View
218
Download
1
Category
Tags:
Preview:
Citation preview
Welcometo
SOPHOS DATA LEAKAGE PREVENTION AND
DATA PROTECTION SEMINAR
28 JAN 2010HOTEL EQUATORIAL KL
Thank you
SC Systems Sdn Bhd
http://www.scsystems.com.my/
http://www.youtube.com/watch?v=bySYNTXtb6U
http://www.facebook.com
https://twitter.com/scsystems
The Team
SC Systems Sdn Bhd
Charles Kong Kevin Ho Caren Lee
Carol Chai Mohd Fedli
Eugene TEH Johnny Yeo
MF Che
SC Systems Sdn Bhd Team
Sophos Malaysia Team
Invited Guest SpeakerMr Ogie Tabor
Sophos Philippines
Our Support and Blogs
SC Systems Sdn Bhd
Phone Support +603-9200 6220 (Normal Office Hour)+603-80767467 (03-80SOPHOS) 24 x 7
support@scsystems.com.my supportasia@sophos.com
support@scsystems.com.my
Normal Office Hour – 2 to 4 hours respond
Normal Office Hour – Immediately *
www.sophos.com/support Sophos Products Knowledgebase- 24 x 7
http://scsys.blogspot.com/
http://www.sophos.com/blogs/gc/
http://www.sophos.com/blogs/duck/
Sophos Malaysia
Mr Che Mun Foong
14
Data Leakage Prevention
Charles Kong S. C.charles@scsystems.com.my
15
What isData Leakage Prevention (DLP)?
Lost Data = Big Problems
16
How is this data exposed?
17
Loss of devices
Leakage via email and web
Leakage via USB
* Data is representative and uses an IDC data point on the split between accidental and deliberate data loss.
Email represents the single greatest potential liability for data loss
Headlines To Be Avoided
NUS Data leakage – 1st April 2009
NUS accidentally leaks personal data of some 15,700 alumni
members
Consequences of personal data falling into the wrong hands
What can organisation do to prevent accidental data leakage?
Source : http://www.zaobao.com.sg/sp/sp090416_501.shtml
NUS Dataleak recommendation
CitiBank Staff Fine !
Hong Kong : Police confidential Data Leak
26th May 2008, police confidential and classified documents
discovered by Foxy King
The documents include information on three undercover police
officers who have bought illegal substances in a dubious Mong
Kok disco and cars used by people suspected of thefts from
motor vehicles in Wong Tai Sin
Source : HKCERTSource : HKCERT
Headlines are the tip of the iceberg
27
Brand damage
Loss of customers
Incremental internal costs
Direct costs of intellectual property loss
Today’s ChallengesRise of stolen/lost Confidential Information
???? Notebook
Lost or stolen weekly at the eight largest airports in EMEA
???? Notebooks
Lost or stolen weekly in US airports (estimated)
July 2008www.vnunet.com/vnunet/news/2223012/eu-travellers-losing-laptops-airports
Today’s Challenges2. Rise of stolen/lost Confidential Information
3.300 Notebook
Lost or stolen weekly at the eight largest airports in EMEA
12.000 Notebooks
Lost or stolen weekly in US airports (estimated)
July 2008www.vnunet.com/vnunet/news/2223012/eu-travellers-losing-laptops-airports
5000 notebooks forgotten in London
Taxis during a 6 months period www.theregister.co.uk/2005/01/25/taxi_survey
Lost laptop orother device
35%
2. Rise of stolen/lost Confidential Information
70% of all company data are stored redundant on Endpoints
(notebooks, desktops, USB Memory sticks), not only on
serversPonemon Institute, U.S. Survey: Confidential Data at Risk, August 2007
Cost of data break will increase 20% per year through 2009Gartner Symposium/ ITxpo , Oct. 2007
Top - reason for Data Breaches in EnterprisesPonemon Institute, 2007 , Anual Study: Costs of Security Breaches
In Asia….
