(slides) an ounce of prevention is worth $5.9m: how to use symantec unified security to prevent data...
DESCRIPTION
Organizations lose thousands of laptops and data bearing devices every year. Without proper security, each lost device could lead to a major data breach costing millions of dollars. Join us for this informative webcast and learn how Symantec's industry leading security solutions — including DLP, Drive & Removable Storage Encryption, and Mobile Security applications — combine to provide comprehensive protection for your critical data, enhance business processes, and ensure that a lost or stolen device doesn't end up costing you millions.TRANSCRIPT
WEBCAST: AN OUNCE OF PREVENTION 1WEBCAST: AN OUNCE OF PREVENTION
Chris Wargo, CISSP, CISAPresenter:
An Ounce of Prevention Is Worth… $5.9M
How to use Symantec Unified Security to prevent data breaches due to lost or stolen devices
WEBCAST: AN OUNCE OF PREVENTION
Agenda
About infoLock Technologies
The Lost or Stolen Device Problem
The Symantec Unified Security Solution
Business Use Cases
Q&A
2
WEBCAST: AN OUNCE OF PREVENTION
About infoLock Technologies
3
• Information security consulting & integration services
• Symantec Security Focus Partner
• DLP Master Specialist & INSIGHT DLP Appliance developer
• 100+ DLP, Encryption, and Mobility implementations; customers range from 100 to 40,000+ users
• Customers in all industry verticals – financial services, healthcare, insurance, government, technology, legal, manufacturing, and telecommunications
WEBCAST: AN OUNCE OF PREVENTION
58% of employees store company-sensitive information on their personal devices
40% of employees use sensitive business data they have taken with them when they changed companies
More than 50% of employees send business documents to their personal email and don’t delete them after use
One-third of employees move work files to file sharing apps without permission
Sources:What’s Yours Is Mine: How Employees are Putting Your Intellectual Property at Risk, Symantec & Ponemon InstituteSecurity Awareness Training: It's Not Just for Compliance, Enterprise Management Associates
Mobile Workforce + BYOD = Risk
Credit Suisse Says VP Stole Secrets
4
WEBCAST: AN OUNCE OF PREVENTION 5
The lost or stolen device problem
The average value of one lost laptop is $49,2461
49% of data breaches in the healthcare industry are caused by lost or stolen computing devices2
31% of data breaches across all industries are caused by human error, including lost or stolen devices3
When the loss or theft of a device causes a data breach, the total cost increases by as much as $18 per lost record3
Sources:(1) The Billion Dollar Lost Laptop Problem, Ponemon Institute, 2010(2) Fourth Annual Benchmark Study on Patient Privacy & Data Security, Ponemon Institute, 2014(3) 2014 Cost of Data Breach Study: United States, Ponemon Institute
WEBCAST: AN OUNCE OF PREVENTION 6
The average cost of a data breachin the US is $5.9 Million
WEBCAST: AN OUNCE OF PREVENTION 7
Symantec Unified Security is the Solution
No single technology can prevent data breaches due to lost or stolen devices. By using Symantec’s multi-layered Unified Security approach, however, you get the comprehensive protection you need to safeguard your critical data and ensure that a lost or stolen device doesn't end up costing you millions.
