTECTING?
• Step 2: Discover Your Data
– Must know where the sensitive data resides within
your infrastructure.
– Must follow the data end to end. Three general
areas where data resides.
• Data At Rest
![Page 38: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/38.jpg)
Copyright 200938
WHAT ARE WE PROTECTING?
• Step 2: Discover Your Data
– Must know where the sensitive data resides within
your infrastructure.
– Must follow the data end to end. Three general
areas where data resides.
• Data At Rest
• Data In Motion
![Page 39: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/39.jpg)
Copyright 200939
WHAT ARE WE PROTECTING?
• Step 2: Discover Your Data
– Must know where the sensitive data resides within
your infrastructure.
– Must follow the data end to end. Three general
areas where data resides.
• Data At Rest
• Data In Motion
• Data In Use
![Page 40: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/40.jpg)
Copyright 2009
WHY ARE WE PROTECTING THE DATA?
• BECAUSE PEOPLE CAN’T BE TRUSTED
– 10/10/80 Rule
40
![Page 41: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/41.jpg)
Copyright 2009
WHY ARE WE PROTECTING THE DATA?
• BECAUSE PEOPLE CAN’T BE TRUSTED
– 10/10/80 Rule
• EVERYONE MAKES MISTAKES
– We are all humans
– Work pressure
– Economy (Good or Bad)
41
![Page 42: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/42.jpg)
Copyright 2009
WHY ARE WE PROTECTING THE DATA?
• BECAUSE PEOPLE CAN’T BE TRUSTED
– 10/10/80 Rule
• EVERYONE MAKES MISTAKES
– We are all humans
– Work pressure
– Economy (Good or Bad)
42
![Page 43: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/43.jpg)
Copyright 2009
WHY ARE WE PROTECTING THE DATA?
• BECAUSE PEOPLE CAN’T BE TRUSTED
– 10/10/80 Rule
• EVERYONE MAKES MISTAKES
– We are all humans
– Work pressure
– Economy (Good or Bad)
• Culture Dictates Behavior• Smartphone
• CVO
43
![Page 44: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/44.jpg)
Copyright 2009
WHY ARE WE PROTECDTING THE DATA?
• Step 3: MUST KNOW YOUR RISK MODEL
– What types of threats exists and what’s the risk to
your business?
44
![Page 45: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/45.jpg)
Copyright 2009
WHY ARE WE PROTECDTING THE DATA?
• Step 3: MUST KNOW YOUR RISK MODEL
– What types of threats exists and what’s the risk to
your business?
• What are the consequences?– Know the consequences of lost data.
• Tangible costs approximately $220 per user
– Paper notifications, mandatory credit monitoring,
regulatory compliance failure penalties, etc.
45
![Page 46: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/46.jpg)
Copyright 2009
WHY ARE WE PROTECDTING THE DATA?
• Step 3: MUST KNOW YOUR RISK MODEL
– What types of threats exists and what’s the risk to
your business?
• What are the consequences?– Know the consequences of lost data.
• Tangible costs approximately $220 per user
– Paper notifications, mandatory credit monitoring,
regulatory compliance failure penalties, etc.
• Intangible costs difficult to calculate
– Brand un-loyalty
– Corporate Reputation
– (Intel IP example)
46
![Page 47: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/47.jpg)
Copyright 2009
HOW DO WE PROTECT OUR DATA?
• Step 4: MUST DEVELOP A CONTROL
STRATEGY
47
![Page 48: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/48.jpg)
Copyright 2009
HOW DO WE PROTECT OUR DATA?
• Step 4: MUST DEVELOP A CONTROL
STRATEGY
– Strategy Based On Policy, Risk Model,
Location of Data
48
![Page 49: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/49.jpg)
Copyright 2009
HOW DO WE PROTECT OUR DATA?
• Step 4: MUST DEVELOP A CONTROL
STRATEGY
– Strategy Based On Policy, Risk Model,
Location of Data
– Data Controls
49
![Page 50: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/50.jpg)
Copyright 2009
HOW DO WE PROTECT OUR DATA?
