Post on 13-May-2015
description
Symantec Data Loss Prevention 11
December 14, 2010
Unstructured Data: Trends and Observations
• It’s growing
– Over 60% per year (IDC)
• It’s spread out
– Distributed file servers, the cloud, self service groupware sites
• It contains an organization’s intellectual property
– Source code, designs, strategy, financials
• It’s increasingly targeted by thieves
– Hydraq – a small infection, but targeted highest value IP
– Malicious insiders – steal IP for financial gain and career advancement
– Malicious outsiders – steal product designs for counterfeit
Symantec Data Loss Prevention 11 2
The Challenges Protecting Intellectual Property (IP)
• It’s hard to define
– The differences between sensitive and non-sensitive data are often subtle
• It’s hard to find
– It’s intermingled with large volumes of low value data
• It’s often very vulnerable – permissions are “loose”
– Users create new data repositories and inadvertently grant broad access
• Users don’t understand the risk of data leaks
– Data security is not their primary mission
Symantec Data Loss Prevention 11 3
• Requires less effort and expertise than describing content; requires a smaller sample than fingerprinting
Vector Machine Learning: Reduce the time and expertise required to develop policies to protect unstructured data and IP
• Gives business units the information they need to directly address “hot spots”
Risk Scoring: Identify the most risky data by combining content, usage and access information
• Reduces the time to achieve measurable risk reduction by involving data owners in the clean up effort
Data Owner Remediation: Identify data owners and notify them that they need to fix their exposed sensitive data
Data Loss Prevention 11 – What’s New• Symantec Data Loss Prevention 11 simplifies the detection and protection
of enterprises’ most valuable information
Symantec Data Loss Prevention 11 4
Detecting Unstructured Data: The Challenge Today
Symantec Data Loss Prevention 11
Symantec Proprietary & Confidential - This information is not a commitment, promise or legal obligation to deliver any material, code or functionality
Describe Fingerprint
• How do I identify relevant keywords?
•How do I avoid false positives?
• How do I tune policies?
• What if I can’t access all confidential docs?
• How do I account for new docs?
• How do I protect the endpoint?
5
Describe Fingerprint
Learn
Vector Machine Learning: Finds Sensitive Data
Symantec Data Loss Prevention 11
Symantec Proprietary & Confidential - This information is not a commitment, promise or legal obligation to deliver any material, code or functionality
• Learns by positive and negative examples
• Automates keyword identification and enables easier tuning
• Improves accuracy, reduces false positives
• Detects new content without having to fingerprint it first
6
• Requires less effort and expertise than describing content; requires a smaller sample than fingerprinting
Vector Machine Learning: Reduce the time and expertise required to develop policies to protect unstructured data and IP
• Gives business units the information they need to directly address “hot spots”
Risk Scoring: Identify the most risky data by combining content, usage and access information
• Reduces the time to achieve measurable risk reduction by involving data owners in the clean up effort
Data Owner Remediation: Identify data owners and notify them that they need to fix their exposed sensitive data
Data Loss Prevention 11 – What’s New• Symantec Data Loss Prevention 11 simplifies the detection and protection
of enterprises’ most valuable information
Symantec Data Loss Prevention 11 7
Risk Scoring – Identifies Data at Greatest Risk
• Highlights the most risky folders
• Score is based on incident type, severity and folder accessibility
• Tells the organization where to focus initial data clean up and lock down efforts
Find and fix the most risky data
Symantec Data Loss Prevention 11 8
• Requires less effort and expertise than describing content; requires a smaller sample than fingerprinting
Vector Machine Learning: Reduce the time and expertise required to develop policies to protect unstructured data and IP
• Gives business units the information they need to directly address “hot spots”
Risk Scoring: Identify the most risky data by combining content, usage and access information
• Reduces the time to achieve measurable risk reduction by involving data owners in the clean up effort
Data Owner Remediation: Identify data owners and notify them that they need to fix their exposed sensitive data
Data Loss Prevention 11 – What’s New• Symantec Data Loss Prevention 11 simplifies the detection and protection
of enterprises’ most valuable information
Symantec Data Loss Prevention 11 9
• Automatically notifies data owners that their sensitive files are potentially at risk
• Reduces the time to achieve measurable risk reduction by involving data owners in the clean up effort
Educating data owners is the key to reducing risk
Symantec Data Loss Prevention 11
Data Owner Remediation – Creates Security Awareness
Discover data, and track usage with Data Insight
Alert data owners; advise them via email about how to protect their data
ReportRe-scan
10
Symantec Data Loss Prevention 11
Management PlatformSymantec™ Data Loss Prevention Enforce Platform
Symantec Data Loss Prevention – Products
Storage
Symantec™ Data Loss Prevention
Network Discover
Symantec™ Data Loss Prevention
Data Insight
Symantec™ Data Loss Prevention
Network Protect
Endpoint
Symantec™ Data Loss Prevention
Endpoint Discover
Symantec™ Data Loss Prevention
Endpoint Prevent
Network
Symantec™ Data Loss Prevention
Network Monitor
Symantec™ Data Loss Prevention
Network Prevent
11
Trusted Devices assures that sensitive data can only be copied to approved storage devices
Application File Access Control ensures user drive applications such as iTunes, Skype and WebEx cannot access sensitive data
FlexResponse can automatically apply encryption or Enterprise Rights Management to sensitive data
Data Loss Prevention for Endpoint Enhancements• Flexibility to use a applications and storage devices while
protecting sensitive data
• Automatically apply encryption or Enterprise Rights Management (ERM)
Endpoint
Symantec Data Loss Prevention 11
Summary
• Symantec Data Loss Prevention 11 simplifies the detection and protection of enterprises’ most valuable information
• Vector Machine Learning is unique to Symantec
– Streamlines policy implementation, particularly for distributed IP
• Risk Scoring prioritizes data at risk
– Quickly identifies where to start data clean up efforts
• Data Owner Remediation educates users about risk
– Reduces the time and effort to achieve risk reduction
• Symantec Data Loss Prevention 11 is the result of our broad customer experience
Symantec Data Loss Prevention 11 13
Symantec Proprietary & Confidential - This information is not a commitment, promise or legal obligation to deliver any material, code or functionality
Symantec DLP Innovation Timeline
20092004 2005 2006 2007 2008
v3 v4 v5 v6Network: Monitor
Network: Prevent
Storage: Discover
VML
Storage: Protect
Endpoint: Monitor & Prevent
Endpoint: Discover
v9v8v7
2010 2011
v10 v11
DLP Open Platform
DLP Data Insight
• Customer focused innovation• One third of the F100• Acknowledged DLP leader
Symantec Data Loss Prevention 11 14
Thank you!
Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.
This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.
Thank you!
Symantec Data Loss Prevention 11 15