WEBCAST: AN OUNCE OF PREVENTION 8
DATA LOSS PREVENTION
ENCRYPTION
MOBILITY SUITE
1. Locate and monitor your critical data
2. Encrypt and protect data on endpoints
3. Manage and secure mobile devices
Unified Security Model
WEBCAST: AN OUNCE OF PREVENTION 9
Locate and monitor critical data
Symantec Data Loss Prevention enables you to discover, monitor and protect confidential information wherever it is stored or used
• Email, web, and other network-based communications• Servers, databases and other document repositories• Laptops, desktops, and removable storage• Mobile devices• Cloud applications
DATA LOSS PREVENTION
MANAGE
MANAGE
DISCOVER
• Identify scan targets
• Run scan to find sensitive data on network & endpoint data
• Enable or customize policy templates
• Remediate and report on risk reduction
MONITOR
11
22 33
PROTECT
44
55
• Inspect data being sent
• Monitor network & endpoint events
• Block, remove or encrypt
• Quarantine or copy files
• Notify employee & manager
How It Works
10
WEBCAST: AN OUNCE OF PREVENTION
Threat Coverage
USB/CD/DVD
Stored data
Instant Message
FTP
SharePoint / Exchange
Databases
File Servers
Print/Fax
DLP PolicyMonitoring & PreventionDiscovery & Protection
Webmail
Web servers
Untrusted networks
11
WEBCAST: AN OUNCE OF PREVENTION
WEBCAST: AN OUNCE OF PREVENTION
Detection Technology
DescribedContent Matching
Indexed Document Matching
Vector Machine Learning
DESCRIBED DATA
Non-indexable data
Lexicons
Regular Expressions
Data Identifiers
STRUCTURED DATACUSTOMER DATA
Customer / EmployeeData
Partial row matching
Near perfect accuracy
UNSTRUCTURED DATAINTELLECTUAL PROPERTY
Designs / Source / Financials
Derivative match
Near perfect accuracy
UNSTRUCTURE DATAINTELLECTUAL PROPERTY
Designs / Source / Financials
Derivative match
Very High Accuracy
300M+ rows per server 5M+ docs per server
Exact Data Matching
12
WEBCAST: AN OUNCE OF PREVENTION
Symantec Difference – Workflow
80% of DLP is Incident Response
13
Right Automation Resolution, Enforcement, Notification
Right Person Route Incidents to Right Responder
Right Order High Severity of Incidents First
Right Information 5 Second Test
Right Action 1 Click Response
Right Metrics Prove Results to Execs and Auditors
WEBCAST: AN OUNCE OF PREVENTION
Symantec Data Loss Prevention Products
14
Management PlatformSymantec Data Loss Prevention Enforce Platform
STORAGE ENDPOINT
Network Discover
Data Insight
Network Protect
Endpoint Discover
Endpoint Prevent
Mobile Email Monitor
Network Monitor
Network Prevent for Email
Network Prevent for Web
NETWORK
Mobile Prevent
WEBCAST: AN OUNCE OF PREVENTION
Symantec Data Loss Prevention for Mobile
Corporate Email
Web Applications
Third Party Apps
Monitor confidential data downloaded to company and employee-owned devices
Monitor and block confidential data sent from company-owned devices
Mobile Email Monitor Mobile Prevent
15
WEBCAST: AN OUNCE OF PREVENTION 16
Encrypt and protect data on endpoints
ENCRYPTION
Symantec Encryption enables organizations to deliver enterprise-wide data protection. Our solutions provide standards-based technology, centralized policy management, compliance-based reporting, and universal management for your encryption products.
WEBCAST: AN OUNCE OF PREVENTION
Symantec Encryption Products
17
Management ConsoleSymantec Encryption Management Server
File Share Encryption
Drive Encryption
Removable Storage Encryption
Gateway Email Encryption
STORAGE ENDPOINT NETWORK
WEBCAST: AN OUNCE OF PREVENTION 18
Reduces cost and accelerates deployment using a single unified console to oversee operations
Enforces security policies automatically from a centrally-managed console
Provides robust compliance reporting across multiple products (endpoint encryption, email encryption, etc.)
