gartner security & risk management summit 2014 - defending the enterprise against trusted...
DESCRIPTION
Malicious or accidental disclosure of confidential information by trusted insiders is a threat to any organization. Insiders include employees, contractors, consultants and business partners that have access to your sensitive information. Since relationships don't last forever, a trusted person today may be a competitor tomorrow. See how Fasoo customers protect sensitive information by controlling access and use at the data level through continuous encryption and persistent security policies.TRANSCRIPT
Data and Software Security
Defending the Enterprise against Trusted Insiders
June 2014
Ron ArdenVice President, Fasoo USA
Bill BlakePresident – Fasoo USA
Agenda
• Current environment• Costs of data loss• Current technology gaps• EDRM at a glance• Solution case studies• Q&A
About Fasoo
• Incorporated in June 2000• 270 employees• Specializes in Enterprise DRM (EDRM) solutions and services• Largest EDRM vendor with the most EDRM developers• Deployed to over 1,100 major organizations• Protecting data for over than 2 million users globally:
One company - 170,000 internal users in 32 major affiliates
“The ongoing theft of Intellectual Property represents the greatest transfer of wealth in
human history!” General Keith Alexander
The IP Commission Report 2013
Did you know?
"About 65 percent of employees who commit insider IP theft had already accepted positions
with a competing company or started their own company at the time of the theft.”
“More than half steal data within a month of leaving.”
Behavioral Risk Indicators of Malicious Insider IP Theft: Misreading the Writing on the Wall,
“About 20 percent were recruited by an outsider who targeted the data.”
Relationships don’t last forever
Content is everywhere
Shadow images of confidential data can be left on unprotected systems Most organizations do not have the knowledge and experience to identify all of the
Blind Spots in their infrastructure!
Content is in constant motion
Constant risk of data loss
Boston Globe – May 5, 2014
529 plan PII (60K people) on partner staging server
WBTV – April 18, 2014
Former hospital employee steals patient information to open bank accounts
SC Magazine – May 7, 2014
SSNs on postcards sent to 5,000 former Molina Healthcare members
Long Island radiology practice informs 97,000
patients of data breach
Newsday – June 24, 2014
CYBER ATTACKS ON TRADE SECRETS
Chinese PLA hackers indicted for stealing US secrets
Washington Post – May 22, 2014
Types of insider threats
Human or system error cause almost 60% of data breaches.*
*Ponemon Institute 2014 Data Breach Report
Careless
Accidental/System Failure
Malicious
Malicious
The gap that’s allowed cyber-criminals to breach these and other organizations is why Forrester Consulting described the situation in simple, blunt terms:
“Basically, the enterprise is a sitting duck.”
Careless
15,000 employees affected
Careless
$22,000,000,000 loss in stock value
Accidental
Did you really want to send that email to the boss?
US breach notification laws
Regulations
Types of data
Types of data
Personally Identifi-able Information
Confidential/Sensi-tive business data
Military & Govern-ment data
Financial data
Intellectual Prop-erty
Protected Health Information
Outside Staffing $54,131.56 Forms/Printing $15,817.91 Advertising $73,132.98 Kroll (forensics) $3,701,398.25 Call Center $186,740.52 Allied Vaughn $1,949.76 Private investigator $3,202.37 Database license $8,800.00 Oregon Monitor $1,787.50 LexisNexis $13,381.50 Translation Services $3,079.95 Cascade Direct $34,485.35 Postage $125,282.87 Laptop encryption $700,000.00 EDS $773,205.66 Data Transport., Storage $6,998.46 Legal $1,029,440.31 Total External Expenses $6,732,834.95 Internal Expenses $179,113.63
Total Expenses $6,911,948.58
Postage Costs $125,282.87
Cost of data breach
Cost calculator
http://www.hubinternational.com/data-breach-cost-calculator/
Per Record$1,115
Security technologies and policies
Secure FTP
VPN Host/Net DLP
Web Protection
Device Control Encryption
Email Protection
MDM/ Device
Security
Today’s Solutions Result in:
Never enough security
False sense of data protection
Vulnerable to authorized user threat
No control over data outside domain
The end result!
Enterprise DRM
Enterprise Content
Management
Full Disk Encryption
Narrow
Wide
ControlledPerimeter
Internal use
External use
Data at Rest Data in Transit Data in Use
ControlledPhase
EDRM vs. other security solutions
VPN
Network Transport
Encryption
Data Loss Prevention
What is Fasoo Enterprise DRM?
Prevent unintended information disclosure or exposure
1. File encryption – persistent document security 2. Permission control – prevent unauthorized use of digital files3. Audit trail – consistent protection and verification
22
Regardless of its location!
Controlling your content
Benefits of Fasoo EDRM
5Supports mobile devices (Android, iOS)
3Integrates with existing third-party applications
Restrict document accessHow: view, edit, print, screen capture, VM, copyWhen: validity period, how many timesWhere: device, network address
Supports a wide range of documents and files
Can revoke sensitive documents by making them inaccessible
2
1
4
Author
Review
Content Server
EDRM Policy Server
Partner
Unauthorized User
PartnerNetwork
Corporate VPN
VIEW
Protecting and controlling your information
Case Studies
Novant Health
Challenges
Enable access from anywhere Streamline existing process
Secure confidential data Comply with JCAHO regulations
Create
View
CVO
Co-chair
Solution
Credentialing System
Edit
Chair
View
Doctor
Results
• Permission management through document classification• Automatically encrypt document upon download or access• Access from any device or location through Citrix
30
Groups Document PermissionsCVO All View, Edit, Print, Decrypt
Chair,Co-chair
PII View
Recommendation Edit
Default All No access
Benefits
• Guarantee no data leaks of PII• Audit trail for all document activities• Streamline process and reduce risk• Information accessible from any device• Comply with regulations
31
CJ Group
32
Challenges
33
Minimize change to user productivity
SECURE & RELIABLE
Integrate with existing authentication system
Inter-organizational communications
Restrict external user access
Secure confidential data
Edit 30 days
PartnerRevoke
Create
Edit
Decryptionserver
View
Finance
Legal
Marketing
VP
Chris Peters9:37 3/26/13172.16.125.21
Solution
Decrypt
Joe Peters9:37 6/24/14172.16.125.21
Results
• Permission management through document classification• Some users automatically encrypt document upon save• Documents scanned and encrypted/reclassified if PII is detected• Email-based authentication for external users
35
Class Users & Groups PermissionsInternal All users View, Edit, Print
Proprietary All users View
Specific users & groups Edit, Print, Watermark
Confidential Specific users & groups View
Default Owner Full access
Benefits
• Different permissions based on role and group• Audit trail for all document activities• Captured document for all Decrypt activities• Not managing external user credentials• Minimal impact to user productivity
36
Classify, Prioritize and Protect
When should you protect confidential files?
At creationAutomatically?
At destructionAutomatically
Collaboration Manually or Automatically?
Persistent RightsManagement
Highest level of protection against
insider threats
Data Loss PreventionNo protection
with legitimate third party sharing
After the factProtection
Delete files or destroy media
Beginning End
Thank you
39