RSA Data Loss Prevention (DLP) Understand business risk and mitigate it effectively
|
|
- Emmeline Kennedy
- 8 years ago
- Views:
Transcription
1 RSA Data Loss Prevention (DLP) Understand business risk and mitigate it effectively Arrow ECS DLP workshop, Beograd September 2011 Marko Pust 1
2 Agenda DLP in general What to expect from DLP and what not Challanges with DLP RSA DLP solution Logical arhitecture Physical arhitecture RSA DLP 8.8 : what s new? Demo 2
3 3
4 4
5 Definition of DLP technology that helped us build technology DLP is a process people a to protect our from leaking sensitive data -CISO, Healthcare Company RSA subscribes to this philosophy and encourages customers to focus on people and process and to take a risk based approach in building DLP projects 5
6 Knowing The D In DLP: Sensitive Data Regulatory Data Corporate Secrets Credit card data Privacy data (PII) Health care information Intellectual property Financial information Trade secrets 6
7 RSA DLP Methodology You Can Follow Policy Framework Based on Governance, Risk & Compliance DISCOVER MONITOR EDUCATE ENFORCE Sensitive Data User Actions Users & Mgmt Security Controls? RISK RISK Reduce Risk Understand Risk TIME 7
8 DLP Covers Your Entire Infrastructure RSA DLP Enterprise Manager RSA DLP Network RSA DLP Datacenter RSA DLP Endpoint DISCOVER MONITOR EDUCATE ENFORCE Web File shares SharePoint Databases Connected PCs Disconnected PCs 8
9 Risk Based Policy Management Enforce security controls based on the risk of a violation User Action Data Sensitivity User Identity Defined in DLP Policy LOW ALLOW NOTIFY QUARANTINE JUSTIFY RISK MOVE BLOCK HIGH ENCRYPT SHRED Manual or Automated AUDIT COPY DELETE RMS (DRM) 9
10 10
11 RSA DLP Data Classification Techniques RSA DLP Classification Framework File Attributes Identity Analysis Described Content Fingerprinting File metadata Headers, etc. Usage data* File owner Device owner Data owner 170+ policies Keywords Regex Entities Pluggable entities Binary Full text match Partial-text match Database match Logical rule sets Contextual Analysis Content Analysis 11
12 RSA DLP Policy Library & Methodology 170+ built-in in policies you can use Knowledge Engineering Retail PCI DSS Healthcare HIPAA Telecom/Tech CPNI Sample Profile of a Knowledge Engineer MA CMR 201 Caldicott (UK) Source Code CA AB 1298 PIPEDA Design Docs Work Exp: 12 years Certifications: 18 regulations Manufacturing ITAR Patent Apps EAR Financial Serv GLBA FCRA NASD Other NERC Global PII 401k & 403b Languages : Four Background: Linguistics, artificial intelligence, search technologies Education: Library sciences, Computer science Dedicated Knowledge Engineering team develops and maintains DLP policies 12
13 In-Depth Data Analysis Framework Attributes & Identity Analysis header data Attachment type, size, etc. Content in body & Attachment General keywords Specialized keywords Patterns and strings Proximity analysis negative rules 13
14 You Scan for Sensitive Data. Then What? Result Sensitive files discovered by DLP X IT decides on remediation IT does not have business context Potential of disruption to business Involve end-user in remediation Who to contact? What to ask? How to track responses? How to follow up? How to orchestrate? How to manage the process? 14
15 Remediating Risk From Unstructured Data RSA Datacenter Solution What s in it? Classify files to identify important ones Who really owns it? Monitor file activity to identify owners A file in a file share What to do with it? Establish a workflow to involve the file owner 15
16 RSA Risk Remediation Manager (RRM) SharePoint Grid Business Users Databases Apply DRM Virtual Grid Encrypt NAS/SAN RSA DLP Datacenter RSA DLP RRM Delete / Shred Temp Agents Change Permissions File Servers Agents File Activity Tools GRC Systems Policy Exception Endpoints Discover Sensitive Data Manage Remediation Workflow Apply Controls 16
17 Policy Development for Corporate Secrets DLP Policy Requirements Best Practices What data is sensitive? How long is it sensitive? Who can do what? Who should the alerts go to? Who are the policy approvers? Enable business to take ownership Develop an approval process Avoid s/calls based approach Record all communications Establish a repeatable workflow We can figure it out for compliance data. But for our company s IP only business knows the latest and greatest. It s crucial to involve them for (DLP) policy definition - A DLP project owner, Enterprise Organization 17
18 RSA DLP Policy Workflow Manager (PWM) + Step 1 Identify files & set business rules Step 3 DLP Policy is routed for approval Business Managers Step 2 Create DLP Policy & check for feasibility Step 4 Approved DLP policy DLP Admin End Users Policy applied across the enterprise 18
19 Get More by Using DLP & SIEM Together Reports RSA DLP Enterprise Manager Risk Heat Maps Asset Collector Alerts RSA DLP Network RSA DLP Datacenter RSA DLP Endpoint DLP Events Collector Services Forensics Incidents Correlations RSA DLP Suite RSA envision Identify hidden risk by correlating DLP events with all other IT events in real-time Prioritize alerts in envision by identifying devices/assets with sensitive data Monitor a single dashboard for all incidents (alerts from DLP and infrastructure) 19