• Step 4: MUST DEVELOP A CONTROL
STRATEGY
– Strategy Based On Policy, Risk Model,
Location of Data
– Data Controls
– Access And Audit Controls
50
![Page 51: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/51.jpg)
Copyright 2009
HOW DO WE PROTECT OUR DATA?
• Step 5: MANAGE SECURITY CENTRALLY
– Reduces security OPS staff size
51
![Page 52: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/52.jpg)
Copyright 2009
HOW DO WE PROTECT OUR DATA?
• Step 5: MANAGE SECURITY CENTRALLY
– Reduces security OPS staff size
– Everyone has the same tools and approaches
52
![Page 53: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/53.jpg)
Copyright 2009
HOW DO WE PROTECT OUR DATA?
• Step 5: MANAGE SECURITY CENTRALLY
– Reduces security OPS staff size
– Everyone has the same tools and approaches
– Ensures uniform consistent policy enforcement
53
![Page 54: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/54.jpg)
Copyright 2009
HOW DO WE PROTECT OUR DATA?
• Step 5: MANAGE SECURITY CENTRALLY
– Reduces security OPS staff size
– Everyone has the same tools and approaches
– Ensures uniform consistent policy enforcement
– Ensures business process continuity
54
![Page 55: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/55.jpg)
Copyright 2009
HOW DO WE PROTECT OUR DATA?
• Step 5: MANAGE SECURITY CENTRALLY
– Reduces security OPS staff size
– Everyone has the same tools and approaches
– Ensures uniform consistent policy enforcement
– Ensures business process continuity
55
![Page 56: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/56.jpg)
Copyright 2009
HOW DO WE PROTECT OUR DATA?
• Step 6: AUDIT SECURITY LOGS
56
![Page 57: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/57.jpg)
Copyright 2009
HOW DO WE PROTECT OUR DATA?
• Step 6: AUDIT SECURITY LOGS
– Know your end point inventory.
57
![Page 58: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/58.jpg)
Copyright 2009
HOW DO WE PROTECT OUR DATA?
• Step 6: AUDIT SECURITY LOGS
– Know your end point inventory.
– Must audit and review on a regular basis. Helps
build behavior pattern and fine tune DLP policies.
58
![Page 59: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/59.jpg)
Copyright 2009
HOW DO WE PROTECT OUR DATA?
• Step 6: AUDIT SECURITY LOGS
– Know your end point inventory.
– Must audit and review on a regular basis. Helps
build behavior pattern and fine tune DLP policies.
– Tools similar to AAA accounting, NetFlow help
know “appropriate user behavior”.
59
![Page 60: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/60.jpg)
Copyright 2009
HOW DO WE PROTECT OUR DATA?
• Step 6: AUDIT SECURITY LOGS
– Know your end point inventory.
– Must audit and review on a regular basis. Helps
build behavior pattern and fine tune DLP policies.
– Tools similar to AAA accounting, NetFlow help
know “appropriate user behavior”.
– Utilize SIEM tools for rapid response.
60
![Page 61: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/61.jpg)
Copyright 2009
THREE FUNCTIONAL
AREAS OF DLP
61
![Page 62: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/62.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• Policy
62
![Page 63: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/63.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• Policy
– Business Units drive policy and Security IT team
will work with them, not against them.
63
![Page 64: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/64.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• Policy
– Business Units drive policy and Security IT team
will work with them, not against them.
– Integrate DLP into the Information Security Policy
as much as possible.
64
![Page 65: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/65.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• Policy
– Business Units drive policy and Security IT team
will work with them, not against them.
– Integrate DLP into the Information Security Policy
as much as possible.
– Align your policy enforcement with your data loss
risk levels.
65
![Page 66: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/66.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• Policy
– Business Units drive policy and Security IT team
will work with them, not against them.
– Integrate DLP into the Information Security Policy
as much as possible.
