Transcription
Symantec DLP OverviewJonathan JesseITS Partners
Today’s AgendaWhat are the challenges?What is Data Loss Prevention (DLP)?How does DLP address key challenges?Why Symantec DLP and how does it work?2
DLP is ImperativeInsiders and partners cause most breaches Insiders make mistakes handling data Broken business processes increase risk88%of breachesCompliance mandates data protection Increased focus on data privacy Need to demonstrate data controls81%of companies breached werenot PCI compliantMore complex threats to your data External threats target high value data Limited visibility of where data is 6.7million averagecost of a breach3
DLP is the Cornerstone of SecurityProtect theInfrastructure Symantec Protection SuitesDevelop and Enforce ITPolicies Symantec Control Compliance SuiteProtect InformationProactively Symantec Data Loss PreventionManage SecurityEfficiently Altiris Management Suite4
What is Data Loss Prevention?Where is yourconfidential data?DISCOVERHow is itbeing used?MONITORHow best toprevent its loss?PROTECTDATA LOSS PREVENTION (DLP)5
Key DLP CapabilitiesDISCOVERMONITOR Find data wherever it isstored Understand how data isbeing used Create inventory ofsensitive data Understand content andcontext Manage data clean up Gain visibility into policyviolationsPROTECT Proactively secure data Prevent confidential dataloss Enforce data protectionpoliciesMANAGE Define unified policyacross enterprise Remediate andreport on incidents Detect content accurately6
How It WorksMONITORDISCOVER2PROTECT34 Identify scan targets Inspect data being sent Block, remove or encrypt Run scan to find sensitivedata on network & endpoint Monitor network & endpointevents Quarantine or copy files Notify employee & managerMANAGEMANAGE1 Enable or customizepolicy templates5 Remediate and reporton risk reduction7
Strategic DLP RequirementsProduct: Proven to work and covers all threats. Validated as the “strongest overall enterprise DLP capability” Comprehensive coverage, measurable risk reductionExperience: Successful customers in your industry. Proven deployment methodology developed over 7 years The largest number of dedicated DLP expertsLeadership: What’s the most widely used solution? Over 300 customers – 31 of the FORTUNE 100 Continue to innovate and anticipate customer demands8
Continuous Risk 004000Incidents Per Week200PreventionRisk Reduction Over Time9
Symantec Data Loss Prevention ArchitectureMTA or ProxySPAN Port or TapDisconnectedSECURED CORPORATE LANDMZ10
DLP for Storage – Use CasesDISCOVERPROTECTMTA or ProxySPAN Port or TapDisconnectedSECURED CORPORATE LANDMZ11
Fix Broken Business Processes500k Personal Records on Open ShareFind it. Fix it.Remove from open share and leave a file marker.1212
DLP for Network – Use CasesMTA or ProxyMONITORPROTECTSPAN Port or TapDisconnectedSECURED CORPORATE LANDMZ13
Protect Competitive AdvantageUnencrypted product design documents sent to a partner1414
Protect Competitive AdvantageUnencrypted product design documents sent to a partnerEducate users with automated email.Protect intellectual property.1515
DLP for Endpoint – Use CasesMTA or ProxyDISCOVERMONITORPROTECTDisconnectedSECURED CORPORATE LANSPAN Port or TapDMZ16
Fix Exposed Data on a DesktopCall center records improperly stored on an Endpoint1717
Clean Up Exposed Data on a DesktopCall center records improperly stored on an EndpointNotify user via automated email.Empower users to self remediate.1818
Protect Competitive AdvantagePricing copied to USB19
Protect Competitive AdvantagePricing copied to USBStop it from being copied to USB.Notify User. Launch investigation.2020
Prevent Breach of Customer DataSensitive data sent via personal webmailBlock the email.On or off the corporate network.21
Additional information Symantec DLP product Web site:– hemeid dlp E‐mail Chris Hagelin ‐ Symantec(Chris Hagelin@symantec.com) Evaluation Workshop & Demo can be arranged22
Symantec DLP Overview Jonathan Jesse ITS Partners. What are the challenges? . 14. 1 5 Educate users with automated email. Protect intellectual property. Protect Competitive Advantage Unencrypted product design documents sent to a partner 15. 16 Disconnected SECURED CORPORATE LAN DMZ SPAN Port or Tap MTA or Proxy DLP for Endpoint –Use Cases MONITOR DISCOVER PROTECT. 1