20 RSA DLP architecture 20
21 In Motion At Rest In Use NETWORK DATACENTER ENDPOINT Fileservers HTTP/S CD/DVD IM Desktop/Laptop USB Storage Databases Dear mom, PRINT FTP/S Portals COPY/SAVE Block Audit Quarantine Encrypt - Access Controls Notify - Justify Dashboards Incidents Reports Policies Admin Enterprise Manager 21
22 DLP SUITE In Motion At Rest In Use NETWORK DATACENTER ENDPOINT Fileservers HTTP/S CD/DVD IM Desktop/Laptop USB Storage Databases Dear mom, PRINT FTP/S Portals COPY/SAVE Block Audit Quarantine Encrypt - Access Controls Notify - Justify Dashboards Incidents Reports Policies Admin Enterprise Manager 22
23 DLP SUITE - Physical In Motion At Rest In Use NETWORK DATACENTER ENDPOINT Controller Required Sensor Audits Interceptor ICAP HTTP/S FTP Switch / Tap Mail Encryption Proxy Enterprise Coordinator (Win) Site Coordinators (Win) Agents (Local/Grid) Perm Temp DLP Appliances Customer Systems Dashboards Incidents Reports Policies Admin Enterprise Manager (Windows) MS SQL 23
24 RSA DLP Product Architecture Third Party Elements AD RMS Policies Active Directory IT GRC Platforms RSA DLP RSA DLP Enterprise Manager System Policy & Classification Incident Administration Library Management Web Interface Reporting & Workflow Engine SIEM Policies Incidents RSA DLP SDK Embedded in Partner Platforms Classification Policies Incidents Network Network Controller Controller Network Classification Enforcement Incidents Grids & Agents Controller Datacenter Classification Enforcement Incidents Agents Agents Controller Controller Endpoint Classification Enforcement Incidents CUSTOMER DATA ELEMENTS 24
25 RSA Data Discovery Architecture Database Main Data Center DLP Administrator Secondary Data Center SharePoint RSA Agents Note: All RSA Data Discovery components are offered as software Remote Offices 25
26 RSA DLP Endpoint Functionality Monitor Educate Enforce Connected or Disconnected from Corporate Network Connected to Corporate Network RSA DLP Endpoint Agent Not Connected to Corporate Network 26
27 RSA DLP Network Monitor Deployment Mail Servers SMTP SMTP Outbound Relay SPAN TAP Corporate Users IM, HTTP, HTTPS, FTP Proxy Server DLP Administrator Note: All RSA Network components except for RSA DLP Network Sensors can be deployed as virtual appliances 27
28 RSA DLP Network Enforce Deployment Encryption Server Mail Servers SMTP SMTP Outbound Relay Corporate Users IM, HTTP, HTTPS, FTP Proxy Server DLP Administrator Note: All RSA Network components except for RSA DLP Network Sensors can be deployed as virtual appliances 28
29 RSA DLP Network Deployment Architecture Encryption Server Mail Servers SMTP SMTP Outbound Relay SPAN TAP Corporate Users IM, HTTP, HTTPS, FTP Proxy Server DLP Administrator Note: All RSA Network components except for RSA DLP Network Sensors can be deployed as virtual appliances 29
30 Scanning SharePoint with RSA DLP Employees RSA DLP Enterprise Manager DLP Administrator Partners Vendors Microsoft SharePoint RSA DLP Datacenter SharePoint API Use RSA DLP to: 1) Identify all sites 2) Scan all data objects 3) Locate sensitive data 30
31 Challenges With Data Protection SharePoint Repositories Apply DRM Encrypt NAS/SAN File Servers Delete / Shred Change Permissions Endpoints Policy Exception Where is the sensitive data? Who is accessing the data? What controls to apply to reduce risk? 31
32 RSA DLP and Imperva Better insight into Data at Rest for more effective remediation process DISCOVER MONITOR EDUCATE ENFORCE DLP DLP DLP DLP What data is sensitive? How is it being used? What to educate on? What do I enforce? Where is it? Where do I enforce? Imperva Imperva Imperva Imperva Who has access to it? Where to start discovery? Who is accessing it? Who shouldn t have access? Who do I educate? Who should be alerted of violations? How can I enforce? 32
33 RSA DLP Scan Data Into Imperva PC I PII 2) Import RSA DLP classification into Imperva Imperva File Activity Monitoring Credit Card #s Social Security # s PH I Credit Card #s 1) RSA DLP discovers and classifies sensitive data 3) Based on classification, Imperva can: Monitor access Limit user access rights Alert/block unauthorized activity 33
34 VMware vshield App: Built-in Data Classification Through RSA DLP Content Aware Infrastructure DMZ 1 DMZ 2 Secured VMware vsphere 5+ vshield App with Data Security Classify files within VMs RSA DLP classification technology embedded into VMware vshield App with Data Security No agents or 3 rd party software Includes 80+ expert RSA policies out of the box Consistent classification across both physical and virtual environments 34
35 RSA DLP: Solution for Outbound s Internal s Outlook Web Access RSA DLP Network Audit Notify Encrypt Block Educate Justify Quarantine Enterprise Use Analyze Content for Policy Violations Enforce Controls 35
36 New ICAP Functionality: Response Modification Corporate Network Access s from OWA Third Parties External Employees Vendors Download attachment from OWA Download files from SharePoint Access files from internal FTP server x RSA DLP Incoming requests Allow non-sensitive content Block sensitive content Outgoing response OWA SharePoint FTP 36
