Happiest Minds Data Security Overview

Data Security Overview

The insider who acts with malicious intent

Typically someone with Administrator rights Privileges to access sensitive information such as a sales & finance

department, executive etc.,

Non-malicious insider violates policy or leaks data without seeking to do so

Not all data loss within an organization is malicious. In most cases, data loss is the result of Common risky behavior eg: using personal email account for work purposes,

Careless/Unauthorized use of Corporate Resources Common human errors/Lost or stolen devices

External Criminality

Insider Threat

Threat Profile

Typical Categories

of Sensitive

Corporate Info

Patent & copyright information Trade secret/Process Advantages R&D data Source Code/ Formulas Knowledge base

Intellectual Property

Board Minutes Un-released financial data New Product designs Target customer lists M&A strategy & plan information Sales & pricing data Tax & Litigation information Hiring /Firing information & Salary data

Confidential Corporate Information

Sensitive personal data Education or professional information Health-related information Detailed transaction information

Regulated information

3

Data Loss Prevention - Defined

Data Loss Prevention (DLP) is a process first. The technology is simply an enabler for the automation of the process.

DLP is a security term that refers to a solution that identifies, monitors, & protects sensitive data to detect & prevent the unauthorized use & transmission of confidential informationby inspecting sensitive content, and audits and enforces content use policies

Data Loss Prevention can be used for: Regulatory compliance Intellectual property protection Accidental data loss Data theft

Data at Rest - Sitting idle in storage (Storage DLP)

Data in Motion -Traveling across network(Network DLP)

Data in Use - Being used at the endpoint

(End Point DLP)

File servers

Databases

Portals/ SharePoint

Laptops

E-mail

Web

Network

FTP

USB

CD/DVD

Printers

Applications

4

Approach to Data Loss Prevention

Classify Sensitive Data1

Evaluate & Select right DLP product2

Develop a slow and steady implementation plan

3

Define & Configure access rules

5

Develop Incident Response capability

6Data Loss Prevention Implementation Best

practice

Discover / Identify Data4

Monitor & Fine-tune policies & configuration

7

Retain data for audit purpose 8

5

Common Mistakes & Best Practices

Lack of trained resources

False positives due to bad policy

Perception that ownership resides with IT

Ignoring the legal & regulatory framework

Underestimation of the need for ongoing maintenance

Purchasing DLP product is definitely not adequate

Employees are trained and aware of the data loss risks associated with sensitive data

Lack of trained resources

1. Undertake a phased rollouta. Begin deployment with a single, simple policy of limited scope in monitoring modeb. Take time to tune the policy until expected results & expand by adding policies & enforcement actions

2. Good directory integrationa. DLP policies are closely tied to users, groups etc.,b. Organizations with sloppy directories, may make tracking down an offending user or applying policies to the right people difficult

3. Work tightly with business units, don't just start enforcementa. Work with the management of that unit, then deploy policies -- first in monitoring, and then in notification mode b. Collect feedback to tune the policy to balance business needs and risk management

4. Involve legal and compliance stakeholders for clarity on various legislation & regulatory enforcement needs5. Biggest stumbling blocks for DLP deployments is failure to prepare the enterprise.

a. define your expected workflows for creating new protection policies and b. handling incidents involving insiders and external attackers

6

Happiest Minds Credentials in Data Security Area

Security Practice focused on innovative and disruptive technologies with 170+ members

Dedicated Data Security Practice with 50+ person years of experience in Data Security

Innovation and technology led Consulting practice leverages cutting edge tools to optimize time & cost

Innovative Delivery Model CoE contribution for reusable

components, templates, artifacts & design patterns for Data Security

Strong Alliance with product vendors to create the best in class solution

We are independent of vendors & have access to leading data loss products. We will recommend the most appropriate way forward

Team of 10+ Data Security Consultants & Specialist in Data Security Leading products from McAfee, Gigatrust, Vormetric, Symantec, RSA etc.

Experienced Team will pre-plan their work by leveraging the experience and knowledge base

Experienced team that has executed over 10+ large Data Security projects across Fortune 500 companies in the past

Pre-built use cases for Enterprise wide Data Security

Productized solutions to expedite Data Security rollout process

Focused Data Security Line with end-to-end capability1

Ready to use templates for data discovery, classification & analysis2

A track record of delivery with high quality team of consultants3

Innovation Led approach4

7

Thank You