clearswift ccsp selling clearswift argon for email
TRANSCRIPT
ClearswiftCCSP Selling Clearswift ARgon for Email
2
What is Argon for Email?
• Adaptive Redaction solution
• Complements existing email security and Data Loss Prevention (DLP) solutions
• Addresses issues with traditional DLP solutions
• Delivers enhanced– Risk mitigation
– Critical information protection
3
Clearswift ARgon for Email
Users
Users
Email Gateway/Managed Service
Internet
Email ServerClearswift ARgon
for Email
4
Complementary, Not Duplication
Anti Virus Anti Spam ReportingDLP
PoliciesData
Redaction
Document Sanitizatio
n
Structural Sanitizatio
n
3rd Party Email
Gateway
(Additional Feature)
û û û
ARgon for
Emailû û
Augments existing email gateway technologies
Adaptive Redaction
5
What’s the value to you?
• Overcome “we’ve got one already” objection
• Complements existing portfolio
• Faster sales
• Growing market– DLP 26%
– SEG 2%
– SWG 7% – Source: Gartner “Forecast: Information Security, Worldwide,
2012-2018, 2Q14 Update”
6 © Clearswift 2015
CCSP Clearswift ARgon for EmailWhy Does a Client Need ARgon for Email?
7
New Information Risks
• Targeted attacks
• Hidden information
Users
Users
Email Gateway/Managed Service
Internet
Email Server
Document+ Malicious Active
Content
Document+ Malicious Active
ContentDocument
+ Malicious Active Content
Document + Sensitive Information
Document + Sensitive Information
Document + Sensitive Information
8
Traditional DLP Pain Points
Long time to become effective
Stops the whole transmission
Large manual processing overhead
Can miss “hidden” sensitive
information
9
Clearswift ARgon for Email
• Instant risk mitigation
• Protects critical information, reduces traditional DLP false positives and enables secure continuous collaboration
Users
Users
Email Gateway/Managed Service
Internet
Email ServerDocument + Sensitive Information
Clearswift ARgon for Email
Document+ Malicious Active
Content
Redacted and Sanitized Document
Sanitized Document
10
Adaptive Redaction
• Data redaction– Remove sensitive information
• Document sanitization– Remove meta-data, version and document history
• Structural sanitization– Removes active content
11
Data Redaction
• Risk that confidential information may be shared inappropriately
• Business stops due to conventional DLP ‘stop and block’ functionality
• Real risks lost amongst noise
Problem
Solution
• Automatically remove sensitive information from emails and documents
• Share information without breaking legislative requirements (e.g. PCI DSS)
• Avoid unnecessary barriers
• Identify real risks
12
Data Redaction
• Detects sensitive information and removes it
• Redacted document delivered
• Policy driven
• Automated
• Works in both directions
How
**** **** ****
Senders
RecipientsClearswift ARgon
for EmailDocument + Sensitive Information
Redacted Document
Email ServerEmail Gateway/
Managed Service
13
Supported File Types
File Type Extensions
HTML .htm .html
Microsoft Word document (2007+) .docx .docm .dotx .dotm
Microsoft Excel spreadsheet (2007+) .xlsx .xlsm .xltx
Microsoft PowerPoint presentation (2007+)
.pptx .pptm .potx .ppsx .ppsm .thmx
OpenOffice Writer .odt
OpenOffice Calc .ods
OpenOffice Impress .odp
OpenOffice Graphic .odg
OpenOffice Master .odm
OpenOffice Math .odf
Adobe PDF (portable document format) .pdf
Rich Text Format encoded document .rtf
Notepad/Plain text .txt
14
Document Sanitization
• Organizations need to collaborate with third parties
• Sensitive information can be exposed in meta-data, track changes, quick save, etc.
