facetime - dss @vilnius 2010
DESCRIPTION
Facetime did the presentation about security challenges of the new Internet (communication tools, web 2.0, p2p, social media).TRANSCRIPT
Secure and Enable the New Internet IM, Unified Communications and Social Media
Nick Sears [email protected]
FaceTime Communications, Inc.
The Internet Has Changed
• Public IM
• P2P
• Anonymizers
• VoIP
• Social Networks
• Games
• Virtual Worlds
• IPTV
Source: FaceTime Annual Greynets Surveys 2007 – 2010 & Projected
• Financial IM
• Unified Communications
• Web Conferencing
• VoIP
• Remote Admin Tools
Source: FaceTime Annual Collaborative Internet Surveys 2007 – 2010 & Projected
The Enterprise and Web 2.0 Are Converging
Presenting Significant Risks When Unmanaged
Data Leakage
Personal
Information
Intellectual Property
Credit Card,
SSN
Patient Records
Incoming Threats
Malware, Spyware
Viruses, Trojans
Inappropriate
Content
Compliance & eDiscovery
SEC, FINRA, NFA
HIPAA, FISMA, SOX
PCI, FOI, DOD, FSA
FRCP- eDiscovery
FERC, NERC
User Behavior
Employee
Productivity
Bandwidth
Explosion
Every employee is
the face of the
business
FaceTime Mission
FaceTime helps businesses realize the benefits of the
‘New Internet’ by delivering enterprise solutions that provide
unified security, management, and compliance across the
broadest set of applications and modalities.
Visibility
Granular policies for sanctioned applications
User/Group, Time of Day, Time Quota
Content filtering, ethical walls, disclaimers
Management
Logging, archiving, auditing of all user communications
Full compliance review and workflow
Leverage existing email archive and ECM platforms
Compliance
Security Prevent viruses, malware, spIM
Protect IP, prevent data leakage
Block unsanctioned applications
Internet & Web 2.0 application usage
Social Network feature and content posted
Multi-modal highly visual reporting
FaceTime Solutions
Archiving
UC Server
Active Directory
LAN/WAN Internet
Secure & Enable
Unified Communications
Visualize the
‘New Internet’
Vantage
Insight
Secure & Enable Web 2.0
Unified Security Gateway
Secure & Enable
Social Networks
Socialite
Vantage: Secure and Enable Unified Communications
Granular Policy Management
Corporate Directory Integration
Compliance
Logging & Archiving
360 degree Auditing
Message Order Preservation
Conversational Perspective
Compliance Workflow
Policy-Based Exporting
Management & Control
Usage Policies
File Transfer Policies
Content Monitoring
Call Admission Control
Ethical Boundaries
Real-time disclaimers
Security
Anti-Virus
Anti-Malware
Anti-SpIM
Data loss prevention
Windows, VMware Server
Public IM
Networks
Enterprise UC
Networks
Community
Networks
Web & Messaging
Networks
Analytics, Reporting, Visualization and Review
FaceTime Solutions
Archiving
UC Server
Active Directory
LAN/WAN Internet
Secure & Enable
Unified Communications
Visualize the
‘New Internet’
Vantage
Insight
Secure & Enable Web 2.0
Unified Security Gateway
Secure & Enable
Social Networks
Socialite
USG: Secure and Enable the ‘New Internet’
UR
L F
ilte
rin
g
An
ti-M
alw
are
An
ti-V
iru
s
Unified Policy Management AD Integration, Company/Group/User, Time of Day, Bandwidth
Application Control & Security Application Enablement
Application Control Engine
Public IM Web 2.0 & Application Control
Analytics & Reporting
Web 2.0 Enablement Socialite
USG: Visibility & Control of More Than 4,000 Applications
Social Networking 936
Instant Messaging 259
IPTV 62
Remote Admin Tools 23
P2P 170
VoIP 100
Commercial Monitoring Software 257
Anonymizer 58
Web Mail 21
4000 +
Category Number Example
Socialite is FaceTime’s Security Management and Compliance for Social Networks solution
providing granular control of Facebook, LinkedIn and Twitter.
