Innovations in cyber security technologies

Arturs Filatovs Business Development

Manager

March 2014

Arrow ECS RoadShow Baltics

Symantec Encryption –

Building A

Digital Fortress

Arturs Filatovs business card

More then 5 years experience in delivering Innovative

IT Security Solutions to Baltic states

Knowledge of more then 25 different IT Security

Solutions

Specialization - Mobile IT Security

Helpdesk Manager

CISO

Director, Desktop Ops

Director, Network Ops

Lets move our hands – who is here today?

“Data Security Solutions” role in Baltics

Technology vs. Time

Encryption’s role in security

Don't be scared – Encrypt everything

Build Digital fortress with Symantec Tech

Todays To do list

“Data Security Solutions” business card

Specialization – IT Security

IT Security services (consulting,

audit, pen-testing, market analysis,

system testing and integration,

training and technical support)

Solutions and experience portfolio

with more than 20 different

technologies – cyber-security global

market leaders from more than 10

countries

Trusted services provider for

banks, insurance companies,

government and private companies

(critical infrastructure etc.)

Role of DSS in Cyber-security

Development in Baltics

Cyber-Security Awareness Raising

Technology and knowledge transfer

Most Innovative Portfolio

Trusted Advisor to its Customers

Cybersecurity Awareness Raising

Own organized conference “DSS ITSEC”

5th annual event this year

More than 400 visitors and more than 250 online

live streaming watchers from LV, EE, LT

4 parallel sessions with more than 40

international speakers, including Microsoft, Oracle,

Symantec, IBM, Samsung and many more –

everything free of charge

Participation in other events & sponsorship

CERT & ISACA conferences

RIGA COMM exhibition & conferences

Roadshows and events in Latvia / Lithuania /

Estonia (f.i. Vilnius Innovation Forum, Devcon,

ITSEC HeadLight, SFK, business associations)

Participation in cyber security discussions, strategy

preparations, seminaries, publications etc.

Innovations – technology & knowledge transfer

Innovative Technology Transfer Number of unique projects done with

different technology global leadership

vendors

Knowledge transfer (own employees,

customers – both from private & public,

other IT companies)

Areas include:

Endpoint Security

Network Security

Security Management

Application Security

Mobile Security

Data Security

Cyber-security

Security Intelligence

Our portfolio is most innovative in Baltics!

Some just basic ideas

Lets Start

NOW

PAST

Time line

AND NOW SERIOUSLY

Technology is everywhere

PC era Mobile era

PC era to MOBILE era

Mobile IT

We are at point where functionality of desktop collides with mobility of mobile device.

Consolidation of IT in 21st Century

Technology development over time

IT Must Evolve To Meet New Demands

• Transactional Apps

• Structured Data

• Centralized information

• Perimeter-based security

• On-premise infrastructure

• Collaborative Apps and Social Media

• Unstructured data

• Distributed information

• People are the new perimeter

• Virtual Infrastructure and Cloud

Information-

Centric

System-Centric

Endpoints: The Borderless Enterprise

1Based on 130,000,000 records lost (Datalossdb.org) and $202 per record (Ponemon Institute) 2http://www.darkreading.com/security/encryption/showArticle.jhtml?articleID=211201139

3Symantec Global Internet Security Threat Report, Trends for 2008

Field

Data Center Headquarters

Field Offices

Point of Sale

Point of Sale

Corporate data copied onto USB drive

$262 Million: Estimated cost of the Heartland Payment Systems

breach1

1 in 10 people have lost a laptop, smart phone, or USB drive with corporate

information on it3

Trojans, malware, unauthorized software

12,000 Laptops lost in United States airports every week2

Customer email stored on mobile phone

Cloud is taking us much higher…

Choose the right cloud smart way..

Passwords?

When we have to change our password...

Who from you are using encryption?

What will happen if data will be lost/stolen?

Who will be responsible?

When you are sending confidential data via post, how

do you secure it?

Some questions?

Greek generals used Scytel to encrypt and decrypt

messages (Symmetric encryption)

Encryption beginnings – Sparta/ Greeks/ Rome

In what our organizations believe today

SSL/ TLS/ VPN/ HTTPS – this is only

data in motion using x.509

What we use for document security

E-Signatures – Limited functionality for

document encryption data at rest/ data in motion

Not User friendly (smart cards, Card readers,

USB tokens … )

Separate solutions less security

NSA did “great work…”

Hmmm....NSA?

Cyber criminals don't sleep

Encryption threats by Ponemon Institute

Our Users are our weakest link

Mobility - Potential For Data Loss

47% of corporate data resides on mobile devices

43% of employees lost a device with company data

32% of employees didn’t report the loss or theft in a timely fashion

Our users weakest link

*Symantec Global Internet Security Threat Report

1 in 10 people have lost a laptop,

smart phone, or USB drive with corporate information on it*

32% of employees didn’t report the

loss or theft in a timely fashion*

Data protection priorities Ponemon

Concerns from customer side

Hardware-based encryption is

faster and it’s an option on Dell

and other PCs.

Why do I need encryption if I

have DLP or Endpoint

monitoring?

We are going to wait for our

Windows 7 rollout in our

environment and use Bit locker

How to recover encrypted

info?

Master key is security risk for

us.