• Users often not aware of risk
Problem
Solution
• Automatically detect and remove sensitive information from documents
• Prevent embarrassing disclosures
• Users can still share documents without unnecessary barriers
15
Document Sanitization
What they thought they sent
What they actually sent
What we sent for them
16
Document Sanitization
• Detects and removes– All/selected document properties
– Revision histories
• Policy driven
• Automated
Senders
RecipientsClearswift ARgon
for EmailEmail Server Email Gateway/
Managed Service
Document + Sensitive Information
Sanitized Document
17
Supported File Types
File Type Extensions
Microsoft Word document (2007+) .docx .docm .dotx .dotm
Microsoft Excel spreadsheet (2007+)
.xlsx .xlsm .xltx
Microsoft PowerPoint presentation (2007+)
.pptx .pptm .potx .ppsx .ppsm .thmx
OpenOffice Writer .odt
OpenOffice Calc .ods
OpenOffice Impress .odp
OpenOffice Graphic .odg
OpenOffice Master .odm
OpenOffice Math .odf
Adobe PDF (portable document format)
18
Structural Sanitization
• Risk of malware embedded in common file formats
• Threat increasing
• Common vector for exploits leading to loss of data
Problem
Solution
• Automatically detect and remove active content
• Improved defense from malware
• Users can still transmit/receive valid content
19
Structural Sanitization
• Removes active content from communications
• Protects against embedded APTs
• Ensures information is shared safely and without disruption
Recipients
SendersClearswift ARgon
for EmailEmail Server Email Gateway/
Managed Service
http://xxxxxxstralia.com.au/flash/uss05.exe
All active content removed
Document + Macros
+ Embedded DLLs
Sanitized Document
20
Supported File Types
File Type Extensions
HTML .htm .html
Microsoft Word document (2007+) .docx .docm .dotx .dotm
Microsoft Excel spreadsheet (2007+)
.xlsx .xlsm .xltx
Microsoft PowerPoint presentation (2007+)
.pptx .pptm .potx .ppsx .ppsm .thmx
OpenOffice Writer .odt
OpenOffice Calc .ods
OpenOffice Impress .odp
OpenOffice Graphic .odg
OpenOffice Master .odm
OpenOffice Math .odf
Adobe PDF (portable document format)
Rich Text Format encoded document
.rtf
21
ARgon Benefits – No DLP
• Not disruptive
• Quickly reduce risk posture
• Reduce management overhead
• Identify real issues
• Rapid ROI
22
ARgon Benefits – Existing DLP
• Complementary
• Quickly reduce risk posture
• Reduce management overhead
• Identify real issues
• Rapid ROI
23
Why don’t I just sell a SEG/SXG?
SEG ARgon for Email SXG
3rd party gateway compatibility û
Inbound email
Outbound email
Internal email û û
Anti-virus ü û Cost option
Anti-spam û û
Reporting AR focused
DLP policies
Adaptive Redaction Cost option Cost option
Default AR policy û û
Encryption Cost option TLS only û
IG Server integration Roadmap
24
ARgon Deployment - Platforms
• Developed on SEG V4 core technology– Red Hat Enterprise Linux x64 6.6
– 64 bit operating system
• Physical/soft appliance
• Virtual appliance– VMware ESX/ESXi and vSphere
– Hyper-V
• No hosted service at launch
25 © Clearswift 2015
CCSP Clearswift ARgon for EmailBuilding a Business Case
26
Building a Business Case
• Risk of new threats and critical information protection
• Probability of incident
• Accidental and malicious
• Complementary offering
• Research
• Push PoV
27
ARgon Sales Cycle
PoV Results & Business case
Report
PoV
Awareness and Value Meeting Operational
System Installed
Cost/Benefit Analysis
28
ARgon Deployment – Proof of Value
IronPort C160™ Email Security Appliance
Exchange Server
Most boundary gateways can deliver original message AND
duplicate message for processing on ARgon platform to demonstrate value without
interrupting email flow
----------------------------------------------------------------------
DMZ
LAN
Email Hygiene GatewayARgon for Email
• Side car deployment
• No impact to business email
• Copies of all live email sent to ARgon for analysis
• Shows “What would have happened”
29
ARgon Deployment – Live Deployment
IronPort C160™ Email Security Appliance
Exchange Server
Email Hygiene Gateway
ARgon for Email
DMZ
---------------------------------------------------------------------------------------
LAN
• Located downstream from the existing email filtering solution
• Located within the internal network
• Message management controlled by business units and security
30
Filtering Rules
IronPort C160™ Email Security Appliance
Exchange Server
AV + ASHygiene rules
Outbound Rules
Inbound AR Rules
Outbound AR Rules
31
Message Holding Areas
IronPort C160™ Email Security Appliance
Exchange Server
Hygiene
AR
IT Admins
Business Admins
32
Services
• Installation and configuration– Out of the box policy
– Keep cost of purchase low
– Average duration: 1 day
• Advanced policy definition– Includes AR Policy Definition Workshop
– Advanced policy configuration
– Average duration: 3 days
• Health check– System and policy review
– Average duration: 1 day
• Training– Duration: 1 day
33
Objection Handling
Competitor Approach
“We’ve got a manual process.”