Integration with Symantec Protection Center; correlates endpoint status to identify unprotected systems and remediate accordingly
Symantec Encryption Management Server
WEBCAST: AN OUNCE OF PREVENTION 19
Comprehensive Multi-Platform Coverage
Optional Silent Deployment
High Performance
Provides Safe Harbor should a device be lost or stolen
Protects against unauthorized access
Symantec Drive Encryption
WEBCAST: AN OUNCE OF PREVENTION 20
Safeguard intellectual property
Share encrypted data easily and seamlessly
Transparently manage security policies through directory integration
Decrypts and encrypts data without an installed client (offline access)
Enables access to encrypted data on Windows and Mac computers
Symantec Removable Storage Encryption
WEBCAST: AN OUNCE OF PREVENTION
Defense-In-Depth: Encryption + Data Loss Prevention
21
Network DLP / Email Gateway Encryption• Automatically encrypt emails containing sensitive data• Notify employees in real time/context about encryption
policies and tools
Storage DLP / Shared Storage Encryption• Discover where confidential data files are stored and
automatically apply encryption• Ease the burden to staff with near transparence
Endpoint DLP / Endpoint Encryption• Target high risk users by discovering what laptops contain
sensitive data• Protect & enable the business by targeting encryption
efforts to sensitive data moving to USB devices
WEBCAST: AN OUNCE OF PREVENTION 22
Manage and secure mobile devices
Symantec Mobility: Suite 5.0 provides an integrated modular solution to centrally manage and provide secure use of mobile devices for your organization
MOBILITY SUITE
WEBCAST: AN OUNCE OF PREVENTION
Symantec Mobility: Suite 5.0
Symantec™ Mobility: Suite
Mobility: Device Management (MDM)
Mobility: Application Management (MAM)
Includes Secure Email and Secure Web
Mobility: Threat Protection powered by
Norton™
23
WEBCAST: AN OUNCE OF PREVENTION 24
Provides visibility and control over smartphones and tablets
Provides anti-theft functions to locate, lock, reset, and wipe the device
Advanced security settings ensure compliance to internal and external security requirements
Prevents non-compliant devices from connecting to corporate assets.
Symantec Mobility: Mobile Device Management
WEBCAST: AN OUNCE OF PREVENTION 25
Symantec Mobility: Application Management
Protects corporate apps and data by wrapping a layer of security and policy management around mobile apps without any source code changes or SDK embedding
Provides granular control of corporate apps and data with comprehensive per-app policies
Containerizes corporate apps – providing clean separation between corporate and personal data for BYOD organizations
Enables self-service distribution of apps through Enterprise App Store with roles-based security and data protection
WEBCAST: AN OUNCE OF PREVENTION 26
Symantec Mobility: Threat Protection
Enables compliance with policy and regulatory requirements
Protects against viruses, snoopware, data theft, SMS scams, and mobile malware
Restricts vulnerabilities and possible attack vectors by enabling only required phone features
WEBCAST: AN OUNCE OF PREVENTION 27
Use Case: Financial Services Firm
The Situation:Auditors and accounting staff use laptops and smartphones when working at customer sitesThe Risk:Devices may contain sensitive corporate and/or customer data and could represent data breach if lost or stolen; Smartphones could be used to attempt unauthorized access to corporate networkThe Solution:Use Symantec DLP to locate and identify sensitive data on devices; Use Symantec Encryption to encrypt laptop hard drives and protect data; Use Symantec Mobility Suite to enforce corporate security policies and control access to corporate network
WEBCAST: AN OUNCE OF PREVENTION 28
Use Case: High Tech Manufacturing Firm
The Situation:Engineering and design staff utilize portable computing and data-bearing devices when traveling between offices and manufacturing plantsThe Risk:Hard drives and removable storage devices may contain sensitive corporate information, including valuable intellectual property; Malicious insiders could try to remove sensitive data and sell to competitorsThe Solution:Use Symantec DLP to locate sensitive data on devices, monitor use, and prevent unauthorized transfer; Use Symantec Encryption to encrypt drives and storage devices to protect data in the event of loss or theft
WEBCAST: AN OUNCE OF PREVENTION 29
Use Case: Healthcare Provider
The Situation:Doctors and healthcare providers use smartphones and tablets for care delivery; administrators use laptops and removable storage for business process, billing, and claims related tasksThe Risk:Smartphones and tablets may be used for personal use, exposing sensitive ePHI and diagnostic information; Portable computing devices may contain large amounts of sensitive patient data and financial informationThe Solution:Use Symantec Mobility Suite to wrap diagnostic apps, control usage, and provide secure access; Use Symantec Encryption to ensure that all sensitive data is protected in the event of loss or theft
WEBCAST: AN OUNCE OF PREVENTION 30
Conclusion
The Mobile Workforce and BYOD are trends that are here to stay. Portable computing and heterogeneous mobile devices will continue to proliferate, and our sensitive data will follow with them. There is no single point solution that can protect your organization. You need a multi-layered Unified Security approach that protects your critical information wherever it is used to ensure that a lost or stolen device doesn’t end up costing you millions.
WEBCAST: AN OUNCE OF PREVENTION 31
For more information:Chris Wargo
Thank you!