michael blackin sales consulting director
DESCRIPTION
Michael Blackin Sales Consulting Director. Ohio Digital Government Summit. Security Critical To Business Continuity. 2007 Organized crime Sensitive data Identity theft Constant threat. 1997 Amateur hackers Web site defacement Viruses Infrequent attacks. - PowerPoint PPT PresentationTRANSCRIPT
<Insert Picture Here>
Michael BlackinSales Consulting Director
Ohio Digital Government Summit
Security Critical To Business Continuity
1997
• Amateur hackers
• Web site defacement
• Viruses
• Infrequent attacks
2007
• Organized crime
• Sensitive data
• Identity theft
• Constant threat
Security Breaches Front Page News
Security: A Preventive Control
• Examine information lifecycle and secure every point throughout
• Do not limit yourself to structured data
• Automate your controls whenever possible to lower costs
Lockdown Information
Control Access Points
Manage Exceptions
Secure Data Lifecycle Management
Secure Origination
Data Destruction
Lockdown Information
Control Access Points
Manage Exceptions
Secure Data Lifecycle Management
Secure Origination
Data Destruction
Secure Origination
Authentication
Admin
Application access controls
Unstructured data
Request and approval process
Segregation of duties
Classification of asset
Lockdown Information
Control Access Points
Manage Exceptions
Secure Data Lifecycle Management
Secure Origination
Data Destruction
Data
Lockdown InformationStructured Data
Encrypted Data at Rest
ComprehensiveAuditing
Encrypted DataIn Motion
Network
Users
AuthenticateAuthorize
Audit
AccessControl
KNOX 12029
KYTE 17045
CAREY 12032
HOECHST 18029
PIERMAR 17170
SCOTT 14220
KING 18031
Org 10
Org 20
Admin
Org 30
Segregation of Duties
(What about Privileged Users?)
But…
Structured Information Unstructured Information
10% 90%Most sensitive data is unstructured… Printed reports not shredded Documents on thumb drives Sensitive email Lack of control
Source Gartner: 2005
Lockdown InformationUnstructured Data
Information Rights Management
Sealing documents and emails protects them wherever they go
Central server manages rules - even for copies of documents that leave your network
Central server audits usage – even for copies of documents that leave your network
Lockdown Information
Control Access Points
Manage Exceptions
Secure Data Lifecycle Management
Secure Origination
Data Destruction
Control Access Points
Other Agencies
Federation
Service Providers
Service Oriented Architecture
Structured Data
Unstructured Data
Users andAdministrators
Applications
•Authentication
•Authorization
•Audit
•WS-Security
•Web Services Mgmt
•Audit
•Policy
•Encryption
•Audit
•Authentication
•Authorization
•Audit
Analysts
Executives
Business Intelligence
Lockdown Information
Control Access Points
Manage Exceptions
Secure Data Lifecycle Management
Secure Origination
Data Destruction
Manage ExceptionsConsolidate and Tamper-Proof your Audit Repository
ApplicationDirectory
DatastoreService
Monitor Policies
Reports Security
Collect and Consolidate Audit Data
Automate Compliance Reporting
Detect and Prevent Insider Threats
Monitor, Test, Adjust
Lower IT Costs With Audit Policies
Lockdown Information
Control Access Points
Manage Exceptions
Secure Data Lifecycle Management
Secure Origination
Data Destruction
Data Destruction
Authentication
Admin
Application access controls
Unstructured data
Request and approval process
Segregation of duties
Classification of asset
Key Takeaways
• Focus on both Structured and Unstructured data• Secure information at rest and in motion• Take a long look at privileged users• Examine business process touch points• Enforce Non-repudiation• Eliminate sensitive information anywhere not required
For more information…
Kevin Wallace
Account Manager
614.343.3794
Ed Pinkin
FMW Account Manager
617.645.8943