• People forget and make mistakes• Need to ensure employees are trained on
latest polices and how to implement them properly
“We’ve already got an email gateway/managed service.”
• Push new threats and critical information protection
• Highlight benefit of reducing management of false positives and “standard” sensitive items
“We use encryption to protect against data loss.”
• Highlight that this is only useful when it’s appropriate for that data to be shared with that person
• Doesn’t protect against accidental/malicious data loss
34
Objection Handling
Competitor Approach
“We’re considering a DLP suite.”
• Emphasise that can complement whatever solution they eventually choose
• Stress that ARgon can start to mitigate risk from day one
• Push new threats and critical information protection
• Position away from a full DLP solution
“We’ve got a DLP suite.” • Push new threats and critical information protection
• Emphasise that can complement whatever solution they have
• Highlight benefit of reducing management of false positives and “standard” sensitive items
35
Competitors
Competitor Approach
Glasswall • Only Structural Sanitization
Symantec • Only Structural Sanitization • Not on all products (e.g. cloud)
NextLabs • Data Redaction and Document Sanitization at end point (works within email clients)
OpenText • Data Redaction and Document Sanitization • Manual/automated process
Mimecast • Document Sanitization • Performed in the cloud solution• Uses the Microsoft Document Inspector and
removed revision history, etc.• Can convert file to pdf
Titus • Data Redaction• Manual process that only ‘blacks out' sensitive
content
36
Competitors
Competitor Approach
McAfee Endpoint DLP
• Can automate sensitive data [creates clear text]• Authorized user can then review redacted content
via ePO
Microsoft Document Inspector
• Removes revision history• Manual process
Websense • Data Redaction• Part of Data at Rest DLP function
Adobe Acrobat Pro
• Redact text and images• Manual process
Appligent • Redax product automatically redacts content in PDF documents
OmniX • Automated text redaction for litigation services
37
Collateral
• Sales presentation
• Solution paper
• Use case white paper
• ARgon vision slides and paper
• Objection handling FAQs
• Competitive positioning
• Telemarketing scripts
38
Roadmap
Note: All dates and functionality subject to change
Apr – May – Jun Jul – Aug – Sep
2015
Oct – Nov – DecJan – Feb – Mar
2016
ARgon for Web V1.0
• Adaptive Redaction• IGS integration• English and Japanese
ARgon for Email V1.1
• Japanese
ARgon for Email V1.0
• Adaptive Redaction• English only
ARgon for ICAP V1.1
• IGS integrationARgon for Exchange V1.0
• Adaptive Redaction• English and Japanese
ARgon for Email V1.2
• IGS integration
ARgon for ICAP V1.0
• Adaptive Redaction• English and Japanese
ARgon for Exchange V1.1
• IGS integration
39 © Clearswift 2015
CCSP Clearswift ARgon for EmailFrequently Asked Questions
40
FAQ
• What vendors’ solutions does ARgon work with?– Any solution that can pass SMTP emails to ARgon
• Does the client need to purchase all 3 AR features?– Yes, they are all included in the subscription cost
• Can I peer an ARgon with an SEG/SWG/SXG/SIG?– No, only other ARgon systems
• Can I upgrade an ARgon to a SEG?– No direct upgrade path, will require a new installation
– Potential to offer service to migrate policy and add hygiene components
41 © Clearswift 2015
CCSP Clearswift ARgon for EmailSummary
42
Clearswift ARgon for Email
• Adaptive Redaction solution
• Complements existing email security and Data Loss Prevention (DLP) solutions
• Addresses issues with traditional DLP solutions
• Delivers enhanced– Risk mitigation
– Critical information protection
Selling Clearswift ARgon for Email
“Providing organizations a solution to rapidly protect their critical information without harming productivity, or replacing their current operational infrastructure.”