資安大未來 ~ 解析企業脈動

資安大未來 ~ 解析企業脈動 Websense Inc 台灣區經理邱薏引 web security data security email security

國外案例

資安真實案例某銀行董事會開完會後 5 分鐘, 媒體報導已 po 上網... 某高科技製造業, 嘔心瀝血長達半年的產品設計, 在發表的同一天, 競爭對手也發表一款相似度高達 95% 的產品! 詐騙集團企業化經營, 有計劃地偷竊客戶資訊, 企業不甘數次名譽損失, 主動協同警方辦案某知名企業, HR 高階主管中了間諜軟體, 在不知情地狀況下, 公司薪資資料被 po 上論壇, 差點導致大規模離職潮 4

資訊安全要怎麼做呢? External Threats DISCOVER Internal Data WHO Classify WHAT CLASSIFY Discover ESSENTIAL INFORMATION PROTECTION MONITOR WHERE Monitor HOW PROTECT

所以企業大量投資資安外對內 Firewalls AVs IPS/IDS SPAM WAF 內對外 DRM Encryption Device control Recorded Access control.. 成效呢?? 6

生命會找到出路透過封鎖基礎建設來防堵洩密不是長久之計 Almost 50% of all IT managers封鎖的方式將限制企業 surveyed admit 獲益於新的技術來拓展業務 their users try to bypass security policies. (Websense 2009 Web 2.0 @ Work, International Survey) 無法預測使用者透過何種方式突破封鎖以完成他們的工作目標

資安角度的演變 Companies want their staff to exploit these networks Need to protect against malware hidden in these fabrics or inappropriate content in real time. Companies are providing value to these networks Need to protect against inadvertent data loss of confidential information into these fabrics in real time Consumer Producer 安全性便利性

Websense - Our Global Presence STOCKHOLM, SWEDEN ROTTERDAM, NETHERLANDS 1,400 employees DUBLIN, IRELAND across READING, ENGLAND LOS GATOS, CA PARIS, FRANCE HAMBURG, GERMANY 35 DALLAS, countries TEXAS and ISTANBUL, 26 TURKEY offices. MADRID, SPAIN TOKYO, JAPAN SAN DIEGO, CA MILAN, ITALY ISRAEL BEJING, CHINA 9,000 partners worldwide. INDIA SHANGHAI, CHINA DUBAI, UAE GUANGZHOU, CHINA HONG KONG TAIPEI KUALA LUMUR SINGAPORE Corporate Offices Engineering/Ops Sales Offices SAO PAULO, BRAZIL SYDNEY, AUSTRALIA MELBOURNE

Websense Milestones Websense Evolution Real-time security & content management Unified Content Management Web Filtering: Block inappropriate content in the workplace Manage Internet access for productivity Protect by blocking access to compromised sites; ThreatSeeker technology Essential Information Protection 1994 2000 2004 2006 2007 2008 2009 2010 Investment in R&D more than doubled over last three years Acquired Inktomi Traffic Server Acquired Port Authority Technologies Acquired SurfControl Investment & Innovation Acquired Defensio

Websense - Innovation Leadership Innovation First to market with phishing protection Nov 02 First to market with drive by and backchannel spyware protection Nov 02 First to market with crimeware/keylogger protection Nov 04 47 patents granted worldwide First to market with bot network protection Feb 06 First to add natural language processing to DLP. Jun 07 First to deliver in Web email Data development bi directional for security our intelligence technology Dec 07 First to market with dynamic Web 2.0 content categorization Mar 08 First to create an Internet HoneyGrid that melds honeypots and Mar 08 advanced grid computing capable of parsing one billion pieces of content daily First to deliver a hybrid virtual service platform combining the best of Feb 10 appliances and cloud based services 106 patents pending and 30 submissions

