Download - Data Security Explained
Happiest Minds Data Security Overview
Data Security Overview
The insider who acts with malicious intent
Typically someone with Administrator rights Privileges to access sensitive information such as a sales & finance
department, executive etc.,
Non-malicious insider violates policy or leaks data without seeking to do so
Not all data loss within an organization is malicious. In most cases, data loss is the result of Common risky behavior eg: using personal email account for work purposes,
Careless/Unauthorized use of Corporate Resources Common human errors/Lost or stolen devices
External Criminality
Insider Threat
Threat Profile
Typical Categories
of Sensitive
Corporate Info
Patent & copyright information Trade secret/Process Advantages R&D data Source Code/ Formulas Knowledge base
Intellectual Property
Board Minutes Un-released financial data New Product designs Target customer lists M&A strategy & plan information Sales & pricing data Tax & Litigation information Hiring /Firing information & Salary data
Confidential Corporate Information
Sensitive personal data Education or professional information Health-related information Detailed transaction information
Regulated information
3
Data Loss Prevention - Defined
Data Loss Prevention (DLP) is a process first. The technology is simply an enabler for the automation of the process.
DLP is a security term that refers to a solution that identifies, monitors, & protects sensitive data to detect & prevent the unauthorized use & transmission of confidential informationby inspecting sensitive content, and audits and enforces content use policies
Data Loss Prevention can be used for: Regulatory compliance Intellectual property protection Accidental data loss Data theft
Data at Rest - Sitting idle in storage (Storage DLP)
Data in Motion -Traveling across network(Network DLP)
Data in Use - Being used at the endpoint
(End Point DLP)
File servers
Databases
Portals/ SharePoint
Laptops
Web
Network
FTP
USB
CD/DVD
Printers
Applications
4
Approach to Data Loss Prevention
Classify Sensitive Data1
Evaluate & Select right DLP product2
Develop a slow and steady implementation plan
3
Define & Configure access rules
5
Develop Incident Response capability
6Data Loss Prevention Implementation Best
practice
Discover / Identify Data4
Monitor & Fine-tune policies & configuration
7
Retain data for audit purpose 8
5
Common Mistakes & Best Practices
Lack of trained resources
False positives due to bad policy
Perception that ownership resides with IT
Ignoring the legal & regulatory framework
Underestimation of the need for ongoing maintenance
Purchasing DLP product is definitely not adequate
Employees are trained and aware of the data loss risks associated with sensitive data
Lack of trained resources
1. Undertake a phased rollouta. Begin deployment with a single, simple policy of limited scope in monitoring modeb. Take time to tune the policy until expected results & expand by adding policies & enforcement actions
2. Good directory integrationa. DLP policies are closely tied to users, groups etc.,b. Organizations with sloppy directories, may make tracking down an offending user or applying policies to the right people difficult
3. Work tightly with business units, don't just start enforcementa. Work with the management of that unit, then deploy policies -- first in monitoring, and then in notification mode b. Collect feedback to tune the policy to balance business needs and risk management
4. Involve legal and compliance stakeholders for clarity on various legislation & regulatory enforcement needs5. Biggest stumbling blocks for DLP deployments is failure to prepare the enterprise.
a. define your expected workflows for creating new protection policies and b. handling incidents involving insiders and external attackers
6
Happiest Minds Credentials in Data Security Area
Security Practice focused on innovative and disruptive technologies with 170+ members
Dedicated Data Security Practice with 50+ person years of experience in Data Security
Innovation and technology led Consulting practice leverages cutting edge tools to optimize time & cost
Innovative Delivery Model CoE contribution for reusable
components, templates, artifacts & design patterns for Data Security
Strong Alliance with product vendors to create the best in class solution
We are independent of vendors & have access to leading data loss products. We will recommend the most appropriate way forward
Team of 10+ Data Security Consultants & Specialist in Data Security Leading products from McAfee, Gigatrust, Vormetric, Symantec, RSA etc.
Experienced Team will pre-plan their work by leveraging the experience and knowledge base
Experienced team that has executed over 10+ large Data Security projects across Fortune 500 companies in the past
Pre-built use cases for Enterprise wide Data Security
Productized solutions to expedite Data Security rollout process
Focused Data Security Line with end-to-end capability1
Ready to use templates for data discovery, classification & analysis2
A track record of delivery with high quality team of consultants3
Innovation Led approach4
7
Thank You