Socialite enables you to control, moderate, and log social networking activities. From granular
content, features and activity control to the moderation of subject matter posted and the
archiving of posts and activities, you can confidently enablevthe use of Facebook, LinkedIn and
Twitter without compromising security or compliance requirements.
Socialite – on premise USG or SaaS
Data Leak Prevention/Content
Protection Protect organization from employees disclosing sensitive information
Malware Protection Protect network against hidden Phishing/Trojan attacks through
applications
Identity Management Ensure that SarahFaceTime on Twitter, Sarah Louise Carter on
LinkedIn & sl_carter on Skype connect back to her corporate identity
Activity Control Post content, status updates, allowed for marketing. Read only access
for all other staff.
Moderator Control John’s posts appear on Twitter or Facebook only upon approval by
Compliance Officer
Granular Application Control John can access Facebook, but not use Facebook chat, or download
and install any applications in the gaming category.
Log and Archive Activity & Content Log all content posted, message sent through Web 2.0 and social
networks
Use Archive of Choice Export stored data with corporate identity credentials to email archive,
WORM, for single discovery location
Issue Control Requirements
Levels of Control: SN Widget Categorization
FaceTime:
– Control access to
individual SN sites
– Allow/block
application widgets
on popular sites
– By category or
individually by
searching for them
Levels of Control: SN feature control
FaceTime:
– Control features or areas of content posting by user or group
– e.g., make the sites read only
Social Networking – Content Monitoring
FaceTime:
– Summary of policies
– Point-and-click policy editing for:
Features to monitor
Some features can also be moderated
Dictionaries to use
– 1 match in „CorporateIdentities” dictionary AND
– 1 match in “profanity” dictionary OR
– 1 match in “SecretProjects” dictionary
Action to take
eDiscovery of Social Networking Posts
FaceTime
– Social Networking activity and
posts captured.
FaceTime
– All the captured
social networking
events are
presented for
eDiscovery and
available for export
to archiving
platforms.
Levels of Control: Moderation
FaceTime
– Posts to Twitter/Facebook/LinkedIn held for review by following criteria:
All
Keyword/dictionary matches
Regular expressions (e.g., credit card/social security number patterns)
Moderator work queue & transcript review
FaceTime:
– Moderator queue allows bulk approve or each post reviewed individually.
End User Experience
FaceTime:
– Toolbar displayed for each site showing user‟s post “queues”
– User can click on their Queues and see a list of the messages
Insight: Visualize the ‘New Internet’
Corporate Directory Integration
Multi-Modal Reporting Engine Intelligent Reviewing Engine
Data Processing Engine
Unified Security Gateways Vantage
Visualizer
&
Social Graphs
Flexible
Reporting Modular
Dashboard
Role Based Access Control
Multiple Export Capabilities (Email, HTML, PDF)
Sensors
Thank you..
Questions?
Visualize Internet activity to assess policy & user behavior – Birds-eye view of all Internet usage across multiple USGs
4,000+ apps plus social networking
55 URL categories
Prevent data leakage – Real-time lexical analysis and expression matching
– Block file transfers and posts over IM, webmail, blogs…
– Control features and moderate content posted to Facebook, LinkedIn, Twitter
Meet corporate, regulatory, and eDiscovery compliance requirements
– Log, archive, and audit IM (FINRA, NASD, SEC, NFA, FERC/NERC, HIPAA, FISMA, FRCP, CIO Council, DoD, FOI Act, etc.)
– Monitor, moderate, and log content posted to Facebook, LinkedIn, Twitter
– Control content posted to other Web 2.0 sites and flag policy violations
– Easily retrieve stored communications for eDiscovery and litigation
Control inbound threats – malware AND content – Prevent malware from entering the network over real-time channels
– Enforce URL filtering and granular control of Web browsing; block elements of Web content or media that fall outside of policy
USG Benefits