micro focus presentation template · 2018-10-08 · phase 1: aws (sda 6.4) aws ami aws kms...
TRANSCRIPT
#MicroFocusCyberSummit
#MicroFocusCyberSummit
2nd Annual Voltage (Data Security) Technical Advisory Board (TAB)Farshad Ghazi
Alistair Rigg
Reiner Kappenberger
Kevin McLeod
Anthony Knight
Farshad Ghazi – Global Product Manager, SecureData Appliance
Alistair Rigg – Global Product Manager, SecureData Sentry
Reiner Kappenberger – Director of Global Product Management, Enterprise Data Security
Kevin McLeod – Global Product Manager, Covertix
Anthony Knight – Global Product Manager, SecureMail, SecureMail SaaS and SecureFile
Voltage Product Management
Micro Focus Confidential
2nd Annual Voltage TAB – Agenda
Time Topic Presenter
1:30 – 2:15pmSecureData for the Cloud – Revolutionizing the SecureData Infrastructure through Containerization
Farshad Ghazi, Global Product Manager, SecureData Appliance
2:15 – 3:00pmAchieving Data-Centric Security across Hybrid IT with SecureData Sentry
Alistair Rigg, Global Product Manager, SecureData Sentry
3:00 – 3:15pm Afternoon break
3:15 – 3:45pmInsight into Critical Data Usage Using SecureData with Enhanced DCAP Support
Reiner Kappenberger, Director of Global Product Management, Enterprise Data Security
3:45 – 4:15pmUnstructured Data Protection With Covertix, the Latest Addition to the Data Security
Kevin McLeod, Global Product Manager, Covertix
4:15-5:00pmSecuring Information Sharing – Inside and Outside of Your Organization
Anthony Knight, Global Product Manager, SecureMail & SecureFile
Micro Focus Confidential
#MicroFocusCyberSummit
SecureData Appliance for the Cloud –Revolutionizing the SecureData Infrastructure through ContainerizationFarshad Ghazi
Foundational Requirements
Same results from anywhere Referential Integrity preservation
No matter where the data is coming from; e.g. Cloud app, IBM z/OS, HPE NonStop, …
Or where the key server resides
It should always produce the same encrypted value
Must be operational in a Hybrid IT environment Orchestration and provisioning across on-premises, private and public cloud
Any-to-any operation; e.g. key server on-premises or in any Cloud would yield the same results
Backward compatibility On-premises ISO version will be supported
No changes in how it is installed or used
New features and use cases offered with new architecture DevOps model, Service Discovery, Built-in load balancing, …
Micro Focus Confidential
Cloud Usage Evolution
Cloud as Storage
* Use cloud as a scalable storage device
* Typically no major changes to on-premises architecture
* Maintains data relationship for cross-cloud usage and data correlation
Cloud Apps
* More advanced cloud usage
* App servers running on EC2 or Azure VM
* Minimizes data read/writes across app/storage boundaries
Zero data center
* Enterprise seeking no data center
* Everything in the cloud
* Secure Data Enterprise solution entirely in the cloud
Container / Microservices
* Flexible “Run Anywhere” container
* Maximum reuse
* Platform independent
Micro Focus Confidential
Cloud Implementation and Maturity Phases
Micro Focus Confidential
Software product roadmaps indicate Micro Focus’ directional intention at a point in time. In an evolving environment, roadmaps are subject to change and are therefore not a commitment or representation by Micro Focus to develop, modify, market or deliver a software product, code or functionality or to meet any specific timetable. They are also confidential information
and therefore not for disclosure to others or use other than for your evaluation of a business relationship with Micro Focus.
Phase 1: AWS (SDA 6.4)
AWS AMI
AWS KMS integration as FEK
Phase 2: Azure in SDA 6.6
Azure VM
Integration with Azure Key Vault (similar to AWS KMS)
Interop test with Azure AD
Phase 3: Basic containerization
Introduction of major services in Docker containers
Key services, REST and SOAP, PIE FES, Auth/Auth, Logging, Dashboard (MC), Smart Formats (DPL)
Phase 4: Orchestration
Container management thru Kubernetes
Usage of Kubernetes for container discovery, replication, clustering, updating, scaling...