– Align your policy enforcement with your data loss
risk levels.
– Continuously update and modify your security
policy
66
![Page 67: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/67.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• Policy
– Business Units drive policy and Security IT team
will work with them, not against them.
– Integrate DLP into the Information Security Policy
as much as possible.
– Align your policy enforcement with your data loss
risk levels.
– Continuously update and modify your security
policy
– Create a internal “security policy evangelist” team
or person within your company.
67
![Page 68: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/68.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• People
– People are people. They will do what it takes to get
their jobs done. They must be educated about the
risks of data loss.
68
![Page 69: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/69.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• People
– People are people. They will do what it takes to get
their jobs done. They must be educated about the
risks of data loss.
– Drive the policy to the user in different formats.
Paper (legacy), posters, multimedia, social
networking, DLP awareness reward programs.
69
![Page 70: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/70.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• People
– People are people. They will do what it takes to get
their jobs done. They must be educated about the
risks of data loss.
– Drive the policy to the user in different formats.
Paper (legacy), posters, multimedia, social
networking, DLP awareness reward programs.
– Treat data like $Cash$. Most people hate losing
cash and try extra hard to keep it safe. (Most people
don’t send cash in mail, similarly they might think
about encrypting data before sending it via the
Internet).
70
![Page 71: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/71.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• People
– Treat DLP like on the job accident prevention program.
Create a similar DLP awareness program by rewarding
your users for not violating DLP policies.
71
![Page 72: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/72.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• People
– Treat DLP like on the job accident prevention program.
Create a similar DLP awareness program by rewarding
your users for not violating DLP policies.
– Explain to your users about DLP policy breaches (as
much as possible).
72
![Page 73: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/73.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• People
– Treat DLP like on the job accident prevention program.
Create a similar DLP awareness program by rewarding
your users for not violating DLP policies.
– Explain to your users about DLP policy breaches (as
much as possible).
– Create a “Culture of Trust”.
73
![Page 74: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/74.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• People
– Treat DLP like on the job accident prevention program.
Create a similar DLP awareness program by rewarding
your users for not violating DLP policies.
– Explain to your users about DLP policy breaches (as
much as possible).
– Create a “Culture of Trust”.
– Keep track of the assets you provide your users and
collect them when they leave.
74
![Page 75: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/75.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• People
– Treat DLP like on the job accident prevention program.
Create a similar DLP awareness program by rewarding
your users for not violating DLP policies.
– Explain to your users about DLP policy breaches (as
much as possible).
– Create a “Culture of Trust”.
– Keep track of the assets you provide your users and
collect them when they leave.
– Come to an agreement about using personal devices for
work, i.e. Android, iPhone, iPad, HP Slate
75
![Page 76: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/76.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• People
– Treat DLP like on the job accident prevention program.
Create a similar DLP awareness program by rewarding
your users for not violating DLP policies.
– Explain to your users about DLP policy breaches (as
much as possible).
– Create a “Culture of Trust”.
– Keep track of the assets you provide your users and
collect them when they leave.
– Come to an agreement about using personal devices for
work, i.e. Android, iPhone, iPad, HP Slate
– Don’t assume that your employees are already aware of
IT security best practices.
76
![Page 77: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/77.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• People
“Company data continues to be put at risk not by
ingenious code breaking on the part of hackers but by
careless mistakes made by employees. The global study by
Insight Express and funded by Cisco, concludes that
education of workers to the impact of their behavior should
be the first line of defense. “
77
![Page 78: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/78.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• People
“The findings of inadequate training come at a particularly
dangerous time. The penalties and marketplace damage
from data losses are bigger than ever. In addition, data loss
is increasingly occurring not from hackers or deliberate
theft but due to mishandling, human error, carelessness,
technical failure, or other inadvertent cause. “
78
![Page 79: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/79.jpg)
Copyright 2009
Intellectual Property Loss
• According to The Associated Press, 33-year-old
Biswamohan Pani downloaded the confidential documents
- worth up to $1 Billion dollars (insert Dr. Evil grin here) -
back in June after resigning from rival microprocessor
manufacturer Intel. However, before leaving the company,
he used his remaining paid vacation days, thus sat at home
with full access to Intel’s network and earning a paycheck
while gathering trade secrets. At the same time, Pani also
began working for AMD. Naturally, the situation sounds
rather suspicious on AMD’s part.
