Symantec Data Loss Prevention 11

December 14, 2010

Unstructured Data: Trends and Observations

• It’s growing

– Over 60% per year (IDC)

• It’s spread out

– Distributed file servers, the cloud, self service groupware sites

• It contains an organization’s intellectual property

– Source code, designs, strategy, financials

• It’s increasingly targeted by thieves

– Hydraq – a small infection, but targeted highest value IP

– Malicious insiders – steal IP for financial gain and career advancement

– Malicious outsiders – steal product designs for counterfeit

Symantec Data Loss Prevention 11 2

The Challenges Protecting Intellectual Property (IP)

• It’s hard to define

– The differences between sensitive and non-sensitive data are often subtle

• It’s hard to find

– It’s intermingled with large volumes of low value data

• It’s often very vulnerable – permissions are “loose”

– Users create new data repositories and inadvertently grant broad access

• Users don’t understand the risk of data leaks

– Data security is not their primary mission

Symantec Data Loss Prevention 11 3

• Requires less effort and expertise than describing content; requires a smaller sample than fingerprinting

Vector Machine Learning: Reduce the time and expertise required to develop policies to protect unstructured data and IP

• Gives business units the information they need to directly address “hot spots”

Risk Scoring: Identify the most risky data by combining content, usage and access information

• Reduces the time to achieve measurable risk reduction by involving data owners in the clean up effort

Data Owner Remediation: Identify data owners and notify them that they need to fix their exposed sensitive data

Data Loss Prevention 11 – What’s New• Symantec Data Loss Prevention 11 simplifies the detection and protection

of enterprises’ most valuable information

Symantec Data Loss Prevention 11 4

Detecting Unstructured Data: The Challenge Today

Symantec Data Loss Prevention 11

Symantec Proprietary & Confidential - This information is not a commitment, promise or legal obligation to deliver any material, code or functionality

Describe Fingerprint

• How do I identify relevant keywords?

•How do I avoid false positives?

• How do I tune policies?

• What if I can’t access all confidential docs?

• How do I account for new docs?

• How do I protect the endpoint?

5

Describe Fingerprint

Learn

Vector Machine Learning: Finds Sensitive Data

Symantec Data Loss Prevention 11

Symantec Proprietary & Confidential - This information is not a commitment, promise or legal obligation to deliver any material, code or functionality

• Learns by positive and negative examples

• Automates keyword identification and enables easier tuning

• Improves accuracy, reduces false positives

• Detects new content without having to fingerprint it first

6

• Requires less effort and expertise than describing content; requires a smaller sample than fingerprinting

Vector Machine Learning: Reduce the time and expertise required to develop policies to protect unstructured data and IP

• Gives business units the information they need to directly address “hot spots”

Risk Scoring: Identify the most risky data by combining content, usage and access information

• Reduces the time to achieve measurable risk reduction by involving data owners in the clean up effort

Data Owner Remediation: Identify data owners and notify them that they need to fix their exposed sensitive data

Data Loss Prevention 11 – What’s New• Symantec Data Loss Prevention 11 simplifies the detection and protection

of enterprises’ most valuable information

Symantec Data Loss Prevention 11 7

Risk Scoring – Identifies Data at Greatest Risk

• Highlights the most risky folders

• Score is based on incident type, severity and folder accessibility

• Tells the organization where to focus initial data clean up and lock down efforts

Find and fix the most risky data

Symantec Data Loss Prevention 11 8

• Requires less effort and expertise than describing content; requires a smaller sample than fingerprinting

Vector Machine Learning: Reduce the time and expertise required to develop policies to protect unstructured data and IP

• Gives business units the information they need to directly address “hot spots”

Risk Scoring: Identify the most risky data by combining content, usage and access information

• Reduces the time to achieve measurable risk reduction by involving data owners in the clean up effort

Data Owner Remediation: Identify data owners and notify them that they need to fix their exposed sensitive data

Data Loss Prevention 11 – What’s New• Symantec Data Loss Prevention 11 simplifies the detection and protection

of enterprises’ most valuable information

Symantec Data Loss Prevention 11 9

• Automatically notifies data owners that their sensitive files are potentially at risk

• Reduces the time to achieve measurable risk reduction by involving data owners in the clean up effort

Educating data owners is the key to reducing risk

Symantec Data Loss Prevention 11

Data Owner Remediation – Creates Security Awareness

Discover data, and track usage with Data Insight

Alert data owners; advise them via email about how to protect their data

ReportRe-scan

10

Symantec Data Loss Prevention 11

Management PlatformSymantec™ Data Loss Prevention Enforce Platform

Symantec Data Loss Prevention – Products

Storage

Symantec™ Data Loss Prevention

Network Discover

Symantec™ Data Loss Prevention

Data Insight

Symantec™ Data Loss Prevention

Network Protect

Endpoint

Symantec™ Data Loss Prevention

Endpoint Discover

Symantec™ Data Loss Prevention

Endpoint Prevent

Network

Symantec™ Data Loss Prevention

Network Monitor

Symantec™ Data Loss Prevention

Network Prevent

11

Trusted Devices assures that sensitive data can only be copied to approved storage devices

Application File Access Control ensures user drive applications such as iTunes, Skype and WebEx cannot access sensitive data

FlexResponse can automatically apply encryption or Enterprise Rights Management to sensitive data

Data Loss Prevention for Endpoint Enhancements• Flexibility to use a applications and storage devices while

protecting sensitive data

• Automatically apply encryption or Enterprise Rights Management (ERM)

Endpoint

Symantec Data Loss Prevention 11

Summary

• Symantec Data Loss Prevention 11 simplifies the detection and protection of enterprises’ most valuable information

• Vector Machine Learning is unique to Symantec

– Streamlines policy implementation, particularly for distributed IP

• Risk Scoring prioritizes data at risk

– Quickly identifies where to start data clean up efforts

• Data Owner Remediation educates users about risk

– Reduces the time and effort to achieve risk reduction

• Symantec Data Loss Prevention 11 is the result of our broad customer experience

Symantec Data Loss Prevention 11 13

Symantec Proprietary & Confidential - This information is not a commitment, promise or legal obligation to deliver any material, code or functionality

Symantec DLP Innovation Timeline

20092004 2005 2006 2007 2008

v3 v4 v5 v6Network: Monitor

Network: Prevent

Storage: Discover

VML

Storage: Protect

Endpoint: Monitor & Prevent

Endpoint: Discover

v9v8v7

2010 2011

v10 v11

DLP Open Platform

DLP Data Insight

• Customer focused innovation• One third of the F100• Acknowledged DLP leader

Symantec Data Loss Prevention 11 14

Thank you!

Copyright © 2010 Symantec Corporation. All rights reserved. Symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Other names may be trademarks of their respective owners.

This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

Thank you!

Symantec Data Loss Prevention 11 15