32
Data Leakage Prevention And Regulatory Compliance
Compliance – worldwide explosion
33
Regulation Country Topic
HIPAA Health Insurance Portability and Accountability Act
USA Protection of patients data
GLBA Gramm-Leach-Bliley Act USA Protection of personal financial data
SB 1386 California Senate Bill 1386
CA, USA Protection of personal data
of residents in the state of California
PIPEDAPersonal Information Protection and Electronic Documents Act
Canada Protection of personal data
in business relations
PIPLPersonal Information Protection Law
Japan Comparable to German data protection act
BDSG Bundesdatenschutzgesetz Germany Protection of personal data
DPA Data Protection Act UK Protection of personal data
95/46/EC European Union Directive
Europe European data protection directive
SOX (Euro SOX)Sarbanes-Oxley Act
USA(worldwide)
Increased liability of companies concerning the
presentation of business development
Basel II Europe Policies to control and mitigate operational risk. Optimization of risk management as necessary
34
Finding Data Leaks
Eg;Customer presentation, competitive information
36
Encryption keys lost or stolen
Lost or stolendata on mobile devices
Data theft via removablemedia
Unauthorizedinternal serveraccess
E-mailinterception
Insecure outsourcing
Today’s Challenges
Intellectual Property
39
How Sophos addresses Data Loss Protection
Real integration with unified console, engine and agent
Anti-Virus
Application Control
Behavior (HIPS)
Anti-Spyware
Firewall
PUAs
GenotypeNAC LIGHT
Device Control
Wireless Block
Anti-Rootkit
Endpoint
Security and
Control 9
Data Leakage
Prevention
Real integration with unified console, engine and agent
Anti-Virus
Application Control
Behavior (HIPS)
Anti-Spyware
Firewall
PUAs
GenotypeNAC LIGHT
Device Control
Wireless Block
Anti-RootkitEndpoint
Security and
Control 9.5
Data Leakage
Prevention
Encyrption
42
Data Leakage Prevention- How Sophos Protects You!
So how does it all actually work ?
58
Best explained with a typical “use case”
An example = Bill in HR and his laptop
59
At 4:30pm Bill‘s boss asks him to get some budget figures together
about staffing levels and wages for next year. Bill‘s boss needs it
10am Monday morning for a meeting
Bill‘s bus leaves at 5:10pm and he doesn‘t like taking his laptop on
the bus......so he exports the raw staff data from the ERP sytem and
dumps it to a spreadsheet on his hard drive.
Bill‘s plan is to copy the file to his usb sitck and
leave a bit early (he‘s going to be working all
weekend anyway......)
An example = Bill in HR and his laptop
60
So he plugs in his trusty US key and tries to save the spreadsheet to
his E:
He get‘s a nice pop up messages from SESC9 explaining that the file
trasfer has been blocked. Bill shouldn‘t be doing this (a customisable
message)
An example = Bill in HR and his laptop
61
So he opens explorer and tries copying the file to E:
An example = Bill in HR and his laptop
62
Next he tries to burn to a CD....
An example = Bill in HR and his laptop
63
..... I know !!
An example = Bill in HR and his laptop
64
So he tries to email it to home, via the corporate Outlook email
client....
An example = Bill in HR and his laptop
65
So he tries his Gmail account .....
It’s 4:50... Bill is getting desperate. His bus leave in 20 minutes
66
An example = Bill in HR and his laptop
67
So he tries one last option. Bill zips and encypts the file and
password protects it. And then he tries copying that to his USB
stick....
Potential CNN Moment Averted !!!
68
At 4:55pm Bill realises that he needs to pack up his laptop and take it
with him.
What about encryption ?
You might think that Bill would have been OK to
encrypt the file and take it home.
Bill’s I.T. Department would disagree. While it’s
true that a properly encrypted file, provides
protection for the data transit, what happens when
he unzips it on his home PC ?
Does the I.T. Department control the state of Bill’s
home PC ?
Can they be sure it has up to date AV and is not
compromised by hackers ?
69
71
Demo
SOPHOS Endpoint Security and Data Protection
77
Terms and Conditions apply-excluded migration services-Promo valid until 01 MARCH 2010
Pls acknowledge.
Anti-Virus
Application Control
Behavior (HIPS)
Anti-Spyware
Firewall
PUAs
GenotypeNAC LIGHT
Device Control
Wireless Block
Anti-Rootkit
Endpoint
Security and
Control 9
Data Leakage Prevention
Validity 01 March 2010
No of Devices 12 + 3 months software Support and subscription10-24 RM 21625-49 RM 19450-99 RM 174
100-249 RM 157 250-499 RM 138
500 and above RM 118
78
Free Media Kit (worth RM 250), Free Home Use, Extra 3 months Free software support.
FREE 3 months Software Support and subscription
CNY Services Promo
Version Upgrade Onsite Services (within Klang Valley)
RM 1800 RM 1288 *
Onsite Maintenance (within Klang Valley)
RM 8000 RM 6688 ^ (500 devices and below)
RM 12500 RM 9988 ^ (501 – 999 devices)
Validity by 01 March 2010
79
(*) Upgrade from Ver 8 Management server only(^) total 50 support hours within 1 year. Includes preventive maintenance, version onsite upgrade, hands-on training,Documentation, infection alert, remote monitoring (if applicable), priority support.
Recommended