79
![Page 80: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/80.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• DLP Technology
– Without technology, it is practically impossible to
stop motivated people from leaking data.
80
![Page 81: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/81.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• DLP Technology
– Without technology, it is practically impossible to
stop motivated people from leaking data.
– Without technology, it is practically impossible to
expect IT personnel to prevent data leakage.
81
![Page 82: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/82.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• DLP Technology
– Without technology, it is practically impossible to
stop motivated people from leaking data.
– Without technology, it is practically impossible to
expect IT personnel to prevent data leakage.
– Without Technology, it is practically impossible to
stay within required regulatory compliance.
82
![Page 83: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/83.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• DLP Technology
– Without technology, it is practically impossible to
stop motivated people from leaking data.
– Without technology, it is practically impossible to
expect IT personnel to prevent data leakage.
– Without Technology, it is practically impossible to
stay within required regulatory compliance.
– The technology you choose must protect your data
end-to-end. (Data at rest, in motion, in use).
83
![Page 84: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/84.jpg)
Copyright 2009
TECHNOLOGY
84
![Page 85: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/85.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• DLP Technology
– Without technology, it is practically impossible to
stop motivated people from leaking data.
85
![Page 86: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/86.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• DLP Technology
– Without technology, it is practically impossible to
stop motivated people from leaking data.
– Without technology, it is practically impossible to
expect IT personnel to prevent data leakage.
86
![Page 87: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/87.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• DLP Technology
– Without technology, it is practically impossible to
stop motivated people from leaking data.
– Without technology, it is practically impossible to
expect IT personnel to prevent data leakage.
– Without Technology, it is practically impossible to
stay within required regulatory compliance.
87
![Page 88: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/88.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• DLP Technology
– Without technology, it is practically impossible to
stop motivated people from leaking data.
– Without technology, it is practically impossible to
expect IT personnel to prevent data leakage.
– Without Technology, it is practically impossible to
stay within required regulatory compliance.
– The technology you choose must protect your data
end-to-end. (Data at rest, in motion, in use).
88
![Page 89: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/89.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• DLP Technology
– Without technology, it is practically impossible to
stop motivated people from leaking data.
– Without technology, it is practically impossible to
expect IT personnel to prevent data leakage.
– Without Technology, it is practically impossible to
stay within required regulatory compliance.
– The technology you choose must protect your data
end-to-end. (Data at rest, in motion, in use).
– The chosen DLP technology must enforce your
Information Security Policy remediation actions.
89
![Page 90: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/90.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• Two leaders in DLP technology
– Cisco
90
![Page 91: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/91.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• Two leaders in DLP technology
– Cisco
• CSA (Incredible DLP End Point
Enforcement)
91
![Page 92: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/92.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• Two leaders in DLP technology
– Cisco
• CSA (Incredible DLP End Point
Enforcement)
• IronPort (Integrated RSA/DLP Engine)
–Web
92
![Page 93: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/93.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• Two leaders in DLP technology
– Cisco
• CSA (Incredible DLP End Point
Enforcement)
• IronPort (Integrated RSA/DLP Engine)
–Web
• Integrated security in all devices.
(Encryption, 802.1x, NetFlow, TrustSec).
