- DLP Des nuages. à la terre ferme



Similar documents
Cloud Security: Evaluating Risks within IAAS/PAAS/SAAS

Cloud Security. Peter Jopling IBM UK Ltd Software Group Hursley Labs. peterjopling IBM Corporation

Strategic Compliance & Securing the Cloud. Annalea Sharack-Ilg, CISSP, AMBCI Technical Director of Information Security

DeviceLock Virtual DLP: Overview & Scenarios

Security Issues in Cloud Computing

Clouds on the Horizon Cloud Security in Today s DoD Environment. Bill Musson Security Analyst

Cloud Backup and Recovery for Endpoint Devices

Office 365 Cloud App Security MARKO DJORDJEVIC CLOUD BUSINESS LEAD EE TREND MICRO EMEA LTD.

Cloud Security. DLT Solutions LLC June #DLTCloud

Security & Cloud Services IAN KAYNE

DISCOVER, MONITOR AND PROTECT YOUR SENSITIVE INFORMATION Symantec Data Loss Prevention. symantec.com

Securing and Auditing Cloud Computing. Jason Alexander Chief Information Security Officer

IBM Cloud Security Draft for Discussion September 12, IBM Corporation

On and off premises technologies Which is best for you?

Cloud Computing for SCADA

Cloud Security Introduction and Overview

Dell World Software User Forum 2013

Secure Cloud Computing

Cloud Computing; What is it, How long has it been here, and Where is it going?

End-user Security Analytics Strengthens Protection with ArcSight

State of Security Monitoring of Public Cloud

DIGITAL GUARDIAN 6. The Foundation of Enterprise Information Protection

Blending Embedded Hardware OTP, SSO, and Out of Band Auth for Secure Cloud Access

Enabling Business Beyond the Corporate Network. Secure solutions for mobility, cloud and social media

Cloud Computing. What is Cloud Computing?

Mobile Device Management in the Systems Management Ecosystem. Katie Wiederholt, Dell Software

Security Information & Event Management (SIEM)

RFI Template for Enterprise MDM Solutions

08/10/2013. Data protection and compliance. Agenda. Data protection life cycle and goals. Introduction. Data protection overview

Cloud Courses Description

Overview of Cloud Computing and Cloud Computing s Use in Government Justin Heyman CGCIO, Information Technology Specialist, Township of Franklin

RSA Data Loss Prevention (DLP) Understand business risk and mitigate it effectively

Quel pilote ètes-vous

East African Information Conference th August, 2013, Kampala, Uganda. Security and Privacy: Can we trust the cloud?

Cloud Computing Security Issues

Keyword: Cloud computing, service model, deployment model, network layer security.

IBM United States Software Announcement , dated February 3, 2015

PROTECTED CLOUDS: Symantec solutions for consuming, building, or extending into the cloud

Enabling Secure BYOD How Fortinet Provides a Secure Environment for BYOD

Securing the Cloud with IBM Security Systems. IBM Security Systems IBM Corporation IBM IBM Corporation Corporation

SECURITY MODELS FOR CLOUD Kurtis E. Minder, CISSP

Introductions. KPMG Presenters: Jay Schulman - Managing Director, Advisory - KPMG National Leader Identity and Access Management

10/25/2012 BY VORAPOJ LOOKMAIPUN CISSP, CISA, CISM, CRISC, CEH Agenda. Security Cases What is Cloud? Road Map Security Concerns

AskAvanade: Answering the Burning Questions around Cloud Computing

Managing Cloud Computing Risk

Attacks from the Inside

Federal Aviation Administration. efast. Cloud Computing Services. 25 October Federal Aviation Administration

Rethinking IT and IT Security Strategies in an Era of Advanced Attacks, Cloud and Consumerization

Data Protection McAfee s Endpoint and Network Data Loss Prevention

360 View of Storage and The Cloud

Requirements Checklist for Choosing a Cloud Backup and Recovery Service Provider

The Cloud App Visibility Blindspot

Cloud Courses Description

CLOUD SECURITY. Rafal Los. Renee Guttmann. Jason Clark SOLUTION PRIMER. Director, Information Security, Accuvant

Assessment & Monitoring

Identity & Access Management The Cloud Perspective. Andrea Themistou 08 October 2015

Cloud-Based dwaf A Real World Deployment Case Study. OWASP 5. April The OWASP Foundation

Mobile, Cloud, Advanced Threats: A Unified Approach to Security

Information Technology: This Year s Hot Issue - Cloud Computing

Are You Prepared for the Cloud? Nick Kael Principal Security Strategist Symantec

The Evolution of the Enterprise And Enterprise Security

SAP HANA Cloud Platform. Technical Overview Uwe Heinz

EXECUTIVE SUMMARY Cloud Backup for Endpoint Devices

How To Monitor Hybrid It From A Hybrid Environment

Cloud Data Security. Sol Cates

Trust but Verify. Vincent Campitelli. VP IT Risk Management

Codeproof Mobile Security & SaaS MDM Platform

REVOLUTIONIZING ADVANCED THREAT PROTECTION

Background. Liwei Ren. Trend Micro

Assessing Risks in the Cloud

Cloud Access Security Broker. Ted Hendriks HP Atalla Pre-Sales Consultant, APJ Region HP Enterprise Security Products

Customer Cloud Architecture for Mobile.

_Firewall. Palo Alto. How Logtrust works with Palo Alto Networks

Hexaware E-book on Q & A for Cloud BI Hexaware Business Intelligence & Analytics Actionable Intelligence Enabled

Cloud Essentials for Architects using OpenStack

Harnessing the Power of the Microsoft Cloud for Deep Data Analytics

Ensuring the Security of Your Company s Data & Identities. a best practices guide

Enterprise Security Solutions

Ben Hall Technical Pre-Sales Manager

Cloud Computing in the Enterprise An Overview. For INF 5890 IT & Management Ben Eaton 24/04/2013

A Survey on Cloud Security Issues and Techniques

Module 1: Facilitated e-learning

Junos Pulse. Uwe Nelkel Business Development Manager Junos Pulse. IBM Golf Cup, Golfclub Holledau, September 14 th 2011

Transcription:

- DLP Des nuages à la Paris, 23 Novembre 2010

Agenda Notion de Data Leak Prevention Retour sur le Cloud Mesures de sécurité spécifiques au Cloud Quel est la nécéssité du DLP dans le Cloud? DLP dans le Cloud et sur la La protection des données en mouvement, en utilistation et stockées DLP Functional Split for the Cloud Conclusion www.devicelock.com 22

Data Leak Prevention in Brief Prevent unauthorized use and transfer of sensitive corporate information by protecting Data in motion (DIM) network transmissions Data in use (DIU) endpoint actions Data at rest (DAR) data storage Functions Control of data transfer/storage operations (context-based) Content monitoring and filtering (core DLP technology) Content discovery & classification Event logging and alerting, data shadowing Incident management Central administration and policy management www.devicelock.com 33

Data Leak Prevention in Brief (cont.) DLP types Network-based (DLP appliances) Perimeter control of data transmissions from/to internal PCs and servers in the office High performance processing Most effective and unique for email content filtering Endpoint (host-resident software DLP agents) Desktops, laptops, netbooks, tablets, smartphones Control over local data channels DLP for remote and mobile computers Hybrid Combine unique features of both network-based and endpoint DLP components Functionally most complete www.devicelock.com 44

Cloud Computing At-a-Glance Cloud computing is an implementation of the IT as a utility dream for a modern enterprise Reference model of Cloud computing stack (left) Visual Cloud computing definition (below) Source: Cloud Security Alliance Guidance Version 2.1 (2009) NIST Visual Model of Cloud Computing Definition (2009) www.devicelock.com 55

Cloud Security Specifics Factors Multi-tenancy Data & apps from different customers share the same computing resources Virtualization Data, applications, OS, virtual machines and networks can dynamically move in the Cloud Computing & network resources abstracted to the highest degree possible No physical separation & control, no static perimeter to protect Data location is distributed, undetectable, and may move any time Split of operational responsibilities between customer and provider(s) Lack of trust: between customer and provider, between different tenants Consequences Specific threat profile - different from those of conventional IT models Information-centric security becomes the core IT security principle Links security controls to information contained in the data Effectively implements risk-based approach to corporate IT security www.devicelock.com 66

Is DLP Necessary for the Cloud? Many other infosecurity mechanism used in the Cloud BUT All other security technologies (except IRM) link their controls to contextual parameters no awareness of information transferred Many scenarios when data leaks cannot be detected Sending email/webmail, copying data to removable media or network shares Information Rights Management (IRM) Manual content classification => does not scale well, expensive to maintain Not usable outside of the organization => business inhibitor DLP is a must for Cloud security Intelligent and automatic content analysis with real-time enforcement Links security controls to the value of information contained in the data Covers risky scenarios not supported by context-based security Source: Cloud Security Alliance Guidance Version 2.1 (2009) www.devicelock.com 77

DLP Position in the Cloud P DL Source: Cloud Security Alliance Guidance Version 2.1 (2009) www.devicelock.com 88

DLP Around the Cloud Corporate endpoints Desktop, laptop, tablet, smartphone/pda Communicate and interact with Corporate Cloud Each other directly (Internet) External users and services Host-resident DLP agents is a must to protect corporate endpoints from many data leak vectors Network communications Local channels removable media, printing, connected smartphones/pdas www.devicelock.com 99

Cloud: Protecting Data In Motion Network communications control and content filtering Controlled by cloud-based DLP only Cloud Cloud(s) External user Cloud External server Cloud Controlled by both cloud-based DLP and endpoint DLP agent Internal User Cloud Internal user Cloud internal user Corporate email, IM, social networking Controlled by endpoint DLP agent only ( Around the Cloud ) Internal user internal user (non-corporate email/webmail, IM, P2P, etc.) Internal user external user Internal user external server www.devicelock.com 10 10

Cloud: Protecting Data In Use Endpoint scenarios ( Around the Cloud ) Data accessed or transferred from/to/inside the endpoint computer through local channels Removable media, printing, connected smartphones/pdas, clipboard Can be controlled by the endpoint DLP agent only Both context-based control and content filtering DIU scenarios for pure Cloud client No data transfer from/to the endpoint computer running the Cloud client All applications operate in the Cloud (e.g. Google Docs) All data in use operations are virtually local to the Cloud Open/save (read/write) a document in a cloud-based word processor to a data store, drive, media in the Cloud Can be fully controlled by cloud-based DLP (gateway, server) only Endpoint DLP agent can control DIU cloud operations at the context-level only By proxying Cloud client s operations questionable approach (too many apps to proxy) www.devicelock.com 11 11

Cloud: Protecting Data At Rest Content discovery Data stores, repositories, databases, file systems In the Cloud By cloud-based discovery tools Most effective By endpoint tools Cloud-based file shares accessible via CIFS/SMB, WebDAV On corporate endpoints By endpoint DLP agents Optimal By cloud-based discovery tools Much less effective, sometimes impossible www.devicelock.com 12 12

DLP Functional Split for the Cloud DLP Functions / Service Models IaaS PaaS SaaS Custom er Provide r Custom er Provide r Custom er Provide r Data in Motion Protection (Cloud) (Endpoin t) (Cloud) (Cloud) (Endpoin t) Data in Use Protection (Endpoin t) (C-client) (Endpoin t) (C-client) Data at Rest Protection (Endpoin t) (Cloud) (Endpoin t) (Cloud) Alerting, Logging, Shadowing Incident Management DLP (Cloud) (Endpoin t) (Cloud) (Endpoin t) (Cloud) Integrate, Support Integrate, Support Integrate, Support Support Support www.devicelock.com 13 13 Support

Conclusions As the most information-centric security technology, DLP is an indispensable part of the cloud-based IT security architecture DLP functions and components will be split between CSP and customer Performance-sensitive network-based DLP functions will be integrated in the core fabric of all service models including IaaS Application-level network DLP functions may be implemented either by customers or CSP depending on Cloud service model and provider Endpoint DLP agents, DLP management & administration, incident management will remain under the customer s control DLP will become a key element of value-added cloud security services standard for SaaS and PaaS, expected in IaaS Delivery models may very from CSPs to add-on services by 3rd parties www.devicelock.com 14 14

Conclusions (cont.) Successful Cloud DLP services should include The entire set of network-based DLP functions Management API s for centralized DLP management & administration From customer s or provider-supplied DLP management platform Flexible integration with customer s incident management, as well as alerting, logging, data shadowing solutions Contractual support of security compliance auditing, incident investigations and forensic procedures DLP-related professional services (consulting, policy development/revision, security administrator training) DLP vendors will port DLP agents to tablets and smartphones (Android, ios) DLP appliances and management to dominant Cloud platforms www.devicelock.com 15 15

Merci de votre attention Paris, 23 Novembre 2010

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information