DLP ? IRM ? Both or None ??

Bengaluru, July 2011Vishal Gupta

Seclore

Lets start with some definitionsLets start with some definitions

DLP as an objective

Data Loss Prevention is a set of practices, technologies and human resource programs which focus on preventing loss of confidential information by • Malicious intent, • Errors and omissions• Lack of awareness

Lets start with some definitionsLets start with some definitions

Content aware DLP technologies

Discover & Classify information lying on desktops, laptops, servers and databases

Control outbound transmissions of information via email, USBs, internet, …

Audit attempts to transmit information

The DLP viewThe DLP view

Option 1 : Control Distribution

. . .

DLP usage contextsDLP usage contexts

• The definition of the “enterprise perimeter” is fixed based on

– Devices– Networks– Gateways– Applications

• Confidential data needs to be “discovered and classified”

• Classification of data can be done by a central team based on content patterns

• WHO can use the informationPeople & groups within and outside of the organization

can be defined as rightful users of the information

• WHAT can each person doIndividual actions like reading, editing, printing,

distributing, copy-pasting, screen grabbing etc. can be controlled

• WHEN can he use itInformation usage can be time based e.g. can only be

used by Mr. A till 28th Sept OR only for the 2 days

• WHERE can he use it fromInformation can be linked to locations e.g. only 3rd

floor office by private/public IP addresses

IRM systems allow enterprises to define, implement & audit information usage “policies”. A “policy” defines :

Information Rights ManagementInformation Rights Management

Policies are persistent with data, dynamic & audit-able

The IRM viewThe IRM view

Option 2 : Control Usage

. . .

Security Collaboration

RightLocation

RightTime

RightAction

RightPerson

IRM usage contextsIRM usage contexts

• “Perimeter is difficult to define• Confidential data flows to external entities like

– Vendors– Auditors– Lawyers

• Information classification is difficult to do based on content patterns

• Restrictions on methods of collaboration are not acceptable• Information audits need to extend to usage of information outside

of the enterprise

TELEMARKETER

TheThe perimeterperimeter

Enterprise

CUSTOMERSVENDORS

Competitors

LAWYERS

EXT. AUDITOR

GOVERNMENT

CONSULTANTS

Both or none ?Both or none ?

• Both

– Information needs to be discovered, classified AND shared with external agencies

– Information audits need to cover distribution and usage of information

• None

– Confidentiality is not important– Physical security is the only option– Information is small in volume

• Memorizing• Jotting• Pictures

About About ……

Seclore is a high growth information security product company focused on providing Security without compromising collaboration

Seclore’s flagship product Seclore FileSecure is used by More than 1.5 M users & some of the largest enterprises

ContactContact

Vishal Guptavishal dot gupta [at] seclore dot com

+91-22-28471711

www.seclore.com

Business Case Business Case -- 11

Do you have confidential information which only a specific employee group, while in employment, should use?

Business plans, forward-looking financial statements and MIS reports are just some examples of information which are best used only within the walls of the enterprise.

Malicious intent, errors and omissions and lack of awareness could make this information publicly available leading topotential losses.

Seclore FileSecure protects information from leakage due to malicious intent, errors and omissions, as well as lack of awareness, by providing a persistent, information-locked method of protection.

1. Forward looking financial statements2. Business plans3. Salary and appraisal data4. Internal process documents and forms…

Business Case Business Case -- 22

Do you frequently establish temporary / project-based relationships with partners and contractors?

Temporary relationships with partners and vendors for a specific project typically leads to extensive information sharing during the execution.

After the project ends, the information and intellectual property shared continues to be retained and used by the partner, sometimes against the enterprise, leading to financial losses.

Seclore FileSecure enables you to “retract” information shared with business partners after a specified period thus protecting intellectual property and driving revenues.

1. M&A advisory services2. IT project execution3. Corporate development4. HR consultants …

Business Case Business Case -- 33

Do you need to monitor the flow and usage of confidential information for

compliance to ISO, PCI, SOX ?

While GRC technologies and processes effectively monitor and control access rights within applications and folders, they do not effectively track the flow and usage of unstructured information in the form of documents and emails.

Confidential information traverses department and organization boundaries in unstructured forms without effective controls or monitoring of its use.

Seclore FileSecure provides comprehensive and detailed audit trails for information usage including the WHO, WHAT, WHEN and WHERE of the usage. This includes authorized activities and unauthorized attempts.

1. Internal ISO compliance2. BASEL compliance and operational risks mitigation3. IT act 20084. PCI compliance…

Business Case Business Case -- 44

Do you send confidential information to vendors?

Typically confidential information sent to vendors is governed by non disclosure agreements without a mechanism to enforce or track the agreement. Therefore you are dependent on the vendors' systems and processes for the confidentiality of your critical information.

Loss of information from the vendor could lead to reputation and legal risks for your enterprise.

Seclore InfoSource enables you to control the usage of information sent to vendors and prevent unauthorized viewing, printing, editing and distributing of the information.

1. Bill / statement / cheque book printing 2. ATM pin generation3. Card fabrication / welcome kit4. Data analysis and BI…