Encryption is not a rocket science

Encryption is easy

Centralized key administration is solution

Endpoint Data

Protection

• PGP Whole Disk

Encryption

• SEE FDE

• SEE RSE

• PGP Portable

• SEE Device Control

Pro

du

cts

O

bje

cti

ves

Tasks

File and Server

Protection

• PGP NetShare

• PGP Command Line

Email

Protection

• PGP Desktop Email

• PGP Gateway Email

• PGP PDF Messenger

• PGP Support Package

for BlackBerry

• PGP Mobile

Management

• PGP Universal Server

• PGP Key Management

Server

Keep data secure

Meet compliance objectives

Protect the business

Control costs and liabilities

Protect data at rest Protect data in motion Protect data in use

Don't be scared – Encrypt everything

Oh Boy do we

got solution for you!

Build Digital fortress with Symantec

42

Smartphone Solutions • PGP® Mobile

• PGP® Support Package for BlackBerry®

Full Disk Encryption (FDE) • PGP® Whole Disk Encryption

• Symantec Endpoint Encryption (EE) FDE

File/Folder/Shared Server Encryption • PGP® NetShare

End-End Email and IM Encryption • PGP® Desktop Email

Gateway Email Encryption • PGP® Gateway Email

Management

Central Management of

Encryption Applications

PGP® Universal ™ Server

Key Management

PGP® Key Management

Server (KMS)

Device and Media Encryption • PGP Portable

• SEE Removable Storage Edition (RSE)

• SEE Device Control

FTP/Batch and Backups • PGP® Command Line

Full Disk Encryption

Full disk encryption for desktops, laptops, and Windows® servers. Supports Windows®, Mac OS® X, and Linux® platforms • Encrypts desktops, laptops, and USB-attached drives

• Protects against personal computer loss, theft, compromise and improper disposal

• Reduces risk of loss of PII (Personally Identifiable Information) and other sensitive data

• Supports Windows, Mac OS X, and Linux

43

PGP Whole Disk Encryption; SEE Full Disk Encryption

Removable Media Protection

Removable Storage Encryption

• Secure portable data at rest

– Enforce mandatory removable storage encryption policies

– Access and re-encrypt data from any PC or Mac

• Granular file- and folder-based encryption

– Allow encrypted and unencrypted data on user devices

– Enforce policy-controlled exemptions by file type and device

Centralized – Integrated Management Console

Policies Auditing

Removable Media

Encryption

SEE Removable Storage Encryption

PGP® Email Protection

Symantec Encryption - Confidential 45

PGP® Desktop Email Desktop-based Email Encryption • Automatic end-to-end email encryption

PGP® PDF Messenger

PGP Universal™

Gateway Email Gateway-based Email Encryption

• Clientless email encryption

PGP® Support Package

for BlackBerry® Encryption for BlackBerry Email

• Native client access to encrypted email

PGP® Mobile Encryption for Windows Mobile Devices

• Encrypted Email

• Encrypted Files and Folders

PGP® Viewer for iOS Encrypted Email Viewer App for iOS

• Decrypts and views messages

• Verifies digital signatures

File/Folder Encryption

46

User file protection

Shared file protection

Distributed file protection

Protect shared files and folders

Protect transferred files and folders

Protect individual files and folders

PGP NetShare, PGP Command Line

PGP® File and Server Protection

PGP® NetShare Shared File Protection

• Protect data exchanged between users via shared network folders

PGP® Command

Line

Scriptable Encryption • Integrate encryption into data transfer, data

distribution and data backup processes

PGP or Symantec Endpoint Encryption?

Selling Symantec Encryption Products 48

• Symantec’s strategic direction for Endpoint Encryption is to “converge” the solutions into a single offering.

• In the interim, Symantec will provide full support for both Endpoint Encryption technologies.

Products

Customer Need Default Play

Exceptions

Existing SEE/GE

Customer

DAR U.S. Fed

SmartBuy

Active Directory + MSFT Stack

Endpoint Encryption

PGP Whole Disk Encryption SEE Full Disk Encryption

PGP Portable SEE Removable Storage Encryption

SEE Device Control SEE Device Control

Email Encryption

PGP Desktop Email

PGP Gateway Email

PGP Mobile

PGP Support Package for BlackBerry

Server / File Encryption PGP NetShare

PGP Command Line

Management PGP Universal Server and PGP Key Management Server (KMS)

Defense-In-Depth: Encryption + DLP

Network DLP / Gateway Encryption • Automatically encrypt emails containing sensitive data

• Notify employees in real time/context about encryption policies and tools

Storage DLP / File-Based Encryption • Discover where confidential data files are stored and automatically apply

encryption

• Ease the burden to IT staff with near transparence to users

Endpoint DLP / Removable Storage Encryption • Target high risk users by discovering what laptops contain sensitive data

• Protect AND enable the business by targeting encryption efforts to sensitive data moving to USB devices

MTA or Proxy

DLP + PGP Universal Gateway Email

Receive email 1

2 Check email content for encryption policy violations

3 No violation - email sent

4 Violation detected - re-route to encryption server

5 Email encrypted and sent

PGP Universal Server

Key Benefits: • Automate gateway encryption; ease burden on end users

• Enforce and report on encryption policies

Complete Encryption Platform

Technology lifecycle from 3-6 year to 6-12 months

Encryption will help you sleep tight

Don’t be scared to encrypt all type of data

Centralized key management is important

One encryption solution for different type of date

Select DSS as your trusted security advisor – we

work with Symantec (PGP) more than 5 years already!!

Takeaway

Think security first

www.dss.lv

info@dss.lv

+371 27194080 / +371 29162784

Think security first