Phase 5: Marketplace delivery
Marketplace integration for AWS, Azure, GCP
Auto-pass license management
Technical Background and Questions
Deployment model
Voltage to manage our own pods and deployment
or
Provide configuration to be integrated in deployment
Impact: e.g. rolling update?
Managed by Voltage?
Or incorporated in the enterprise update
E.g. Config ID inclusion in enterprise dev ops meta data
Question 1: Deployment
Micro Focus Confidential
Central config service; multiple sites/regions
Do we need a node or Pod config?
E.g. regional differences that need to be applied
Question 2: Configuration
Micro Focus Confidential
How they handle logging in their infra.?
Using syslog? Other log forwarders?
Docker provides some basic logging mechanism
Will default Docker logging mechanism be used?
Is an embedded SIEM required?
Or the ability to connect to the SIEM of choice within an enterprise environment
Question 3: Logging
Micro Focus Confidential
Kubernetes Cluster
Hyb
ridP
ub
licP
rivateDeployment
Pod 1• Key services• Replica = 2
Pod 2• REST services img• SOAP services• Replica = 3
Pod 3• AuthN/AuthZ• Format services• Replica = 2
Pod 4• PIE services• Replica = 100
App1.yml
K8SCluster
Services(Master)
API
P1 R1Worker
KP1 R2
WorkerK
P2 R2Worker
K
P3 R1Worker
K
P2 R3Worker
KP2 R1
WorkerK
P3 R1Worker
K
P4 R1Worker
KP4 R2
WorkerK
P4 R100Worker
K
Micro Focus Confidential
P1 R1Worker
KP1 R2
WorkerK
K8SCluster
Services(Master)
API
v1v1
Application Service
etcd
Rolling Update
Micro Focus Confidential
1
K8SCluster
Services(Master)
API
Application Service
etcd
P1 R1Worker
KP1 R2
WorkerK
P1 R1Worker
KP1 R2
WorkerK
v1v1
v2v2
2
Micro Focus Confidential
Rolling Update
Micro Focus Confidential
K8SCluster
Services(Master)
API
Application Service
etcd
P1 R1Worker
KP1 R2
WorkerK
P1 R1Worker
KP1 R2
WorkerK
v1v1
v2v2
Micro Focus Confidential
Rolling Update
Micro Focus Confidential
3
P1 R1Worker
KP1 R2
WorkerK
K8SCluster
Services(Master)
API
v2v2
Application Service
etcd
Micro Focus Confidential
Rolling Update
Micro Focus Confidential
4
Thank You.
#MicroFocusCyberSummit
#MicroFocusCyberSummit
Achieving Data-Centric Security Across Hybrid IT with SecureData Sentry
Alistair Rigg
CONFIDENTIAL AND PROPRIETARY. Roadmap information is confidential and subject to change. Please refer to the following “Confidential Information” and “Forward-looking Disclaimer” text for restrictions on use and a disclaimer regarding forward-looking info.
Customers with CDA
Confidential information. This Roadmap contains Confidential Information of Micro Focus and/or its
affiliates (“Micro Focus”), and is subject to change without notice. If you have a valid Confidential Disclosure
Agreement (“CDA”) with a Micro Focus entity, use of the Roadmap is subject to that CDA, and allowed solely
for the purpose of evaluating purchase decisions from Micro Focus.
Forward-looking Disclaimer. This document is not to be construed as a commitment by Micro Focus, its
affiliates, or by any participating company to develop, deliver, modify, or market a product, code, feature or
functionality, or to meet any dates, and should not be relied upon in making purchasing decisions. The
development, release, and timing of features or functionality described for Micro Focus products remains at
the sole discretion of Micro Focus. Micro Focus may change the contents of this document at any time
without obligation to notify any entity of the change. Micro Focus, its affiliates, and any participating
company make no representations or warranties with respect to the contents of this document, and disclaim
any express or implied warranties of merchantability or fitness for any particular purpose.
