Embed Size (px)
DESCRIPTION
The Internet may be today’s most crucial enterprise productivity tool. However, unfettered use of this business platform endangers an even more critical business asset—an organization’s essential information—that may range from sensitive intellectual property to financial statements to customer and employee data. Security managers must shift the protection emphasis from guarding infrastructure against inbound attacks—a model suited to perimeter boundaries and the Internet as a content resource—to guarding essential information against outbound data loss, in tune with Web 2.0 and the Internet as a business platform. This session will explain the changing risk environment to help security managers understand new requirements.
Citation preview
web security | data security | email security © 2009 Websense, Inc. All rights reserved.
Essential Information Protection
Surendra Singh, Regional Director, Websense, SAARC
Agenda
Changing Workspace
Data Loss Prevention
Data Loss Risk Assesment
Websense Overview
Desktop of Today
Local applications
and data
Network applications
and data
Basic Web
Applications
Static Websites
Desktop of Tomorrow
Local applications
and data
Network applications
and data
⌧��
Corporate Webmail
⌧��
Instant Messaging
⌧��
Hosted ApplicationsBlogs
⌧��
Local Weather
⌧��
⌧��
Hosted Security
Email Security
YouTube Videos
⌧��
⌧��
Networking
User
Generated
Applications
Hosted
Security
Hosted Applications
and Data
User
Generated
Content
Web-Based Mashup
Employee 1.0
Employee 2.0
Enterprise 1.0
Company
Point-to-Point
Limited Information Transfer
Distributor
Partner
Customer
Enterprise 2.0
Threat 2.0
Threats are now focused on data
– 37 percent of malicious Web/HTTP attacks included data-stealing code.
– 57 percent of data-stealing attacks are conducted over the Web.
– Most of the SPAM identified had a URL linked to it and the URL was infected with data stealing code.
Websense contends thatWeb 2.0 + Employee 2.0 +
Enterprise 2.0 + Threat 2.0 means…
We need a new data-centricsecurity strategy
Data Loss Prevention - Overview
So What is DLP?
“Products that, based on central policies, identify, monitor,
and protect data at rest, in motion, and in use through deep
content analysis.”
Rich Mogull (securosis.com) – former Gartner analyst for DLP
Information Leaks – 4 main categories
13
Unintentional Leaks:By accident/Ignorance
Customer_Info.xls Customer.xls
Intentional Leaks:Malicious intent
Un/intentional Leaks:No/Bad business processes
Data at Rest
Data in Motion
Un/intentional Leaks:Malicious intent
Trojan…Keylogger
DLP Phases – Best Practices
Data and Risk
Identification
Actionable
AuditingPolicy Design
Policy
Enforcement
Management
&
Reporting
• Scope it right
• Freeze on responsibilities
• Focus on Essential Information
• Monitor traffic leaving organization
• Identify Business processes
& channels
• Design policies with BU heads• Enforce policies and notify• Identify incident management roles
• Identify and enforce incident
remediation workflows
•Design reporting metrics
Business Intelligent Policy Enforcement
Who
Human Resources
Customer Service
Finance
Accounting
Legal
Sales
Marketing
Technical Support
Engineering
What
Source Code
Business Plans
M&A Plans
Employee Salary
Patient Information
Financial Statements
Customer Records
Technical Documentation
Competitive Information
Where
Benefits Provider
Personal Web Storage
Blog
Customer
Spyware Site
Business Partner
How
File Transfer
Instant Messaging
Peer-to-Peer
Web
Audit
Notify
Remove
Quarantine
Encrypt
Block
Webmail
Action
ConfirmPartner
Competitor
Social Networking Site
DLP Phases – Best Practices
Data and Risk
Identification
Actionable
AuditingPolicy Design
Policy
Enforcement
Management
&
Reporting
• Enforce policies and notify• Identify incident management roles
• Identify and enforce incident
remediation workflows
•Design reporting metrics
We recommend to start with Risk Assessment
� “How is your sensitive data leaving the organization?”
� “How do your Employees treat sensitive data?”� “Do you see a lot of mistakes/errors being made?”� “Is there any misuse of our sensitive data”?� “Are there any/many inappropriate recipients receiving sensitive data?”� “Do your Employees seem to be aware of the sensitivity of the information?”
� “How do your Employees conform to your security policies?”� “Do you need to change or add security policies?”
� “What are your approved business processes?”� “Do you need to change the way we use our data?”
� “Is your sensitive data in places it should not be?”
� “Are you violating any compliance policies?”
� “Are there any other identifiable risks?”
17
About Websense
18
�Leading Provider of Web, Email and Data Security (DLP) Solutions
�Annual Billings: $356M
�Employees: > 1,300
�More than 50,000 customers worldwide
�44 million subscription seats
• Global support and services
“Today’s enterprises require a more holistic and integrated approach for
Internet security—a Web security ecosystem—to combat emerging threats
from the Internet… Websense is the worldwide leading vendor in the Web Security market.”
-Brian Burke, Program Director Security Products, IDC
“Today’s enterprises require a more holistic and integrated approach for
Internet security—a Web security ecosystem—to combat emerging threats
from the Internet… Websense is the worldwide leading vendor in the Web Security market.”
-Brian Burke, Program Director Security Products, IDC
Websense leads DLP space
The Forrester Wave is copyrighted by Forrester Research, Inc. Forrester and Forrester Wave are trademarks
of Forrester Research, Inc. The Forrester Wave is a graphical representation of Forrester's call on a market
and is plotted using a detailed spreadsheet with exposed scores, weightings, and comments. Forrester does
not endorse any vendor, product, or service depicted in the Forrester Wave. Information is based on best available resources. Opinions reflect judgment at the time and are subject to change.
The Gartner Magic Quadrant or Content Monitoring and Filtering and Data Loss Prevention was written by Eric Oullet and Paul E. Proctor and is copyrighted June 17, 2008 by Gartner, Inc., and is reused with permission. The Magic Quadrant is a graphical representation of a marketplace at and for a specific time period. It depicts Gartner’s analysis of how certain vendors measure against criteria for that marketplace, as defined by Gartner. Gartner does not endorse any vendor, product or service depicted in the Magic Quadrant, and does not advise technology users to select only those vendors placed in the “Leaders” quadrant. The Magic Quadrant is intended solely as a research tool, and is not meant to be a specific guide to action. Gartner disclaims all warranties, express or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose. The Magic Quadrant graphic was published by Gartner, Inc., as part of a larger research note and should be evaluated in the context of the This Magic entire report. The Gartner report is available upon request from Websense.
From the 17 June 2008 Gartner report, “Magic Quadrant for Content Monitoring and Filtering and Data Loss Prevention,”by Eric Ouellet and Paul E. Proctor.
Gartner Magic Quadrant for Content Monitoring and Filtering
and Data Loss Prevention, June 2008
DLP Summary
People have been losing and leaking data ever since they started banging a keyboard; We are constantly seeing information that is not meant for our eyes
The chances, however, of data losses and leaks being exposed have increased exponentially
People, Regulatory Compliance, Data Protection Authorities and the latest Malwarethreats are the key drivers of DLP adoption
DLP solutions are a great tool to minimize the risk of data losses and leaks; and also a great tool to educate employees as well
20
web security | data security | email security © 2009 Websense, Inc. All rights reserved.
THANK YOU
