Steal This Data - Email Security and DLP
-
Upload
galaxytech-international -
Category
Technology
-
view
309 -
download
0
description
Transcript of Steal This Data - Email Security and DLP
Steal This Data!Email Is the #1 Channel For Lost Data…
What Can You Do About It?
Let’s Talk - Agenda
• Your Presenter: Allan Cole• What Is DLP?• Why Do You Need it?• Regulations You Face• Case Study• How To Evaluate DLP• Why GalaxyTech• Next Steps
Who Is Allan Cole?
• 15 years of information security, privacy and education experience
• Specializes in risk assessment, gap analysis, policy content development, awareness training, strategy development and implementation.
• Senior Security Architect/Manager for McAfee Inc. for 11 Years. Designed and lead the implementation of complex security solutions for the financial, governmental, and healthcare business sectors.
What Is DLP?
Data loss prevention (DLP) solution is a system that is designed to detect potential data breach / data ex-filtration transmissions and prevent them by monitoring, detecting & blocking sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage) .
Why Do You Need DLP?
• Regulatory Compliance• Acceptable Use• Intellectual Property Protection
Regulatory Compliance
• Regulatory Compliance• HIPAA, GLBA, PCIDSS, SOX Regulations• Scan for sensitive information and block infractions• Secure business partner communication
Acceptable Use
• Acceptable Use• Block offensive content• Enforce messaging policy (attachment size, etc)• Add legal disclaimers to outgoing mails
Intellectual PropertyProtection
• Intellectual Property Protection• Block messages containing confidential data• Prevent email communication with competitor
Regulations You Face
• HIPAA- Health Insurance Portability and Accountability Act
• GLBA- Gramm, Leach, Bliley Act• PCIDSS- Payment Card Industry Data Security Standards• SOX- Sarbanes – Oxley Act of 2002
Case Study: The Problem
Customer Profile
Printing company servicing small business to fortune 500 corporations.
Challenges
The company was being sued by an employee that had been receiving emails with nudity embedded in the content of the email. These emails were being sent by another employee repeatedly and they had no solution to prevent this context from entering their environment. As a part of the legal settlement they to had to implement countermeasures to provide this from happens in the future.
Case Study: The Solution
Solution
Galaxytech recommend Cisco’s Ironport email security appliance with DLP and image analysis to ensure their acceptable use policy was being enforced.
How To Evaluate DLP
Things to think about when evaluating a DLP solution• The solution must be able to discover and protect confidential data wherever
it is stored or used • The solution must monitor all data usage and prevent confidential data from
exiting any network gateway or endpoint• Accuracy is critical• Automate policy enforcement• Visibility and control over encrypted data • Safeguard employee privacy• Proven global scale and architecture
Why GalaxyTech ?
Next Steps
• Let’s Review Your Needs• Pre Call Form • Conference Call With Director of Engineering
• Proof Of Concept