APT Protection Via Data-Centric Security. Alan Kessler President and CEO Vormetric

Size: px

Start display at page:

Download "APT Protection Via Data-Centric Security. Alan Kessler President and CEO Vormetric"

Jodie Kelly
8 years ago
Views:

1 APT Protection Via Data-Centric Security Alan Kessler President and CEO Vormetric

2 Protect What Matters APT Protection Via Data-Centric Security Alan Kessler President and CEO Vormetric

3 Data Breach Retrospective YouTube.com/VormetricInc

4 How Are We Doing? Perimeter is Failing 100% 94% % of victims have up-to-date antivirus software of breaches are reported by third parties median number of days advanced attackers are on the network before being detected of breaches Involved stolen credentials Source: mandiant.com/threat-landscape/

is a Big Target APTs DATA BREACHES 98% Stolen Records From Large Orgs 2 1.

5 Data-Centric Security Is An Issue Global Compliance, Cloud Adoption, Big Data, Data Breaches GLOBAL COMPLIANCE Aggressive New Regulations CLOUD ADOPTION Enterprise Security #1 Inhibitor 1 BIG DATA Big Data is a Big Target APTs DATA BREACHES 98% Stolen Records From Large Orgs 2 1. Global State of Information Security Survey by PwC, CIO magazine, and CSO magazine October Verizon Data Breach Investigation Report March 2012

6 Data is the New Currency Your Mission: Protect What Matters In the underground market economy, data is money, and much like any other market economy, principles of supply and demand drive it. i Forrester Research, Inc. Measure the Effectiveness of Your Data Privacy Program - January 2013

7 Data is The Target Server Data = Biggest Target laptops Records Compromised Servers Servers <1% Records Compromised 94% 2012 DATA BREACH INVESTIGATION REPORT

Security Models Must Change Old Model Weak Against New Threats Advanced Persistent Threats APTs/New Threats Personal Information Signature-Based Known Old Threats /

8 Security Models Must Change Old Model Weak Against New Threats Advanced Persistent Threats APTs/New Threats Personal Information Signature-Based Known Old Threats / Old Model Intellectual Property Financial Data Anti-Virus Firewalls Advanced Malware Web Gateways Worms, Virus, Spyware, Bots One-Time Events Intrusion Prevention Systems

9 Security Models Must Change Old Model Weak Against New Threats OLD THREATS NEW THREATS Signature Behavioral Random Moves on ADVANCED PERSISTENT THREATS Targeted Patient One-Time Persistent

10 Data is the Target Protecting the Perimeter is Failing

11 Data is the Target Who is Targeting Your Data? Insider Threats Physical theft and Privileged user APTs (Advanced Persistent Threats) Compromise credentials Escalate privileges Gain access Steal data; low and slow Vormetric Solution Provides Data Firewall Access Policies Encryption/Key Management Security

Vormetric Solution Firewall Your Data Issue Data is exposed to the environment where it resides Vormetric Solution Vormetric Policy Firewall Rules Criteria and Effect-based #

12 Vormetric Solution Firewall Your Data Issue Data is exposed to the environment where it resides Vormetric Solution Vormetric Policy Firewall Rules Criteria and Effect-based # User Process Action Effects 1 oracle oracle_binaries any permit, apply key, decrypt 2 root admin_tools read permit, audit, view metadata only 3 any any any deny, audit, view nothing

Vormetric Solution Access Policies / Fine-grained Control Issue Controlling who sees what under what conditions Privileged insiders can have access to all server information

13 Vormetric Solution Access Policies / Fine-grained Control Issue Controlling who sees what under what conditions Privileged insiders can have access to all server information Vormetric Solution Privileged users do their jobs but do not see sensitive information DBA Restrict access at the file level and above Restrict access and action by user, by process, time

14 Vormetric Solution Advanced Encryption/Key management Issue Controlling who sees what under what conditions Vormetric Solution Encryption Database Encryption Cloud Encryption Cloud Security Key Management Fills the gap of Key Management for TDE implementations Encrypt sensitive structured and unstructured data Tightly control access, and report on who accessed protected data

Vormetric Solution Security Intelligence Issue Audit and reporting access Vormetric Solution Security intelligence gleaned from file-level and user

15 Vormetric Solution Security Intelligence Issue Audit and reporting access Vormetric Solution Security intelligence gleaned from file-level and user level access activity Alarm/Denial User Action Process performed Resource Time Reveal Unauthorized Access Attempts Identify Unusual Access Patterns

Data-Centric Security Must Include Transparent, Strong, Easy, Efficient Transparent Transparent to Business Process Transparent to Apps / Users Neutral Data Type Strong Firewall Your Data

16 Data-Centric Security Must Include Transparent, Strong, Easy, Efficient Transparent Transparent to Business Process Transparent to Apps / Users Neutral Data Type Strong Firewall Your Data Protect Privileged User Access Restrict Users and Apps Easy Easy to Implement Easy to Manage Easy to Understand Efficient Minimal Performance Impact Rational SLAs Multiple Environments Perform

17 Protect What Matters APT Protection Via Data-Centric Security Alan Kessler President and CEO Vormetric

Securing Sensitive Data within Amazon Web Services EC2 and EBS

Page 1 Securing Sensitive Data within Amazon Web Services EC2 and EBS Challenges and Solutions to Protecting Data within the AWS Cloud Vormetric, Inc. 2545 N. 1st Street, San Jose, CA 95131 United States: