Endpoint & Media Encryption

Similar documents
EnCase Forensic Product Overview

USG Data at Rest Encryption/Protection

Windows Hard Disk Encryption

= AUDIO. The Importance of Mobile Device Management in HIT. An Important Reminder. Mission of OFMQ 12/9/2015

Vs Encryption Suites

How To Use Encase On A Computer Or A Hard Drive (For A Computer)

Encryption as a Cloud Service provides the lowest TCO

Protecting Personal Information: The Massachusetts Data Security Regulation (201 CMR 17.00)

Just EnCase. Presented By Larry Russell CalCPA State Technology Committee May 18, 2012

Using End User Device Encryption to Protect Sensitive Information

Disk Encryption. Aaron Howard IT Security Office

Security Industry Market Share Analysis

PGP Whole Disk Encryption Implementation

THE EXECUTIVE GUIDE TO DATA LOSS PREVENTION. Technology Overview, Business Justification, and Resource Requirements

GUIDANCE SOFTWARE EnCase Portable. EnCase Portable. A Data Collection and Triage Solution that Anyone can Use

Symantec Drive Encryption for Windows

Allstate Insurance Company s Local Data Protection (LDP) Project

SafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud

SafeNet Data Encryption and Control. Securing data over its lifecycle, wherever it resides from the data center to endpoints and into the cloud

Bullseye. Evaluation Copy. Enterprise Data Protection

Vendor Landscape: Endpoint Encryption

Wellesley College Written Information Security Program

Encryption Made Simple for Lawyers

Compatibility with Encryption Products

PGP Whole Disk Encryption Training

Enterprise Cybersecurity Best Practices Part Number MAN Revision 006

Encryption Buyers Guide

Industrial Security for Process Automation

2014 All Rights Reserved ecfirst. An ecfirst Case Study: Encryption

Guidelines on use of encryption to protect person identifiable and sensitive information

Written Information Security Plan (WISP) for. HR Knowledge, Inc. This document has been approved for general distribution.

Information Security Policy

micros MICROS Systems, Inc. Enterprise Information Security Policy (MEIP) August, 2013 Revision 8.0 MICROS Systems, Inc. Version 8.

Bryan Hadzik Network Consulting Services, inc. Endpoint Security Data At Rest

Global Endpoint Security Market

Endpoint protection for physical and virtual desktops

Required Software Product List

SafeGuard Easy upgrade guide. Product version: 7

Data Storage for Research. Michael Pinch

McAfee Endpoint Encryption for Files and Folders. Best Practices. For EEFF product version 4.0.0

SafeGuard Enterprise upgrade guide. Product version: 6.1

Quick Install Guide. Lumension Endpoint Management and Security Suite 7.1

Building A Secure Microsoft Exchange Continuity Appliance

SECURING YOUR SMALL BUSINESS. Principles of information security and risk management

Administering Windows Server 2012

2009 NASCIO Recognition Awards Nomination. A. Title: Sensitive Data Protection with Endpoint Encryption. Category: Information Security and Privacy

How To Protect Your Data From Harm With Safenet

Managing BitLocker With SafeGuard Enterprise

SecureAge SecureDs Data Breach Prevention Solution

Sophos Deployment Packager user guide. Product version: 1.2

Confidence in a Connected World. MEEC Symantec Product Availability. John Lally MD Education Account Executive John_Lally@symantec.

Symantec Endpoint Encryption Deployment Best Practices and Roadmap

Malware and Other Malicious Threats

Data Security Considerations for Research

SECURING ENTERPRISE NETWORK 3 LAYER APPROACH FOR BYOD

PGP Product Update Juha Ropponen

Sophos SafeGuard Native Device Encryption for Mac Administrator help. Product version: 7

Small and Midsize Business Protection Guide

A Practical Guide to Understanding and Complying with Massachusetts Data Security Regulations. February 2010

Enterprise Security Critical Standards Summary

Belmont Savings Bank. Are there Hackers at the gate? 2013 Wolf & Company, P.C.

Are You in Control? MaaS360 Control Service. Services > Overview MaaS360 Control Overview

Endpoint protection for physical and virtual desktops

Bitdefender GravityZone Sales Presentation

The Encryption Anywhere Data Protection Platform

Microsoft Software Update Services and Managed Symantec Anti-virus. Michael Satut TSS/Crown IT Support

Apps. Devices. Users. Data. Deploying and managing applications across platforms is difficult.

Required Software Product List

Virtualization: Benefits & Pitfalls. Matt Liebowitz, Kraft Kennedy Tim Garner, Aderant Mike Lombardi, Vertigrate Sergey Polak, Ropes & Gray LLP

Global security intelligence. YoUR DAtA UnDeR siege: DeFenD it with encryption. #enterprisesec kaspersky.com/enterprise

Managing BitLocker Encryption

Keeping Data Safe. Patients, Research Subjects, and You

Transcription:

Endpoint & Media Encryption Bill Kyrouz, Senior Applications Manager Bingham McCutchen LLP ILTA Boston City Rep (CR) Tim Golden, Principal Architect Enterprise Architecture & IT Governance McGuireWoods LLP

201CMR17 (Massachusetts Data Security Regulations) Personal information, a Massachusetts resident's first name and last name or first initial and last name in combination with any one or more of the following data elements that relate to such resident: (a) Social Security number; (b) driver's license number or state-issued identification card number; or (c) financial account number, or credit or debit card number, with or without any required security code, access code, personal identification number or password, that would permit access to a resident s financial account; provided, however, that Personal information shall not include information that is lawfully obtained from publicly available information, or from federal, state or local government records lawfully made available to the general public. [201 CMR 17.02]

201CMR17 (Massachusetts Data Security Regulations) (a) Social Security number; (b) driver's license number or stateissued identification card number; or (c) financial account number, or credit or debit card number These need to be protected while: Stored on laptops or portable media Transmitted over public networks such as the Internet Transmitted wirelessly

but as a law firm, we answer to higher authorities: Attorney-Client Privilege Securing our client s Intellectual Property & Competitive Intelligence We have a great deal of data that is treated as sensitive and in need of encryption in a variety of media...

The only safe assumption that a company can make to avoid the consequences of a data breach and disclosure is to assume that a mobile device contains sensitive data. It is impractical to attempt to classify either the devices or the information on them, encrypting some devices but not others. Gartner, 2009 Oops. Oklahoma Department of Human Services (DHS), 2009

Laptop & Portable Media Help Forming Your Shortlist General Services Administration Data at Rest Encryption Awardees (www.gsa.gov) Office of Management and Budget, US Department of Defense and GSA teamed up to identify products government agencies could use to protect sensitive, unclassified data residing on government laptops, other mobile computing devices and removable storage media devices [Warning this is getting dated!] SANS What Works program (www.sans.org/whatworks) 5.2 Mobile Data Protection and Storage Encryption

Selecting Encryption Solutions Full Disk Encryption VS File & Folder Encryption

Selecting Encryption Solutions System Performance End User Experience

Selecting Encryption Solutions Encryption Management Capabilities

Selecting Encryption Solutions Now Patching Now Patching Now Patching Password:?? Maintenance Windows

Laptop & Portable Media A sample playing field Checkpoint (PointSec) Credant Mobile Guardian McAfee SafeBoot Mobile Armor Data Armor SPYRUS Talisman Symantec Endpoint Encryption Utimaco PGP (now Symantec) GuardianEdge (now Symantec) Microsoft Bitlocker Secure Computing Fiberlink Info Security Corp Secret Agent SafeNet ProtectDrive WinMagic SecurDoc SecurStar DriveCrypt 7-zip FreeOTFE TrueCrypt Encryption Solutions SkyLOCK Dekart Private Disk Beachhead Solutions BOLD items are in Gartner s leaders quadrant for endpoint data protection

ILTA Survey Results TrueCrypt Symantec PGP Other Credant Bitlocker N/A 0% 5% 10% 15% 20% 25%

Laptop & Portable Media RFP/Issues to consider Encrypt all our user s data Robust encryption algorithm(s) User friendly (read: seamless) Easy Deployment Removable drive encryption Minimal (or no noticeable) performance hit No interference with shared computers No conflicts with our existing environment Ease of management (PW resets, etc.) & integration with Active Directory No interference with our desktop deployment or desktop/laptop maintenance procedures (Dell OMCI, WoL, etc.)

Laptop & Portable Media Bill & Tim s Shortlist Checkpoint PointSec Credant Mobile Guardian Trend Micro Mobile Armor Data Armor Symantec Endpoint Encryption (formerly Guardian Edge) Sophos Utimaco SafeGuard TrueCrypt BOLD items are in Gartner s leaders quadrant for endpoint data protection

Your endpoint encryption charter has made it through the finance committee! We adjusted your budget to $0.

Laptop & Portable Media Low or No Budget Options Some regulations take the size of the organization into consideration: [You must maintain physical and technical security safeguards] that are appropriate to (a) the size, scope and type of business of the person obligated to safeguard the personal information under such comprehensive information security program (201 CMR 17.03) Inexpensive viable options may include: MS BitLocker TrueCrypt But take note: Commercial software is available to access a Bitlocker encrypted file

How to deploy? Start with IT Use a Risk Based Approach Eventually Hit Everyone

Handheld Devices This is a non negotiable cost of doing business. Encryption may exempt you from security disclosure laws in the event of loss or theft of a device.

One Policy to Rule Them All Bingham s requirements: Email - Messages Policy Enforcement - Device Encryption Policy Enforcement - Lockout Policy Enforcement Password Complexity Policy Enforcement - Remote PWD Reset Policy Enforcement - Remote Wipe Policy Enforcement - Transport Encryption Policy Enforcement - Wipe on Bad PWD [10 strikes and you re out] System - Works with existing Bingham technologies (m)

Reach Bill at: wkyrouz@bingham.com @Kyrouz on Twitter Reach Tim at: tgolden@mcguirewoods.com @Tim_Golden on Twitter

Secure File Transfer Internal server, appliance or virtual appliance SFTP Accellion SFT Biscom BDS AllardSoft Filetransfer Pros/Cons Windows vs Non-windows.. important features... subscription model versus not... hardware versus software versus virtual appliance...

Secure File Transfer Hosted Solutions www.yousendit.com (limit 2GB) sendthisfile.com free for files up to 2GB optional features include dedicated server, dedicated bandwidth No anti-virus What to look for: SSL protected interface (it s not a given!) anti-virus

Is this you?

Better (and free!) alternatives KeePass http://keepass.info Password Safe (Demo) http://passwordsafe.sourceforge.net

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information