93
![Page 94: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/94.jpg)
Copyright 2009
Cisco Security AgentAlways Vigilant Comprehensive Endpoint Security
•Corporate
Acceptable Use
•Regulatory
Compliance (PCI) •POS Protection
•Laptop – Desktop
Protection
•Server Protection
![Page 95: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/95.jpg)
Copyright 2009
Policies in IronPort “RSA Email DLP” Add-on
Policy Category Number of
Policies
Examples
Privacy Protection 52 •US Social Security Numbers
•Canada Social Insurance Numbers
•Australia Tax File Numbers
Regulatory
Compliance
34 •Payment Card Industry Data Security Standard (PCI-DSS)
•HIPAA (Health Insurance Portability and Accountability Act)
•FERPA (Family Educational Rights and Privacy Act)
Acceptable Use 11 •Suspicious Transmission - Spreadsheet to Webmail
•Encrypted and Password-Protected Files
Company Confidential 6 •Network Diagrams
•Corporate Financials
Intellectual Property
Protection
2 •Source Code
![Page 96: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/96.jpg)
Copyright 2009
Data Loss Prevention FoundationIntegrated Scanning
•Weighted Content
Dictionaries
•Compliance
Dictionaries
•Users
•Custom Content Filters
•Smart Identifiers
•Integrated Scanning
Makes DLP Deployments
Quick & Easy
•Outbound Mail
•Attachment Scanning
![Page 97: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/97.jpg)
Copyright 2009
Data Loss Prevention FoundationIntegrated Remediation
•Users
•Remediation: Quarantine
•Remediation: Notification
•Remediation: Reporting
•Outbound Mail
•Remediation: Encryption
•Integrated
Remediation
Eases Work Flow
Burden
![Page 98: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/98.jpg)
Copyright 2009
•Scanning Work Flow •Remediation Work Flow
•Compliance Dictionaries
•Pre-Defined Filters
•Pre-Defined Filters
•Compliance
Dictionaries•Smart Identifiers
•Smart Identifiers
•DLP Notification
•DLP Notification
•Quarantine View Of Violation
•Quarantine View Of
Violation
•Encrypt The Message•Encrypt The Message
•View HIPAA Violation Report
![Page 99: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/99.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• RSA DLP Suite
99
![Page 100: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/100.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• RSA DLP Suite
• Complete end to end solution
100
![Page 101: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/101.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• RSA DLP Data Center
101
![Page 102: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/102.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• RSA DLP DATA CENTER
• RSA DLP NETWORK
102
![Page 103: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/103.jpg)
Copyright 2009
THREE FUNCTIONAL AREAS OF DLP
• RSA DLP DATA CENTER
• RSA DLP NETWORK
• RSA DLP END POINT
103
![Page 104: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/104.jpg)
Copyright 2009
•RSA Data Loss Prevention Suite
•Enforce
•Allow, Notify, Block, Encrypt
•Enforce
•Allow, Justify, Block on Copy, Save
As, Print, USB, Burn, etc.
•Remediate
•Delete, Move, Quarantine
•Discover
•Local drives, PST files, Office files,
300+ file types
•Monitor
•Email, webmail, IM/Chat, FTP,
HTTP/S, TCP/IP
•Discover
•File shares, SharePoint sites,
Databases, SAN/NAS
•DLP
•Enterprise Manager
• DLP Datacenter • DLP Network • DLP Endpoint
•Unified Policy Mgmt &
Enforcement
•Incident
Workflow•Dashboard &
Reporting
•User & System
Administration
•eDRM (e.g. RMS) •Encryption •Access Controls
![Page 105: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/105.jpg)
Copyright 2009
CONCLUSION
• POLICY
105
![Page 106: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/106.jpg)
Copyright 2009
CONCLUSION
• POLICY
• PEOPLE
106
![Page 107: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/107.jpg)
Copyright 2009
CONCLUSION
• POLICY
• PEOPLE
• TECHNOLOGY
107
![Page 108: Data Loss Prevention Overvie · WHAT IS DLP? •Data Loss Prevention is the approach a company takes to protecting its Intellectual Property (IP), Personal Identifiable Information](https://reader033.vdocuments.mx/reader033/viewer/2022052100/603a79c72530414eaf4dc90c/html5/thumbnails/108.jpg)
Copyright 2009
ALWAYS REMEMBER THE
10/10/80 RULE
108