Micro Focus Confidential
Confidential information. This Roadmap contains Confidential Information of Micro Focus and/or its affiliates (“Micro
Focus”), and is subject to change without notice. If you have a valid Confidential Disclosure Agreement (“CDA”) with a
Micro Focus entity, use of the Roadmap is subject to that CDA and allowed solely for the purpose of evaluating purchase
decisions from Micro Focus. If not, it is subject to the following terms. For 3 years after disclosure, You may use the
Roadmap solely for the purpose of evaluating purchase decisions from Micro Focus. You must use a reasonable standard
of care to prevent disclosure. You will not disclose the contents of the Roadmap to any third party with Micro Focus’ prior
written approval unless it first becomes publically known or is rightfully received by you from a third party without duty of
confidentiality.
Forward-looking Disclaimer. This document is not to be construed as a commitment by Micro Focus, its affiliates, or by
any participating company to develop, deliver, modify, or market a product, code, feature or functionality, or to meet any
dates, and should not be relied upon in making purchasing decisions. The development, release, and timing of features or
functionality described for Micro Focus products remains at the sole discretion of Micro Focus. Micro Focus may change
the contents of this document at any time without obligation to notify any entity of the change. Micro Focus, its affiliates,
and any participating company make no representations or warranties with respect to the contents of this document, and
disclaim any express or implied warranties of merchantability or fitness for any particular purpose.
Customers without CDA
Micro Focus Confidential
Product Context & Vision
Enterprise Cloud Trends and Risks
Micro Focus Confidential
Cloud Trends Security Risks and Concerns
Cloud is the
#1 targetfor security spend increase by
Chief Security Officers2
An average of
27different cloud apps and services
are used by an enterprise1
1: The 2018 Global Cloud Data Security Study, by Ponemon Institute LLC, 20182: 2017 Security Priorities, survey of Chief Security Officers, IDG, 2017
Spinning up cloud workloads at the speed your business demands
Adopting XaaS IT solutions for hybrid computing opex economies
Accessing data for business processes and analytics
But Data Protection Must Not Hinder:
Protect “de-identified” data at global scale
Transfer protected/ingested data to the cloud
Maintain real-world value, control – usability
Eliminate the need to decrypt or use live data
Solution: Use De-identified Data in the Cloud
First name: John
Last name: Smith
Company: ACME
First name: Kijx
Last name: Yöecä
Company: aICb
Micro Focus Confidential
Compute
Data
Name SS# Credit Card #
Kwfdv Cqvzgk 161-82-1292 3712 3486 3545 1001
Veks Iounrfo 200-79-7127 5587 0856 7634 0139
Pdnme Wntob 095-52-8683 5348 9209 2367 2829
Eskfw Gzhqlv 178-17-8353 4929 4333 0934 4379
Jsfk Tbluhm 525-25-2125 4556 2545 6223 1830
Name SSN Credit Card #
James Potter 385-12-1199 3712 4567 8901 1001
Ryan Johnson 857-64-4190 5587 0806 2212 0139
Carrie Young 761-58-6733 5348 9261 0695 2829
Brent Warner 604-41-6687 4929 4358 7398 4379
Anna Berman 416-03-4226 4556 2525 1285 1830
CorporateData Center
VoltageServers
VoltageServersand / or
Name SS# Credit Card #
James Potter 385-12-1199 37123 456789 01001
Ryan Johnson 857-64-4190 5587 0806 2212 0139