37 New Feature: DLP for Internal Internal among employees NEW: With DLP V8.8 you can monitor exchanged within the organization Exchange Server DLP can monitor, block, quarantine or encrypt all going out 37
38 RSA DLP Network Deployment Architecture 2 Encryption Server Mail Servers SMTP 3 SMTP Outbound Relay SPAN TAP Corporate Users IM, HTTP, HTTPS, FTP Proxy Server 1 Monitor only all outbound and web traffic Monitor & enforce all outbound SMTP s Monitor & enforce all internal s 4 Monitor & enforce all web traffic, including HTTPS DLP Administrator Note: All RSA Network components except for RSA DLP Network Sensors can be deployed as virtual appliances 38
39 Thank You The Security Division of EMC 39
40 Tools for Organizations Interested in DLP What stage are you in today? We can help you: Better understand DLP Develop a DLP project internally Develop a framework to evaluate and select the right DLP vendor Considering DLP Scoping DLP Project Evaluating DLP Vendors Risk Assessment DLP Miniscan DLP Workshop DLP Demo (RVC) Free Scan DLP Workshop EMC CIRC Tour DLP TCO Tool DLP Sizing Guide DLP RFP Templates DLP POC Consideration Metrics 40
41 RSA DLP for Virtualized Environments Virtualized Servers Run RSA DLP management software on virtual machines Deploy RSA DLP Network hardware* as virtual appliances Leverage virtual servers for RSA DLP grid scanning * Except for RSA DLP Network Sensor Virtualized Desktops Use RSA DLP Endpoint agent on virtual desktops Both Citrix XenDesktop and VMware View are supported Scan Home Drives without interfering with the desktop Strategic partnership with major virtualization vendors 41
42 RSA DLP Partner Ecosystem Infrastructure Partners Embedded DLP Centralized Mgmt AD RMS Technology Partners Control tools SMS ISA Proxy solutions Mgmt platforms ACLs Mgmt tools 42
43 RSA DLP Worldwide Adoption 1000 Customers worldwide Retail Financial Healthcare + Technology Insurance Others 43
RSA SIEM and DLP Infrastructure and Information Monitoring in One Solution
RSA SIEM and DLP Infrastructure and Information Monitoring in One Solution David Mateju RSA Sales Consultant, RSA CSE david.mateju@rsa.com Adding an information-centric view Infrastructure Information
More informationInformation Risk Management. Alvin Ow Director, Technology Consulting Asia Pacific & Japan RSA, The Security Division of EMC
Information Risk Management Alvin Ow Director, Technology Consulting Asia Pacific & Japan RSA, The Security Division of EMC Agenda Data Breaches Required Capabilities of preventing Data Loss Information
More informationRSA Solution Brief RSA. Data Loss. Uncover your risk, establish control. RSA. Key Manager. RSA Solution Brief
RSA Solution Brief RSA Managing Data Loss the Lifecycle of Prevention Encryption Suite Keys with Uncover your risk, establish control. RSA Key Manager RSA Solution Brief 1 Executive Summary RSA Data Loss
More informationKelvin Wee CISA, CISM, CISSP Principal Consultant (DLP Specialist) Asia Pacific and Japan
The Truth about Data Loss Kelvin Wee CISA, CISM, CISSP Principal Consultant (DLP Specialist) Asia Pacific and Japan RSA Data Loss Prevention Data Breaches Overview RSA DLP Solution Five Critical Factors
More informationData Protection McAfee s Endpoint and Network Data Loss Prevention
Data Protection McAfee s Endpoint and Network Data Loss Prevention Dipl.-Inform. Rolf Haas Principal Security Engineer, S+, CISSP rolf@mcafee.com January 22, 2013 for ANSWER SA Event, Geneva Position Features
More informationwith Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief
RSA Solution Brief Streamlining Security Operations with Managing RSA the Lifecycle of Data Loss Prevention and Encryption RSA envision Keys with Solutions RSA Key Manager RSA Solution Brief 1 Who is asking
More informationWhite paper. Five Key Considerations for Selecting a Data Loss Prevention Solution
White paper Five Key Considerations for Selecting a Data Loss Prevention Solution What do you need to consider before selecting a data loss prevention solution? There is a renewed awareness of the value
More informationCA Technologies Data Protection
CA Technologies Data Protection can you protect and control information? Johan Van Hove Senior Solutions Strategist Security Johan.VanHove@CA.com CA Technologies Content-Aware IAM strategy CA Technologies
More informationEMC Security for Microsoft Exchange Solution: Data Loss Prevention and Secure Access Management
EMC Security for Microsoft Exchange Solution: Data Loss Prevention and Applied Technology Abstract Securing a Microsoft Exchange e-mail environment presents a myriad of challenges and compliance issues
More informationWebsense Data Security Suite and Cyber-Ark Inter-Business Vault. The Power of Integration
Websense Data Security Suite and Cyber-Ark Inter-Business Vault The Power of Integration Websense Data Security Suite Websense Data Security Suite is a leading solution to prevent information leaks; be
More informationSymantec DLP Overview. Jonathan Jesse ITS Partners
Symantec DLP Overview Jonathan Jesse ITS Partners Today s Agenda What are the challenges? What is Data Loss Prevention (DLP)? How does DLP address key challenges? Why Symantec DLP and how does it work?
