achieving data privacy in the enterprise

All information provided in this document is confidential information of SafeNet, Inc. and its affiliates, and is for informational purposes only. This information is not disclosed to you for any other purpose, and will be used for no other purpose. All warranties relating to the

information in this document, either express or implied, are disclaimed to the maximum extent allowed by law, and SafeNet, Inc. undertakes no obligation to update this information.

Achieving Data Privacy in the Enterprise

SafeNetDerek Tumulak, VP Product Management

1REV 0.1





2

SafeNet

Data ProtectionProtecting the Information Lifecycle

REV 0.1

From idea to action, SafeNet smartly protects

information as it moves through its lifecycle.





• Founded: 1983• Ownership: Private• Global Footprint with more than

25,000 customers in 100 countries• Employees: 1,600 in 25 countries• Recognized Security technology

leadership, over 600 encryption engineers strong

• Accredited with products certified to the highest security standards

The largest company exclusively focused on the protection of high-value information assets.

SafeNet Fact Sheet

3



Online Fraud is on the Rise

Source: Anti-Phishing Working Group,

March 2009

The number of crimeware‐spreading sites infecting PCs with

password‐stealing crimeware reached an all time high of 31,173 in

December, an 827 percent increase from January of 2008.

The number of crimeware‐spreading sites infecting PCs with

password‐stealing crimeware reached an all time high of 31,173 in

December, an 827 percent increase from January of 2008.

Phishing: $3.2 Billion lost in 2007 in the US alone

Phishing: $3.2 Billion lost in 2007 in the US alone

Gartner Dec. 2007



Source: Ponemon Institute, 2009

What Are the Threats?



The New IT Security Realities

• Traditional Enterprise Boundaries Evolve

• Cyber Security

6REV 0.1

• Insider Threats • Compliance and

Regulations

• Information and Identity Protection—A Key Business Enabler



Where Is Sensitive Data?Inside the Network

Partners’ & Interagency

networks

Consultant / Contractor Networks

Outside the network

(cloud / SaaS)

Databases

Laptops

Desktops

Mobile Devices

Removable Drives

CDs/DVDs

File Servers

NAS/SAN Devices

Log Files

Excel Spreadsheets

PDFs

Word Docs

Image Files

PowerPoint Presentations

Email Text

Email Attachments

Instant Messages



Where Is Sensitive Data?

Inside the Network

Partners’ & Interagency

networks

Consultant / Contractor Networks

Outside the network (cloud / SaaS)

Databases

Laptops

Desktops

Mobile Devices

Removable Drives

CDs/DVDs

File Servers

NAS/SAN Devices

Log Files

Excel Spreadsheets

PDFs

Word Docs

Image Files

PowerPoint Presentations

Email Text

Email Attachments

Instant Messages

EVERYWHERE!EVERYWHERE!



Worldwide Compliance

9REV 0.1

Electronic Ledger Storage Law

(Japan)

11MEDIS-DC (Japan)

Canadian

Electronic

Evidence Act

PCI Data Security

Standard (WW)

CA SB1386

et al

FDA 21

CFR Part 11

Sarbanes-Oxley Act (USA)

AIPA (Italy)

GDPdU and GoBS (Germany)

EU Data Protection

Directive

UK Data

Protection Act

NF Z 42-013 (France)

Financial

Services

Authority (UK)

Basel II

Capital

Accord

GLB Act

Japan PIP Act

PCI (WW)

Note: International companies must adhere to regulations in each country of operation

HIPAA (USA)



Compliance Hype Cycle

10REV 0.1



What Is It Costing?

Source: Ponemon Institute, 2009

47%



Approaches to Achieving Data Privacy

12

• Persistently protect access to data where it rests, as it moves through the network, and after it has left the network

• Intelligently secure critical points of the information lifecycle using a platform approach that includes standards-based key management and centralized policy

• Combine commercial agility with government grade security solutions

• Extensible to evolve to support changing cloud delivery models—from today’s SaaS and private clouds, to the evolving demands of hybrid and public clouds.



Data Ownership and Control Requires a Holistic Data Privacy Strategy

13REV 0.1



As Threats Change Approaches Must Change

Data Privacy Approaches

• Perimeter focused security

• All-or-nothing encryption

• Keep bad guys out, authorized users get full

access

• Multiple products to meet business and security

needs

• High level or very specific policy only,

•No proper central policy management

• Data-centric protection—intelligence to protect the data itself

throughout its lifecycle

• Granular, selective protection over subset of unstructured or structured

data (files, fields, and columns)

• Granular data protection for authorized users, assure

compartmentalization

• Centrally managed solution that addresses business, compliance,

data governance & security

• Centralized policy and key management providing data use tracking

and control

Traditional Approaches



Six Best Practices in Data Privacy



Five Core Technology Components of Data Privacy



SafeNet Data ProtectionSafeNet persistently protects information throughout its lifecycle, empowering customers to efficiently adapt to change and act on opportunity.



SafeNet Data Protection Portfolio

18

Identity Protection - Identity Protection - AuthenticationAuthentication

Offering the broadest range of authenticators, from smart cards and tokens to mobile phone auth—all managed from a single platform

The industry’s only unified authentication platform offering customers the freedom to adapt to changing environments

The market leader in certificate-based token authentication

Unique technology offerings with client-less tokens, high-assurance solutions, and more

Communication Communication Protection - High-Speed Protection - High-Speed

Network EncryptionNetwork Encryption

SafeNet high-speed network encryptors combine the highest performance with the easiest integration and management.

Solutions for Ethernet, SONET up to 10Gb

Best-in-class Security Management Center

Zero bandwidth loss, low- latency encryption

Unparalleled leverage across classified and COTS communication protection (FIPS 140-2 Level 3)

The fastest, most secure, and easiest to integrate application & transaction security solution for enterprise and government

Market leader in enterprise-grade HSMs

Industry innovator in payment HSMs

Widest portfolio of platforms and solutions

Delivered over 75,000 HSMs— the most in the industry

Only leading HSM with the option of keys ALWAYS in Hardware

Transaction and Identity Transaction and Identity Protection - HSMProtection - HSM

World’s first and only unified platform that delivers intelligent data protection and control for ALL information assets

Data-centric, persistent protection across data centers, endpoints, and into the cloud

Centralized policy, key management, logging, and auditing

Integrated perimeter data leakage prevention

Appliance-based, proven scalability, and high performance

Data Encryption and Data Encryption and Control - DataSecureControl - DataSecure



Persistent Information Lifecycle Protection

19REV 0.1

• Secure, Centralized Key Management• Data-centric Policy Management• Identity & Access Management • Visibility via Logging, Auditing, Reporting



Questions?

achieving data privacy in the enterprise

Documents

cloud saas

network partners

sensitive data

ponemon institute

authorized users

data

network

high