Comprehensive Recognition 2009 Secure Web Gateway MQ: Leaders Quadrant 2009 Content Aware Data Loss Prevention MQ: Leaders Quadrant Secure Web Gateway: 2008 Worldwide Market Share Leader 2009 North American Content Management Product Innovation of the Year Award 2009 Global Content Filtering Products Market Leadership Award Content Filtering Competitive Landscape, 2008: THE Market Leader Content Filtering: 2008 Market Share Leader Content Security Suites Wave, Q2 2009: Sole Leader Web Filtering Wave, Q2 2009: Recognized Leader Email Filtering Wave, Q2 2009: Recognized Leader Web Security: 2008 Worldwide Market Share Leader Data Leak Prevention Wave, Q2 2008: Recognized Leader DLP Market Quadrant 2009: Short List 2009 Corporate Web Security Market Quadrant: Recognized Leader Corporate Web Security: 2008 Install Base & Revenue Market Share Leader Content Filtering: Information Protection Decision Matrix: On Shortlist Highest aggregate technology rating Content Filtering: 2008 Worldwide Market Share Leader 14

Unified Content Security in Action Maximize ROSI & reduce TCO Security against modern threats Comply with regulations A strategic vendor relationship

THE CHALLENGE How the security landscape has changed web security data security email security

Business Challenges Strategic Planning Business Planning Infrastructure Management Security Management How do I reduce the cost of securing against each new threat and get the best return on security investment? How can I expand access to more customers without increasing my risk of malware & data loss? How can I allow partners to access internal resources without risk? How can I protect remote employees from leaking data when they are on the road? How do I protect my company against modern threats that span multiple vectors? 2010 Websense, Inc. All rights reserved.

Business Needs Maximize ROSI * & Reduce TCO Improve Security Adhere to new regulations Build strategic relationships Improve employee effectiveness & efficiency Reduce security CAPEX Unify the policies and protection throughout the organization Protection against modern threats that span many vectors Instant best practice deployment aligned with regulations Vendor consolidation With Websense you can address all these business needs today. Vendor reliability Reduce security OPEX Reduce risk of new business initiatives Improved service & support * Return on Security Investment

Technology Trends Interconnectivity of business across more complex sites with user generated content predominating. Businesses are taking advantage of these new web sites to reach new and existing audiences Attempting to block these sites or lock down your infrastructure is a strategy we see circumvented time and again. Data now lives outside your network, more so if you use SaaS applications. The focus from criminals is to steal data and monetize that. They blend their attacks across multiple vectors. URL lists and signature based security mechanisms cannot keep up, at best AV can clean up.

There s an app for that. The economic & business argument for SaaS applications is unassailable. Business is now digitally enabled and socially connected.

Exploiting the new Web - Dell Would you market to a population as large as the US? Facebook alone has a population of 300 million active users, 50% logon every day. 22

Exploiting the new Web US Gov These new social fabrics are not just used by commercial organisations. Broadcast costs can be much more cost effective than other media. 23

Threats Span Multiple Vectors Email with URL Website downloads Trojan malware Confidential data harvested Hacker collects data from web site User visits popular site Website downloads Trojan malware Confidential data harvested Hacker collects data via IRC chat USB dropped in car park Confidential data harvested Hacker collects data with SMTP engine

Traditional Security Can t Keep Up See the proof for yourself at the: Security Effectiveness Center http://securitylabs.websense.com/ Number of real time security updates

To Summarize The Challenge Free flow of information leads to competitive advantage New threats are hard to distinguish from legitimate business process Point security solutions exhibit blind spots from lack of shared intelligence Superficial integration causes weak reporting & management systems

THE SOLUTION Unified Content Security to Protect Your Essential Information: TRITON web security data security email security

Our Guiding Principles Maximize the Return on Security Investment (ROSI) & Reduce TCO Counter modern threats through content and context awareness Consistently enforce policies, regulation and statutory compliance Provide flexible deployment without additional complexity or compromise