More informationProtecting Data-at-Rest with SecureZIP for DLP
Protecting Data-at-Rest with SecureZIP for DLP TABLE OF CONTENTS INTRODUCTION 3 PROTECTING DATA WITH DLP 3 FINDING INDIVIDUAL AND SHARED INFORMATION-AT-REST 4 METHODS FOR REMEDIATION 4 ENCRYPTING UNPROTECTED
More informationWebsense Data Security Solutions
Data Security Suite Data Discover Data Monitor Data Protect Data Endpoint Data Security Solutions What is your confidential data and where is it stored? Who is using your confidential data and how? Protecting
More informationPractical DLP Deployment
Practical DLP Deployment Practical DLP Deployment for your Organization Jon Damratoski, DLP Architect DLP Basics Overview A few items discussed today What is DLP? Define a DLP program using business driven
More informationA Buyer's Guide to Data Loss Protection Solutions
A Buyer's Guide to Data Loss Protection Solutions 2010 Websense, Inc. All rights reserved. Websense is a registered trademark of Websense, Inc. in the United States and certain international markets. Websense
More informationData Protection Strategy Simon K. Carvalho
Technology Solution Consulting Service Outsourcing Data Protection Strategy Simon K. Carvalho Workshop Agenda Why data protection? What is data protection? Data Protection vs DLP DLP strategy Data Classification
More informationUnderstanding and Selecting a DLP Solution. Rich Mogull Securosis
Understanding and Selecting a DLP Solution Rich Mogull Securosis No Wonder We re Confused Data Loss Prevention Data Leak Prevention Data Loss Protection Information Leak Prevention Extrusion Prevention
More information: RSA 050-V60X-CSEDLPS. : CSE RSA Data Loss Prevention 6.0. Version : R6.1
Exam : RSA 050-V60X-CSEDLPS Title : CSE RSA Data Loss Prevention 6.0 Version : R6.1 Prepking - King of Computer Certification Important Information, Please Read Carefully Other Prepking products A) Offline
More informationTHE EXECUTIVE GUIDE TO DATA LOSS PREVENTION. Technology Overview, Business Justification, and Resource Requirements
THE EXECUTIVE GUIDE TO DATA LOSS PREVENTION Technology Overview, Business Justification, and Resource Requirements Introduction to Data Loss Prevention Intelligent Protection for Digital Assets Although
More informationBuilding a Security Program that Protects an Organizations Most Critical Assets
Building a Security Program that Protects an Organizations Most Critical Assets ABOUT BEW GLOBAL WHAT WE WILL COVER TODAY What is a Critical Asset Protection Program Data Loss Prevention & Other Technology
More informationA Websense Research Brief Prevent Data Loss and Comply with Payment Card Industry Data Security Standards
A Websense Research Brief Prevent Loss and Comply with Payment Card Industry Security Standards Prevent Loss and Comply with Payment Card Industry Security Standards Standards for Credit Card Security
More informationHow RSA has helped EMC to secure its Virtual Infrastructure
How RSA has helped EMC to secure its Virtual Infrastructure A new solution, the RSA solution for Cloud Security and Compliance, has been developed and is now available to all of our customers. Luciano
More informationFive Tips to Ensure Data Loss Prevention Success
Five Tips to Ensure Data Loss Prevention Success A DLP Experts White Paper January, 2013 Author s Note The content of this white paper was developed independently of any vendor sponsors and is the sole
More informationMcAfee Data Protection Solutions
McAfee Data Protection Solutions Tamas Barna System Engineer CISSP, Security+ Eastern Europe The Solution: McAfee Data Protection McAfee Data Loss Prevention Full control and absolute visibility over user
More informationData Classification Technical Assessment
Data Classification Update: February 13th, 2015 Statement of Confidentiality This Confidential Information is being provided to Customer ABC as a deliverable of this consulting engagement. The sole purpose
More informationTRITON - Data Security Help
TRITON - Data Security Help Websense Data Security v7.6 1996 2011, Websense, Inc. All rights reserved. 10240 Sorrento Valley Rd., San Diego, CA 92121, USA Published 2010 Printed in the United States and
More informationDISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com
DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention symantec.com One of the interesting things we ve found is that a lot of the activity you d expect to be malicious
More informationEmpowering Your Business in the Cloud Without Compromising Security
Empowering Your Business in the Cloud Without Compromising Security Cloud Security Fabric CloudLock offers the cloud security fabric for the enterprise that helps organizations protect their sensitive
More information10 Building Blocks for Securing File Data
hite Paper 10 Building Blocks for Securing File Data Introduction Securing file data has never been more important or more challenging for organizations. Files dominate the data center, with analyst firm
More informationIBM Data Security Services for endpoint data protection endpoint data loss prevention solution
Automating policy enforcement to prevent endpoint data loss IBM Data Security Services for endpoint data protection endpoint data loss prevention solution Highlights Facilitate policy-based expertise and
More informationHow To Protect Your Virtual Infrastructure From Attack From A Cyber Threat
VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Security and Compliance VMware vcloud Networking and Security is the leading networking and security