Carrie Young 761-58-6733 5348 9261 0695 2829
Brent Warner 604-41-6687 4929 4358 7398 4379
Anna Berman 416-03-4226 4556 2525 1285 1830
Protect on-premises and deploy protected data to the cloud
Enable protect & access within compute workloads
Deploy Voltage Servers into AWS and Azure*
Plan for containerizationof Voltage Servers
opening up other cloud opportunities, incl. Google Cloud
SaaS data protection with Voltage SecureData Sentry
Platform Support and Design Fundamentals:Securing Cloud Workloads
Micro Focus Confidential
SecureDataSentry
Amazon Web Services
WindowsAzure
GoogleCloud Platform
Salesforce
Microsoft Dynamics CRM
Data Protection Approaches with Voltage SecureData Sentry and Direct Integration
Database Web UI Web Application Web Service Layer
HTTP REST JDBC
SecureDataSentry
1
SecureDataSentry
2
SecureDataSentry
3
SecureDataSimple API
UDF
5
SecureDataREST API
REST
4
Micro Focus Confidential
Integration with the Voltage SecureData Simple API
ssnfpe.protect(SSN) ssnfpe.access(SSNe)
SSN: 022-37-2773
Databases Logs, Reports, and Backups
Web Application(Java / Linux)
Web Form
SSN: 734-81-9292 SSN: 734-81-9292 SSN: 734-81-9292 SSN: 022-37-2773
Customer Service Application
(Windows .NET)
Atalla HSMs
Management Console
Key Servers
Micro Focus Confidential
Data Protection Alternate Approach with Voltage SecureData Sentry
ssnfpe.protect(SSN)
ssnfpe.access(SSNe)
SSN: 022-37-2773
Databases Logs, Reports, and Backups
Web Application(Java / Linux)
Web Form
SSN: 734-81-9292 SSN: 734-81-9292 SSN: 734-81-9292 SSN: 022-37-2773
Customer Service Application
(Windows .NET)
SecureDataSentry
Atalla HSMs
Management Console
Key Servers
Micro Focus Confidential
Voltage SecureData Sentry: Flows and Modes
Name: SmithSSN: 123-11-1123
Web Proxy
Native xDBC Driver
Wire Protocol
HTTP/S
HTTP/S
xDBC
REST/SOAP
Name: SmithSSN: 123-11-1123
Name: SmithSSN: 123-11-1123
Micro Focus Confidential
Voltage SecureData Sentry: Flows and Modes
Name: SmithSSN: 123-11-1123
Web Proxy
Sentry xDBC Driver
Sentry Engine
Stream Content Parsing
SentryManagement Console
ICAP/S
Native xDBC Driver
SQL
Wire Protocol
HTTP/S
HTTP/S
xDBC
Voltage SecureData Sentry
Voltage SecureDataKey & Web Servers
REST/SOAP
Name: MzigdSSN: 093-34-3945
Name: °¿1°Mzigd¿°SSN: °¿1°093-34-3945¿°
Protection ModeData Access & Protection
Salesforce Protection Module
Target Variables<App X> Protection Module
<App Y> Protection Module
Simple API / REST
Deployment Plans
<App X>
<App Y>
Salesforce
Inspection ModeData Discovery
+ Developer Mode
Application Profile
Discovery Template
Protection TemplateInspection
Protection Module
Variables & Expressions
Configure Protection
Proprietary Protocol
Micro Focus Confidential
ALM Octane
ALM/Quality Center
Salesforce Classic
Salesforce Lightning
Salesforce Health Cloud
Salesforce Financial Services Cloud
Office 365
SugarCRM
Microsoft Dynamics 365
Oracle Service Cloud
SharePoint 2013 and later
SAP Hybris Cloud4Customer
ServiceNow
Symantec Endpoint Protection Cloud
BMC Remedyforce
Nimonik
Fortinet Analyzer
And many, many more…
Supported Application Examples
Salesforce SAP Hybris Microsoft Fortinet
Micro Focus Confidential
Voltage SecureData Sentry TechnologiesMulti-Channel Protection
Protocols and APIs:
HTTP / HTTPS
SMTP
ICAP / ICAP-S
Content:
HTML
HTML5
XML
JSON
Protection Mechanisms:
Format Preserving Encryption (FPE)
Format Preserving Hashing (FPH)
Secure Stateless Tokenization (SST)
Identity Based Signature/Encryption (AES)
...
