Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders
description
Transcript of Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders
![Page 1: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/1.jpg)
Data and Software Security
Defending the Enterprise against Trusted Insiders
June 2014
Ron ArdenVice President, Fasoo USA
Bill BlakePresident – Fasoo USA
![Page 2: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/2.jpg)
Agenda
• Current environment• Costs of data loss• Current technology gaps• EDRM at a glance• Solution case studies• Q&A
![Page 3: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/3.jpg)
About Fasoo
• Incorporated in June 2000• 270 employees• Specializes in Enterprise DRM (EDRM) solutions and services• Largest EDRM vendor with the most EDRM developers• Deployed to over 1,100 major organizations• Protecting data for over than 2 million users globally:
One company - 170,000 internal users in 32 major affiliates
![Page 4: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/4.jpg)
“The ongoing theft of Intellectual Property represents the greatest transfer of wealth in
human history!” General Keith Alexander
The IP Commission Report 2013
![Page 5: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/5.jpg)
Did you know?
"About 65 percent of employees who commit insider IP theft had already accepted positions
with a competing company or started their own company at the time of the theft.”
“More than half steal data within a month of leaving.”
Behavioral Risk Indicators of Malicious Insider IP Theft: Misreading the Writing on the Wall,
“About 20 percent were recruited by an outsider who targeted the data.”
![Page 6: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/6.jpg)
Relationships don’t last forever
![Page 7: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/7.jpg)
Content is everywhere
![Page 8: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/8.jpg)
Shadow images of confidential data can be left on unprotected systems Most organizations do not have the knowledge and experience to identify all of the
Blind Spots in their infrastructure!
Content is in constant motion
![Page 9: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/9.jpg)
Constant risk of data loss
Boston Globe – May 5, 2014
529 plan PII (60K people) on partner staging server
WBTV – April 18, 2014
Former hospital employee steals patient information to open bank accounts
SC Magazine – May 7, 2014
SSNs on postcards sent to 5,000 former Molina Healthcare members
Long Island radiology practice informs 97,000
patients of data breach
Newsday – June 24, 2014
CYBER ATTACKS ON TRADE SECRETS
Chinese PLA hackers indicted for stealing US secrets
Washington Post – May 22, 2014
![Page 10: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/10.jpg)
Types of insider threats
Human or system error cause almost 60% of data breaches.*
*Ponemon Institute 2014 Data Breach Report
Careless
Accidental/System Failure
Malicious
![Page 11: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/11.jpg)
Malicious
The gap that’s allowed cyber-criminals to breach these and other organizations is why Forrester Consulting described the situation in simple, blunt terms:
“Basically, the enterprise is a sitting duck.”
![Page 12: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/12.jpg)
Careless
15,000 employees affected
![Page 13: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/13.jpg)
Careless
$22,000,000,000 loss in stock value
![Page 14: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/14.jpg)
Accidental
Did you really want to send that email to the boss?
![Page 15: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/15.jpg)
US breach notification laws
Regulations
![Page 16: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/16.jpg)
Types of data
Types of data
Personally Identifi-able Information
Confidential/Sensi-tive business data
Military & Govern-ment data
Financial data
Intellectual Prop-erty
Protected Health Information
![Page 17: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/17.jpg)
Outside Staffing $54,131.56 Forms/Printing $15,817.91 Advertising $73,132.98 Kroll (forensics) $3,701,398.25 Call Center $186,740.52 Allied Vaughn $1,949.76 Private investigator $3,202.37 Database license $8,800.00 Oregon Monitor $1,787.50 LexisNexis $13,381.50 Translation Services $3,079.95 Cascade Direct $34,485.35 Postage $125,282.87 Laptop encryption $700,000.00 EDS $773,205.66 Data Transport., Storage $6,998.46 Legal $1,029,440.31 Total External Expenses $6,732,834.95 Internal Expenses $179,113.63
Total Expenses $6,911,948.58
Postage Costs $125,282.87
Cost of data breach
![Page 18: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/18.jpg)
Cost calculator
http://www.hubinternational.com/data-breach-cost-calculator/
Per Record$1,115
![Page 19: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/19.jpg)
Security technologies and policies
Secure FTP
VPN Host/Net DLP
Web Protection
Device Control Encryption
Email Protection
MDM/ Device
Security
Today’s Solutions Result in:
Never enough security
False sense of data protection
Vulnerable to authorized user threat
No control over data outside domain
![Page 20: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/20.jpg)
The end result!
![Page 21: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/21.jpg)
Enterprise DRM
Enterprise Content
Management
Full Disk Encryption
Narrow
Wide
ControlledPerimeter
Internal use
External use
Data at Rest Data in Transit Data in Use
ControlledPhase
EDRM vs. other security solutions
VPN
Network Transport
Encryption
Data Loss Prevention
![Page 22: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/22.jpg)
What is Fasoo Enterprise DRM?
Prevent unintended information disclosure or exposure
1. File encryption – persistent document security 2. Permission control – prevent unauthorized use of digital files3. Audit trail – consistent protection and verification
22
![Page 23: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/23.jpg)
Regardless of its location!
Controlling your content
![Page 24: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/24.jpg)
Benefits of Fasoo EDRM
5Supports mobile devices (Android, iOS)
3Integrates with existing third-party applications
Restrict document accessHow: view, edit, print, screen capture, VM, copyWhen: validity period, how many timesWhere: device, network address
Supports a wide range of documents and files
Can revoke sensitive documents by making them inaccessible
2
1
4
![Page 25: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/25.jpg)
Author
Review
Content Server
EDRM Policy Server
Partner
Unauthorized User
PartnerNetwork
Corporate VPN
VIEW
Protecting and controlling your information
![Page 26: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/26.jpg)
Case Studies
![Page 27: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/27.jpg)
Novant Health
![Page 28: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/28.jpg)
Challenges
Enable access from anywhere Streamline existing process
Secure confidential data Comply with JCAHO regulations
![Page 29: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/29.jpg)
Create
View
CVO
Co-chair
Solution
Credentialing System
Edit
Chair
View
Doctor
![Page 30: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/30.jpg)
Results
• Permission management through document classification• Automatically encrypt document upon download or access• Access from any device or location through Citrix
30
Groups Document PermissionsCVO All View, Edit, Print, Decrypt
Chair,Co-chair
PII View
Recommendation Edit
Default All No access
![Page 31: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/31.jpg)
Benefits
• Guarantee no data leaks of PII• Audit trail for all document activities• Streamline process and reduce risk• Information accessible from any device• Comply with regulations
31
![Page 32: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/32.jpg)
CJ Group
32
![Page 33: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/33.jpg)
Challenges
33
Minimize change to user productivity
SECURE & RELIABLE
Integrate with existing authentication system
Inter-organizational communications
Restrict external user access
Secure confidential data
![Page 34: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/34.jpg)
Edit 30 days
PartnerRevoke
Create
Edit
Decryptionserver
View
Finance
Legal
Marketing
VP
Chris Peters9:37 3/26/13172.16.125.21
Solution
Decrypt
Joe Peters9:37 6/24/14172.16.125.21
![Page 35: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/35.jpg)
Results
• Permission management through document classification• Some users automatically encrypt document upon save• Documents scanned and encrypted/reclassified if PII is detected• Email-based authentication for external users
35
Class Users & Groups PermissionsInternal All users View, Edit, Print
Proprietary All users View
Specific users & groups Edit, Print, Watermark
Confidential Specific users & groups View
Default Owner Full access
![Page 36: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/36.jpg)
Benefits
• Different permissions based on role and group• Audit trail for all document activities• Captured document for all Decrypt activities• Not managing external user credentials• Minimal impact to user productivity
36
![Page 37: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/37.jpg)
Classify, Prioritize and Protect
![Page 38: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/38.jpg)
When should you protect confidential files?
At creationAutomatically?
At destructionAutomatically
Collaboration Manually or Automatically?
Persistent RightsManagement
Highest level of protection against
insider threats
Data Loss PreventionNo protection
with legitimate third party sharing
After the factProtection
Delete files or destroy media
Beginning End
![Page 39: Gartner Security & Risk Management Summit 2014 - Defending the Enterprise Against Trusted Insiders](https://reader036.fdocuments.in/reader036/viewer/2022062513/556d0de3d8b42ad34f8b4e62/html5/thumbnails/39.jpg)
Thank you
39