More informationBUILDING A SECURITY PROGRAM THAT PROTECTS AN ORGANIZATION S MOST CRITICAL ASSETS
BUILDING A SECURITY PROGRAM THAT PROTECTS AN ORGANIZATION S MOST CRITICAL ASSETS ABOUT BEW GLOBAL Founded 2002 Global Service Delivery Focused Expertise Quality Management S O L U T I O N O F F E R I N
More informationSecurity Overview Enterprise-Class Secure Mobile File Sharing
Security Overview Enterprise-Class Secure Mobile File Sharing Accellion, Inc. 1 Overview 3 End to End Security 4 File Sharing Security Features 5 Storage 7 Encryption 8 Audit Trail 9 Accellion Public Cloud
More informationStrategies and Best Practices to Implement a Successful Data Loss Prevention Program Sebastian Brenner, CISSP
Strategies and Best Practices to Implement a Successful Data Loss Prevention Program Sebastian Brenner, CISSP Principal Systems Engineer Symantec LAMC Agenda 1 What DLP is and its purpose 2 Challenges
More informationNetzwerkvirtualisierung? Aber mit Sicherheit!
Netzwerkvirtualisierung? Aber mit Sicherheit! Markus Schönberger Advisory Technology Consultant Trend Micro Stephan Bohnengel Sr. Network Virtualization SE VMware Agenda Background and Basic Introduction
More informationAdopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services.
Security solutions To support your IT objectives Adopt a unified, holistic approach to a broad range of data security challenges with IBM Data Security Services. Highlights Balance effective security with
More informationLumeta IPsonar. Active Network Discovery, Mapping and Leak Detection for Large Distributed, Highly Complex & Sensitive Enterprise Networks
IPsonar provides visibility into every IP asset, host, node, and connection on the network, performing an active probe and mapping everything that's on the network, resulting in a comprehensive view of
More informationQRadar SIEM 6.3 Datasheet
QRadar SIEM 6.3 Datasheet Overview Q1 Labs flagship solution QRadar SIEM is unrivaled in its ability to provide an organization centralized IT security command and control. The unique capabilities of QRadar
More informationEnterprise Security Solutions
Enterprise Security Solutions World-class technical solutions, professional services and training from experts you can trust ISOCORP is a Value-Added Reseller (VAR) and services provider for best in class
More informationRSA Security Solutions for Virtualization
RSA Security Solutions for Virtualization Grzegorz Mucha grzegorz.mucha@rsa.com Securing the Journey to the Cloud The RSA Solution for Virtualized Datacenters The RSA Solution for VMware View The RSA Solution
More informationTrend Micro Cloud App Security for Office 365. October 27, 2015 Trevor Richmond
Trend Micro Cloud App Security for Office 365 October 27, 2015 Trevor Richmond Too many malware incidents >90% Targeted Attacks Start with Email Attackers: Target specific companies or individuals Research
More informationWhite paper. Four Best Practices for Secure Web Access
White paper Four Best Practices for Secure Web Access What can be done to protect web access? The Web has created a wealth of new opportunities enabling organizations to reduce costs, increase efficiency
More informationVMware Integrated Partner Solutions for Networking and Security
VMware Integrated Partner Solutions for Networking and Security VMware Integrated Partner Solutions for Networking and Security Networking and Security are complex, dynamic areas, and VMware recognizes
More informationEnd-user Security Analytics Strengthens Protection with ArcSight
Case Study for XY Bank End-user Security Analytics Strengthens Protection with ArcSight INTRODUCTION Detect and respond to advanced persistent threats (APT) in real-time with Nexthink End-user Security
More informationData Loss Prevention Best Practices to comply with PCI-DSS An Executive Guide
Data Loss Prevention Best Practices to comply with PCI-DSS An Executive Guide. Four steps for success Implementing a Data Loss Prevention solution to address PCI requirements may be broken into four key
More informationHow To Manage Security On A Networked Computer System
Unified Security Reduce the Cost of Compliance Introduction In an effort to achieve a consistent and reliable security program, many organizations have adopted the standard as a key compliance strategy
More informationAutomatizace Private Cloud. Petr Košec, Microsoft MVP, MCT, MCSE www.kosecsolutions.cz, @PetrKosec
Automatizace Private Cloud Petr Košec, Microsoft MVP, MCT, MCSE www.kosecsolutions.cz, @PetrKosec Session Objectives and Takeaways Introduction to Orchestrator Introduction to Service Management Automation
More informationIdentifying Broken Business Processes
Identifying Broken Business Processes A data-centric approach to defining, identifying, and enforcing protection of sensitive documents at rest, in motion, and in use 6/07 I www.vericept.com Abstract The
More informationAnalyzing HTTP/HTTPS Traffic Logs
Advanced Threat Protection Automatic Traffic Log Analysis APTs, advanced malware and zero-day attacks are designed to evade conventional perimeter security defenses. Today, there is wide agreement that
More informationMcAfee Data Loss Prevention 9.3.0
Product Guide Revision E McAfee Data Loss Prevention 9.3.0 For use with epolicy Orchestrator 4.5, 4.6, 5.0 Software COPYRIGHT Copyright 2014 McAfee, Inc. Do not copy without permission. TRADEMARK ATTRIBUTIONS
More informationOffice 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.
Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD. Your Valuable Data In The Cloud? How To Get The Best Protection! A world safe for exchanging digital information
More informationSimplified IT Compliance Frameworks to Reduce Costs and Strengthen Security
Copyright 2008 EMC Corporation. All rights reserved. Simplified IT Compliance Frameworks to Reduce Costs and Strengthen Security Dave Simmons EMC Corporation Why is Information Security So Difficult? because
More informationcompliance through Integrated solutions for effective compliance management Solution Brief
compliance through RSA SECURITY MANAGEMENT Integrated solutions for effective compliance management Solution Brief WHEN WILL COMPLIANCE GET EASIER? The increasingly complex and stringent compliance environment
More informationThe RSA Solution for. infrastructure security and compliance. A GRC foundation for VMware. Solution Brief
The RSA Solution for Cloud Security and Compliance A GRC foundation for VMware infrastructure security and compliance Solution Brief The RSA Solution for Cloud Security and Compliance enables end-user
More informationEnabling Security Operations with RSA envision. August, 2009
Enabling Security Operations with RSA envision August, 2009 Agenda What is security operations? How does RSA envision help with security operations? How does RSA envision fit with other EMC products? If
More informationClavister InSight TM. Protecting Values
Clavister InSight TM Clavister SSP Security Services Platform firewall VPN termination intrusion prevention anti-virus anti-spam content filtering traffic shaping authentication Protecting Values & Enterprise-wide
More informationCOMPANY PRESENTATION SOLUTIONS
2MN LTD COMPANY PRESENTATION SOLUTIONS 2MN LTD www.2mn.co.uk I A PROPOS DE 2MN Telephone: +44(0)8709192892 Email: info@2mn.co.uk Dear Sir/Madam, Support: support@2mn.co.uk Dear Sir, Madame, 1 Dear Sir/Madame,
More informationAn Introduction to SIEM & RSA envision (Security Information and Event Management) January, 2011
An Introduction to SIEM & RSA envision (Security Information and Event Management) January, 2011 Brian McLean, CISSP Sr Technology Consultant, RSA Changing Threats and More Demanding Regulations External
More informationTECHNOLOGY PARTNER CERTIFICATION BENEFITS AND PROCESS
TECHNOLOGY PARTNER CERTIFICATION BENEFITS AND PROCESS BUSINESS BENEFITS Use of the Certified Partner seal and the Secured by RSA brand on product packaging and advertising Exposure in the Secured by RSA
More informationInformation Technology Solutions
Managed Services Information Technology Solutions A TBG Security Professional Services Offering LET TBG MANAGE YOUR INFRASTRUCTURE WITH CONFIDENCE: TBG S INTEGRATED IT AUTOMATION FRAMEWORK PROVIDES: Computer
More informationCompliance and Security Solutions
Content-aware Compliance and Security Solutions for Microsoft SharePoint SharePoint and the ECM Challenge The numbers tell the story. According to the consulting firm Doculabs, 80 percent of the information
More informationEDITION CLOUD REPORT HEALTHCARE AND LIFE SCIENCES LEAD IN FINDING AND PREVENTING SENSITIVE DATA LOSS
Fall 205 WORLDWIDE EDITION CLOUD REPORT HEALTHCARE AND LIFE SCIENCES LEAD IN FINDING AND PREVENTING SENSITIVE DATA LOSS Report Highlights Healthcare and life sciences enterprises account for 76.2 percent
More information場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR
場 次 :C-3 公 司 名 稱 :RSA, The Security Division of EMC 主 題 : 如 何 應 用 網 路 封 包 分 析 對 付 資 安 威 脅 主 講 人 :Jerry.Huang@rsa.com Sr. Technology Consultant GCR Minimum Requirements of Security Management and Compliance
More informationwhitepaper The Benefits of Integrating File Integrity Monitoring with SIEM
The Benefits of Integrating File Integrity Monitoring with SIEM Security Information and Event Management (SIEM) is designed to provide continuous IT monitoring, actionable intelligence, incident response,
More informationFidelis XPS Power Tools. Gaining Visibility Into Your Cloud: Cloud Services Security. February 2012 PAGE 1 PAGE 1
Fidelis XPS Power Tools Gaining Visibility Into Your Cloud: Cloud Services Security February 2012 PAGE 1 PAGE 1 Introduction Enterprises worldwide are increasing their reliance on Cloud Service providers
More informationIBM Data Security Services for endpoint data protection endpoint data loss prevention solution
Automating policy enforcement to prevent endpoint data loss IBM Data Security Services for endpoint data protection endpoint data loss prevention solution Highlights Protecting your business value from
More informationDLP Vendors 8/8/2011. Data Loss Prevention: What We ve Learned from WikiLeaks TECH 15. A Few Good Questions
Data Loss Prevention: What We ve Learned from WikiLeaks TECH 15 Aubrey Turner Fishnet Security Pat Archbold - IntApp A Few Good Questions Do you know where your sensitive data resides and its current controls?