Unified Content Security Shared threat intelligence Websense owns the intellectual property Unified for content analysis: proactive Unified protection Content against Platform modern threats. Maintain innovation Analysis leadership against vendors who OEM threat intelligence Adaptable to new threats Owning the intellectual capital for content analysis leads to greater innovation Unified Solution

Unified Content Security Unified console for shared management, reporting, po licies & enforcement Comprehensive and meaningful reports and policies Unified Platform Unified Content Analysis Policy management and reporting is consistent and comprehensive across all threat vectors. Analysis & intelligence drive actionable policies Unified Solution

Unified Content Security Software, appliance or cloud based deployment to suit business environment More resilient to technological change without extra CAPEX Leverage virtualization technologies to mix and match platform options Unified Solution Unified Content Analysis We are platform agnostic. Unified We let customers decide what is best for Platform their circumstances. This has major cost benefits.

Announcing TRITON TRITON is the industry s first unified security architecture that integrates web, data and email 32

Unified Content Security in Action Maximize ROSI & reduce TCO Security against modern threats Comply with regulations A strategic vendor relationship

TRITON Architecture Web Security Data Security Email Security ThreatSeeker Network TRITON unified content security SaaS Appliance Software Mix & match on premise and in the cloud deployment TRITON unified security center

Explaining ThreatSeeker Network 1 billion pieces of content per day Websense Web Security Gateway Threat Detection/Probes Real-Time Security Updates Shared Analytics/Feedback ThreatSeeker Technology 2+ million posts per day Websense Hosted Customers Defensio ThreatSeeker Technology Websense Security Labs 200+ million sites per day 10+ million emails per hour Websense Hosted Security URL and Security Database

Deployment Options SaaS Appliance Software No On-Premise Equipment or Upgrades Security Effectiveness Full Policy Management & Reporting Control Web & Email Integration Carrier Grade Datacenter Availability & Security Simplified Deployment Scalable, Enterprise Performance Easy-to-Use Management Extensible Security Platform Leading Price- Performance Granular Control Performance Scalability Standard Hardware Leverage Investments in Virtual Computing

TRITON Unified Security Center Unified management console for policy management and reporting Full system administration from one console Role based application and control for Web, email, and data loss prevention Provides unified content analysis, unified platform, and unified solution for content security Best security at the lowest total cost of ownership

THE MODULES Understanding the Websense product portfolio at a glance web security data security email security

The Websense modules explained Click on a product area or click next to continue NEXT

Web Security Securing the new Web web security data security email security

The Web Security Challenge ENABLE broad business use of Web 2.0 sites like LinkedIn, Facebook, and Salesforce without the risks Outbound data loss and compliance Web mail Posting to social media Web-based Malware AV cannot keep pace with dynamic Web and script-based attacks Another data loss vector Web 2.0 Content Classification Mixed-content and password-protected sites defy traditional content filtering Drains productivity and increases malware risk Rising Web security TCO Managing multiple vendors and products Supporting distributed enterprise Inbound mixed content, maliciou s scripts AV, Filter, DLP Outbound PII, CC#, SSN, health, finan cial

Web Security Gateway Anywhere 運作方式 ThreatSeeker TECHNOLOGY WEBSENSE Web Security Gateway Dynamic Threat Protection SSL S S L Dynamic Content Control Web Security v7 TruWeb DLP ThreatSeeker TECHNOLOGY Websense Security Labs 39 percent of malicious Web attacks included data stealing code 43

Web 2.0 without Websense-iGoogle 44

Web 2.0 with Websense-iGoogle 45

一般廠商對於 Web 2.0 的處理方式落後的分類技術, 導致漏擋或誤擋網頁信評 YES NO MAYBE 將整個 Web 2.0 網站內容二分法 all good or all bad 無名小站 = BAD, 封鎖 Yahoo = GOOD, 允許????????