More informationMetrics that Matter Security Risk Analytics
Metrics that Matter Security Risk Analytics Rich Skinner, CISSP Director Security Risk Analytics & Big Data Brinqa rskinner@brinqa.com April 1 st, 2014. Agenda Challenges in Enterprise Security, Risk
More informationOutbound Email Security and Content Compliance in Today s Enterprise, 2005
Outbound Email Security and Content Compliance in Today s Enterprise, 2005 Results from a survey by Proofpoint, Inc. fielded by Forrester Consulting on outbound email content issues, May 2005 Proofpoint,
More informationCloudPassage Halo Technical Overview
TECHNICAL BRIEF CloudPassage Halo Technical Overview The Halo cloud security platform was purpose-built to provide your organization with the critical protection, visibility and control needed to assure
More informationSecuring Remote Access in the Federal Government: Addressing the Needs for Telework and Continuity of Operations. RSA Solution Brief
RSA Solution Brief Securing Remote Access in the Federal Government: Addressing the Needs for Telework and Continuity of Operations RSA Solution Brief The Telework Improvements Act of 2009 that was introduced
More informationRSA Solution Brief. The RSA Solution for Cloud Security and Compliance
The RSA Solution for Cloud Security and Compliance The RSA Solution for Cloud Security and Compliance enables enduser organizations and service providers to orchestrate and visualize the security of their
More informationCloudPassage Halo Technical Overview
TECHNICAL BRIEF CloudPassage Halo Technical Overview The Halo cloud security platform was purpose-built to provide your organization with the critical protection, visibility and control needed to assure
More informationDid you know your security solution can help with PCI compliance too?
Did you know your security solution can help with PCI compliance too? High-profile data losses have led to increasingly complex and evolving regulations. Any organization or retailer that accepts payment
More informationSECURE YOUR DATA EXCHANGE WITH SAFE-T BOX
SECURE YOUR DATA EXCHANGE SAFE-T BOX WHITE PAPER Safe-T. Smart Security Made Simple. 1 The Costs of Uncontrolled Data Exchange 2 Safe-T Box Secure Data Exchange Platform 2.1 Business Applications and Data
More informationINCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN. Albin Penič Technical Team Leader Eastern Europe
INCREASINGLY, ORGANIZATIONS ARE ASKING WHAT CAN T GO TO THE CLOUD, RATHER THAN WHAT CAN Albin Penič Technical Team Leader Eastern Europe Trend Micro 27 years focused on security software Headquartered
More informationEnsuring Security and Compliance of Your EMC Documentum Enterprise Content Management System: A Collaborative Effort of EMC Documentum and RSA
Ensuring Security and Compliance of Your EMC Documentum Enterprise Content Management System: A Collaborative Effort of EMC Documentum and RSA Applied Technology Abstract This white paper discusses the
More informationSecuring the Journey to the Private Cloud. Dominique Dessy RSA, the Security Division of EMC
Securing the Journey to the Private Cloud Dominique Dessy RSA, the Security Division of EMC June 2010 Securing the Journey to The Private Cloud The Journey IT Production Business Production IT-As-A-Service
More informationRSA and Microsoft s Build in vs.bolt On
RSA and Microsoft s Build in vs.bolt On Kimmo Bergius, Microsoft Petri Vilander, RSA, Security Division of EMC What Microsoft and RSA did Announce? Microsoft and RSA partnering with a Built-In systems
More informationInformation & Asset Protection with SIEM and DLP
Information & Asset Protection with SIEM and DLP Keeping the Good Stuff in and the Bad Stuff Out Professional Services: Doug Crich Practice Leader Infrastructure Protection Solutions What s driving the
More informationAutomate PCI Compliance Monitoring, Investigation & Reporting
Automate PCI Compliance Monitoring, Investigation & Reporting Reducing Business Risk Standards and compliance are all about implementing procedures and technologies that reduce business risk and efficiently
More informationMcAfee Network Data Loss Prevention Administration Intel Security Education Services Administration Course
McAfee Network Data Loss Prevention Administration Intel Security Education Services Administration Course The McAfee Data Loss Prevention Administration course enables attendees to receive in-depth training
More informationRSA Solutions for VMware and Vblock. Dominique Dessy Senior Technical Consultant
RSA Solutions for VMware and Vblock Dominique Dessy Senior Technical Consultant Agenda What is a Vblock? RSA s Approach to Securing Vblock Typical use cases Vblock A New Way of Delivering IT to Business
More informationBest Practices for DLP Implementation in Healthcare Organizations
Best Practices for DLP Implementation in Healthcare Organizations Healthcare organizations should follow 4 key stages when deploying data loss prevention solutions: 1) Understand Regulations and Technology
More informationEnterprise Security Critical Standards Summary
Enterprise Security Critical Standards Summary The following is a summary of key points in the Orange County Government Board of County Commissioners (OCGBCC) security standards. It is necessary for vendors
More informationCONVERGED DATA PROTECTION. ITSA Nürnberg
CONVERGED DATA PROTECTION ITSA Nürnberg DRUVA Company Founded in 2008 in Pune, India Headquartered in Silicon Valley 5 Offices worldwide, 24x7 Support Backed by Sequoia and EMC End of 2014 +3000 Customers,
More informationUnified Security, ATP and more
SYMANTEC Unified Security, ATP and more TAKE THE NEXT STEP Martin Werner PreSales Consultant, Symantec Switzerland AG MEET SWISS INFOSEC! 27.01.2016 Unified Security 2 Symantec Enterprise Security Users
More informationTRITON - Data Security Help
TRITON - Data Security Help Websense Data Security v7.5.3 1996 2010, Websense, Inc. All rights reserved. 10240 Sorrento Valley Rd., San Diego, CA 92121, USA Published 2010 Printed in the United States
More informationThe Cloud App Visibility Blindspot
The Cloud App Visibility Blindspot Understanding the Risks of Sanctioned and Unsanctioned Cloud Apps and How to Take Back Control Introduction Today, enterprise assets are more at risk than ever before
More informationIT Security & Compliance. On Time. On Budget. On Demand.
IT Security & Compliance On Time. On Budget. On Demand. IT Security & Compliance Delivered as a Service For businesses today, managing IT security risk and meeting compliance requirements is paramount
More informationDeployment Guide. Websense TRITON AP-DATA Gateway and Discover. v8.0.x
Deployment Guide Websense TRITON AP-DATA Gateway and Discover v8.0.x 1996 2014, Websense, Inc. All rights reserved. 10900 Stonelake Blvd, 3rd Floor, Austin, TX 78759, USA Published December 2014 Printed
More informationTable of Contents. 2015 Cicero, Inc. All rights protected and reserved.
Desktop Analytics Table of Contents Contact Center and Back Office Activity Intelligence... 3 Cicero Discovery Sensors... 3 Business Data Sensor... 5 Business Process Sensor... 5 System Sensor... 6 Session
More informationHow to Secure Your SharePoint Deployment
WHITE PAPER How to Secure Your SharePoint Deployment Some of the sites in your enterprise probably contain content that should not be available to all users [some] information should be accessible only
More informationHow APIs Turned Cloud on Security on Its Head
SEC-R09 How APIs Turned Cloud on Security on Its Head Rajneesh Chopra, VP of Products, Netskope @rajnchop How APIs Turned Cloud Security on Its Head What happened to the perimeter? APIs make us move fast
More informationFor your eyes only - Encryption and DLP Erkko Skantz
For your eyes only - Encryption and DLP Erkko Skantz Symantec Finland 1 USER PRODUCTIVITY INFORMATION MANAGEMENT DATA CENTER SECURITY 2 Focus on information 3 Today's System-Centric Enterprise Data Center
More informationSecuring Office 365 with MobileIron
Securing Office 365 with MobileIron Introduction Office 365 is Microsoft s cloud-based productivity suite. It includes online versions of Microsoft s most popular solutions, like Exchange and SharePoint,
More informationUsing Data Loss Prevention for Financial Institutions Banks, Credit Unions, Payments
Using Data Loss Prevention for Financial Institutions Banks, Credit Unions, Payments How Data Loss Prevention (DLP) Technology can Protect Sensitive Company & Customer Information and Meet Compliance Requirements,
More informationRSA Via Lifecycle and Governance 101. Getting Started with a Solid Foundation
RSA Via Lifecycle and Governance 101 Getting Started with a Solid Foundation Early Identity and Access Management Early IAM was all about Provisioning IT tools to solve an IT productivity problem Meet
More informationRSA, The Security Division of EMC RSA Data Loss Prevention Suite v6.5. Security Target
RSA, The Security Division of EMC RSA Data Loss Prevention Suite v6.5 Security Target Evaluation Assurance Level: EAL2 Augmented with ALC_FLR.1 Document Version: 0.7 Prepared for: Prepared by: RSA, The
More informationThe Impact of HIPAA and HITECH
The Health Insurance Portability & Accountability Act (HIPAA), enacted 8/21/96, was created to protect the use, storage and transmission of patients healthcare information. This protects all forms of patients
More information