Websense 如何處理 Web 2.0 即時掃描並分類所有內容完整的針對 Web 2.0 惡意內容保護機制 Dynamic threats, malicious scripts, infected Web objects, browser-based applications Granular policy controls based on actual content not past reputation YES NO MAYBE NO YES MAYBE YES YES YES 可以讓員工連結 Web2.0 網站, 但阻隔惡意程式與公司不允許瀏覽的內容

Web User and Destination Awareness DLP policies and reports include user and Web category information Accelerate decision making and compliance Compliance reports immediately reveal sources of outbound risk what, who, and where Separate legitimate business process from compliance violations 2010 All Rights Reserved. Websense, Inc.

Data Security Stop confidential data loss. web security data security email security

Challenge of Data Loss Prevention Ensure uninterrupted business by managing compliance & risks, preventing data loss and securing business processes Manage and measure compliance and risks Delays in generating audit reports and compliance requirements Difficulty uncovering broken or bad business processes Visibility into data stored and in transit Unknown types of data Uncertain risks for each communication channels Securing Business Processes Cannot enforce who can send what Possible damage to company brand and reputation

Websense Data Security Suite Market-leading Data Loss Prevention technology to identify, monitor and protect confidential data Unified Policy Design Only offering with unified policy design IDENTIFY MONITOR PROTECT Manage all facets of effective Data Loss Prevention policy Powerful monitoring capability to track ever changing data (stored and in transit) NSI SOX New Design PII HPIAA PCI DSS Email Http IM Print Removable Media Custom Channel Block Encrypt Quarantine Notify Confirm Application PHI PFI Database Remediate Low Cost and Complexity Modular solution tailors to specific customer requirements Simple deployment and reduced box-count with tight feature integration Server Centralized Management and Reporting

Multiple Facets of Data Loss Prevention Who What Where How Action Human Resources Source Code Benefits Provider File Transfer Audit Customer Service Business Plans Personal Web Storage Web Block The ONLY solution providing Unified Marketing Patient Information Business Partner Instant Messaging Notify Finance Policy M&A Design Plans Blog for effective Peer to Peer and efficient Remove Accounting Employee Salary Customer Email Encrypt Sales Financial Statements Legal Customer Records control Spyware Site Print Quarantine USB Removable Media Confirm Technical Support Technical Documentation Competitor Print Screen Engineering Competitive Information Analyst Copy/Paste

Proven Results and Methodology 14000 12000 10000 8000 6000 4000 2000 Non-Public Personal Information (NPI) Violations 0 Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec Passive Monitoring Notifications Active Enforcement

Any-Services, Anywhere Software-as-a-Service (SaaS) Web Security DLP Email Security Data Security Real-time Intelligence Sharing ThreatSeeker Network Real-time Intelligence Sharing ThreatSeeker Cloud Service SPLOG Phishing V-Series Appliances Fraud Defensio DLP Web Security DLP Web Security DLP Email Security Data Security V5000 V10000

What our customers say? At a glance, why customers protect their business with Websense. web security data security email security

Global brands that trust Websense 56

Customers That Trust Websense Finance Healthcare Insurance Government Construction / Utilities Communications Transportation Manufacturing / Business Retail Education

Customers That Trust Websense Finance Healthcare / Insurance Government Property/Construction / Utilities Communications Transportation Manufacturing/Technology Manufacturing/Technology Retail

Websense Sweeps Forrester Waves Validates our Essential Information Protection Strategy Forrester sees a growing Websense is the best market choice demand today for for consolidated content security organizations looking suites for rather best-of-breed than point products. technologies that have a good suite Web Email Filtering DLP Websense alone leads the content We are a leader focus. in Forrester s security suite market because of its current functionality and suiteoriented product Reports Web, Email and DLP Wave strategy. Forrester Wave : Content Security Suites, Q2 2009 Content Security Suites

In Summary Reduce TCO Increase Security Comply with regulations Build strategic relationships

Questions Thank you for listening web security data security email security

資 安 大 未 來 ~ 解 析 企 業 脈 動

資安大未來 ~ 解析企業脈動