Additional Features:
Escaping, e.g. °¿1°kHy7h¿°
Key Management:
Stateless Key Management PDF
DOCX
GZIP
XLSX
CSV
REST
SOAP
JDBC
ODBC
custom and binary protocols
SecureDataSentry
Micro Focus Confidential
Voltage SecureData Sentry: Deployment OptionsPOC Setup
Squid Proxy is used
Proxy is configured directly in the browser
3128
Name: SmithSSN: 123-11-1123 Name: °¿1°Mzigd¿°
Ticket: #1 ProbName: °¿2°cPaj¿°Ticket: #2 Prob
Name: °¿3°Ofa3¿°Ticket: #3 Prob
Linux Server / VM
Voltage SecureDataSentryEngine
Squid Proxy
Linux Virtual Appliance
VoltageSecureDataServer
ICAP/-S
ServiceNow
Micro Focus Confidential
Only corporate proxy is used
Use of ICAP protocol
No changes to end user browsers
Corporate proxy can perform:
request filtering
authentication handling
Corporate proxy might not be able to forward user information:
IP of workstation
userid
Voltage SecureData Sentry: Deployment OptionsCorporate Proxy
Corporate Proxy
Name: SmithSSN: 123-11-1123
Name: °¿2°cPaj¿°Ticket: #2 Prob
Name: °¿3°Ofa3¿°Ticket: #3 Prob
Linux Server / VM
Voltage SecureDataSentryEngine
Linux Virtual Appliance
VoltageSecureDataServer
ICAP/-S
Micro Focus Confidential
Name: °¿1°Mzigd¿°Ticket: #1 Prob
ServiceNow
Corporate proxy may not support ICAP protocol
Corporate proxy is forwarding requests to Squid
No changes to end user browsers
Corporate proxy can perform:
request filtering
authentication handling
Corporate proxy might not be able to forward user information:
IP of workstation
userid
Voltage SecureData Sentry: Deployment OptionsProxy Chaining
Corporate Proxy
Name: SmithSSN: 123-11-1123
Name: °¿2°cPaj¿°Ticket: #2 Prob
Name: °¿3°Ofa3¿°Ticket: #3 Prob
Linux Server / VM
Voltage SecureDataSentryEngine
Squid Proxy
Linux Virtual Appliance
VoltageSecureDataServer
Micro Focus Confidential
Name: °¿1°Mzigd¿°Ticket: #1 Prob
ServiceNow
Product Roadmap
2H 2018 Future Future
FutureAvailable FutureSecureData Sentry Roadmap
Micro Focus Confidential
SecureData Sentry v3.0
ICAP proxy interception of SaaS applications
Dataflow inspection
JDBC driver interception of COTS and proprietary applications
SecureData Sentry (Marketplace & search index)
Container marketplace
Generic search index
Generic web services integration
New application support
SecureData Sentry (Governance checker)
Governance checker
New application support
SecureData Sentry (UBA & adaptive protection)
Adaptive protection profiles
User behavior analysis
New application support
SecureData Sentry
ODBC driver interception of COTS and proprietary applications
LDAP authentication/ authorization methods
New application support
SecureData Sentry (Multi-tenancy & orchestration)
MSS multi-tenancy
Container orchestration
UI integration
Workflow engine
New application support
SecureData Sentry (Container)
Basic containerization of major services
Contextual selection/ definition of protection mechanism
Autopass integration
New application support
Software product roadmaps indicate Micro Focus’ directional intention at a point in time. In an evolving environment, roadmaps are subject to change and are therefore not a commitment or representation by Micro Focus to develop, modify, market or deliver a software product, code or functionality or to meet any specific timetable. They are also confidential information and therefore not for disclosure to others or use other than for your evaluation of a business relationship with Micro Focus.
Feature Description
ODBCInterception
Similar to the existing JDBC interception functionality, adds the capability to intercept ODBC traffic. Data can now be redirected to Sentry’s own ODBC drivers (Windows, Debian) for protect and access operations between applications using the ODBC API and supported databases.
LDAP Username + Password Auth
Enables username and passwords provided to the JDBC driver by an application to be used to query an LDAP directory. This enables LDAP group membership to be used as an authorization method via JDBC.
LDAP Username + Shared Secret
Auth
Enables username provided to the proxy by an application to be used to query an LDAP directory. This enables LDAP group membership to be used as an authorization method in combination with a shared secret.
New application support
Support has been added for Micro Focus ALM/Quality Centre, and Oracle ServiceCloud.
Upgrades Integration with SimpleAPI 5.20, Flyway 5.1.1, UI internationalization (Japanese), bug fixes, etc.
Voltage SecureData Sentry – FutureThis is a rolling (up to three year) Roadmap and is subject to change without notice.
Micro Focus Confidential
Software product roadmaps indicate Micro Focus’ directional intention at a point in time. In an evolving environment, roadmaps are subject to change and are therefore not a commitment or representation by Micro Focus to develop, modify, market or deliver a software product, code or functionality or to meet any specific timetable. They are also confidential information and therefore not for disclosure to others or use other than for your evaluation of a business relationship with Micro Focus.
Feature Description
Basic Containerization
Dockerization of major services. Docker swarm.
Contextual protection
Define and select different Voltage protection formats via the Control UI rather than having to edit PFL
Autopassintegration
Automatic license verification.
xDBC enhancements
Addition of new SQL statement parsing to JDBC and ODBC wrappers: e.g., detecting column and table names, etc.
New application support
Office 365 Support: In scope: Dynamics, Online Office, SharePoint, OneDrive. Out of scope: Azure AD, Exchange (reason: exchange model currently complex but imminently to be simplified--so waiting on "Outlook 2019" for REST interface).
Voltage SecureData Sentry – ContainerizationThis is a rolling (up to three year) Roadmap and is subject to change without notice.
Micro Focus Confidential
Software product roadmaps indicate Micro Focus’ directional intention at a point in time. In an evolving environment, roadmaps are subject to change and are therefore not a commitment or representation by Micro Focus to develop, modify, market or deliver a software product, code or functionality or to meet any specific timetable. They are also confidential information and therefore not for disclosure to others or use other than for your evaluation of a business relationship with Micro Focus.
Feature Description
Container orchestration
Kubernetes integration and orchestration.
UI integration Orchestration of Sentry UI with SDA's management console for a single pane of glass.
Workflow engineEnables dual control for configuration changes. Introducing approval workflows to define access to data. Integration in customer processes. Required for user behavior analysis later.
MSS multi-tenancy
Support for managed security service model.
New application support
New templates, application profiles, and/or wrapper extensions added as required and access to application environments permit.
Voltage SecureData Sentry – Multi-Tenancy & Orchestration
This is a rolling (up to three year) Roadmap and is subject to change without notice.
Micro Focus Confidential
Micro Focus Confidential
Software product roadmaps indicate Micro Focus’ directional intention at a point in time. In an evolving environment, roadmaps are subject to change and are therefore not a commitment or representation by Micro Focus to develop, modify, market or deliver a software product, code or functionality or to meet any specific timetable. They are also confidential information and therefore not for disclosure to others or use other than for your evaluation of a business relationship with Micro Focus.
Feature Description
Containermarketplace
Availability of Sentry containers in major cloud marketplaces.
Generic Search Index
Partial search enablement generally application across all cloud/SaaS apps.
Generic Web Services
integrationTBC
New application support
New templates, application profiles, and/or wrapper extensions added as required and access to application environments permit.
Voltage SecureData Sentry – Marketplace IntegrationThis is a rolling (up to three year) Roadmap and is subject to change without notice.
Micro Focus Confidential
Micro Focus Confidential
Software product roadmaps indicate Micro Focus’ directional intention at a point in time. In an evolving environment, roadmaps are subject to change and are therefore not a commitment or representation by Micro Focus to develop, modify, market or deliver a software product, code or functionality or to meet any specific timetable. They are also confidential information and therefore not for disclosure to others or use other than for your evaluation of a business relationship with Micro Focus.
Feature Description
Governance checker
Check existing configurations against a set of regulations to identify potential compliance or non-compliance, i.e.: protection of PII for GDPR requires a set of fields to be protected
New application support
New templates, application profiles, and/or wrapper extensions added as required and access to application environments permit.
Voltage SecureData Sentry – Governance CheckerThis is a rolling (up to three year) Roadmap and is subject to change without notice.
Micro Focus Confidential
Micro Focus Confidential
Software product roadmaps indicate Micro Focus’ directional intention at a point in time. In an evolving environment, roadmaps are subject to change and are therefore not a commitment or representation by Micro Focus to develop, modify, market or deliver a software product, code or functionality or to meet any specific timetable. They are also confidential information and therefore not for disclosure to others or use other than for your evaluation of a business relationship with Micro Focus.
Feature Description
Adaptive protection
profiles
Application independent. Identification of certain content independent of target application and protect based on customer policy. E.g., if policy is to protect CCN. Independent of the application, detect CCNs and protect.
User behavior analysis
Based on log information, a baseline analysis on user behavior. Ability to alert when threshold values are achieved. E.g., a sales rep downloads ~10 contacts per week from SFDC. When he leaves, he downloads 100s of them—anomaly that can be detected, reported, blocked, etc.
New application support
New templates, application profiles, and/or wrapper extensions added as required and access to application environments permit.
Voltage SecureData Sentry – UA & Adaptive ProtectionThis is a rolling (up to three year) Roadmap and is subject to change without notice.
Micro Focus Confidential
Micro Focus Confidential
Software product roadmaps indicate Micro Focus’ directional intention at a point in time. In an evolving environment, roadmaps are subject to change and are therefore not a commitment or representation by Micro Focus to develop, modify, market or deliver a software product, code or functionality or to meet any specific timetable. They are also confidential information and therefore not for disclosure to others or use other than for your evaluation of a business relationship with Micro Focus.
Thank You.
#MicroFocusCyberSummit
#MicroFocusCyberSummit
Insight into Critical Data Usage Using SecureData with Enhanced DCAP Support
Reiner Kappenberger
DCAP – Data Centric Audit and Protection (Gartner Term)
SecureData covers:
Data Centric
Protection
SecureData improvements
Audit
Micro Focus Confidential
Thank You.
#MicroFocusCyberSummit
#MicroFocusCyberSummit
Unstructured Data Protection with Covertix, the Latest Addition to the Data Security PortfolioKevin McLeod
Micro Focus acquisition
In development since 2009
Based in Israel
Available on the market since 2014, mainly in EU and EMEA
Highly inclusive patent around transparent data protection and end user access control
Complementary product to Voltage SecureMail and SecureData
Part of the Voltage data security pillar within Micro Focus
Available to transact deals late September
Some major accounts already on board (mainly in EMEA & UK)
UK government account with 220K licenses
London and US based financial account with 2000 licenses and expansion options
Microprocessor firm in the Netherlands with 5000 licenses
What is Covertix?
Micro Focus Confidential
Unstructured data management solution
Discovery (initial and continuous)
Classification (initial and continuous)
Data Protection (encryption)
Monitoring (open, edit, save, cut/paste, print, send, etc.)
Access Control (by whom, to what and in which ways they interact)
Reporting and Audit (general and regulatory-specific, such as GDPR, SIEM, etc.)
Alerts (centralized SOC based and department-specific)
3rd party collaboration
Covers all data movement and usage use cases (Consider that the controls you have on your internal network are not necessarily in use or available everywhere your data is used) including email (Outlook)
POLICY DRIVEN
Covertix – Feature Overview
Micro Focus Confidential
Industry Standard & Phrases (where we stand)
Micro Focus Confidential
Covertix offers complete control and protection of files when shared with internal and external parties.
Covertix offers monitoring & tracking of files at any location including within the cloud.
Covertix offers automatic classification and protection of files based on defined policies.
Covertix runs without affecting business continuity or user behavior.
IRM: Information rights management - is a subset of digital rights management (DRM) technologies that protect sensitive information from unauthorized access. It is sometimes referred to as E-DRM or Enterprise Digital Rights Management.
DLP: Data loss prevention - is a strategy for making sure that end users do not send sensitive or critical information outside the corporate network. The term is also used to describe software products that enable a network administrator to control what data end users can transfer.
Data-centric security: is an approach to security that emphasizes the security of the data itself rather than the security of networks, servers, or applications.
Transparent File Encryption: is a method to protect a file, but allows the file to appear normal to users and applications that have the access rights to interact with the file.
Covertix controls and protects files by encapsulating a file with encryption and attaching a pre-defined policy into a single entity.
We will refer to the “encapsulated file and policy”, as a protected file.
Each protected file is encrypted with AES256 standard encryption in order to prevent unauthorized access to the file, or its policy.
Violations (unauthorized actions) can occur when a user tries to perform an action on a file to which they do not have rights.
Violations and controls are recorded in the database.
Control and Protection
Micro Focus Confidential
Examples of violations include:
An unauthorized user attempts to open a protected file.
A user attempts to send a file to an external parties which is prevented by a policy.
An user opens a protected file to which they have read rights, but then attempts to perform an unauthorized action like print, copy, save as, etc.
Authorized actions are also recorded in the database, in order to control the files and user actions.
Example of controls:
A user opens a protected file to which he has rights
A user, with send rights to a protected file, sends the file to an external party
A user, with appropriate rights, opens a protected file and performs authorized actions like print, copy, save as, etc.
Block operations such as cut & paste
Notify and block unauthorized attachments and body content in email
Scan specified types of documents for certain types of content such as PII, PCI, PHI, etc. and then notify the user notify and block the operation, or notify the user and allow an exception. (BIG DEAL)
Control and Protection
Micro Focus Confidential
Covertix applies policies based on a number of factors, including but not limited to, AD security groups, users, authors, content, location, etc. Policies can be associated with classifications and are applied as follows:
Crawler tasks discover, classify and protect existing terabytes of unstructured data that exist within the enterprise.
Enterprise enforced polices are applied whenever a threshold is met or an action is taken on the file. This applies the classification and polies without the user’s interaction or request. It is performed automatically.
User interaction allows the user to apply a classification and policy to the file manually.
The Covertix classification feature allows an enterprise to organize their data into categories, and then encrypt and report on the data based on those categories. Classification allows for an easy and efficient use of storage and retrieval of the data. This can be of particular importance for risk management, legal discovery and compliance personnel within the organization
Policies and Classification
Micro Focus Confidential
Three Modes of Operation/Protection
Micro Focus Confidential
Discovery File operations are monitored and
reported.
All actions performed on the file will display in the Reports window.
Files are not encrypted or protected in this mode.
Simulate File operations are monitored and
reported.
All actions performed on the file will display in the Reports window.
Files are not encrypted or protected in this mode.
Any violation of a policy by a user is displayed in the Alerts window and is reported but not blocked. This mode allows you to simulate new policies without interfering with normal workflow.
Active File operations are monitored and
reported.
All actions performed on a file displays in the Reports window.
Files are encrypted and protected.
Any violation of the policy is displayed in the Alerts window and is reported.
The user is blocked from performing activities on the file as defined by the appropriate rules.
Covertix supports content policies - I.e. a policy which is triggered (or not) according to the content within a file. Supported content file types include files created within Microsoft Office, PDFs, and any 3rd party application with an Ifilter*.
Content rules are based on dictionaries and/or regular expressions. Existing dictionaries can be edited or new ones can be created.
Combining content policies with a crawler allows customers to automatically discover sensitive data on the network and perform security actions on that data.
Support for Content Policies – Discovering Sensitive Data
Micro Focus Confidential
* IFilter is a plugin that allows Microsoft's search engines to index various file formats (such as documents, email attachments, database records, audio metadata, etc.) so that files are searchable.
Covertix’s SmartCipher Solution has the unique ability to crawl, identify and protect gigabytes and terabytes of data stored on dozens of file servers, network-attached storage devices, and Cloud service providers such as Dropbox, OneDrive and Google Drive.
SmartCipher’s Crawler is an agent-based task that uses ifilters to open documents stored in any shared file storage location.
SmartCipher’s rules are robust and granular, and can use regular expressions and/or dictionary words, and/or can search by author, department, location.
Within the rules, thresholds can be set. Once a threshold is met, the engine will apply a classification and policy to the data, thereby protecting what matters most to an organization.
Crawler
Micro Focus Confidential
SMTP (email) alerts – Covertix alerts users and admins when any defined violation occurs. For example, an alert can be created to notify a CFO of an high-tech company by email when anyone opens a highly sensitive pre-IPO file. Or, a doctor can be notified when anyone opens a sensitive patient file.
Syslog alerts – (a collection log from 3rd party loggers)Many companies use a logging server to collect logs from numerous applications and send alerts when a specified threshold is reached. Covertix supports syslog alerts by generating and sending a log file to a specified external 3rd party server. This log can then be modified by the admin user according to his syslog application. In further support of this, deeper integration with ArcSight is under consideration.
Alert Capabilities
Micro Focus Confidential
Monitoring and TrackingMonitor and track files based on 22 different OS and application actions
Micro Focus Confidential
Start Drag
Print Screen
File Copy
File Delete
File Move
File Rename
File Save
File Save As
Outlook Task Send
Outlook Task Received
Drop from Outlook
Drop
Open
Copy/Cut Content
Paste Content
Email Send
Email Received
Outlook Meeting Request Send
Outlook Meeting Request Received
Covertix has an extensive report generator which simplifies analysis of user data in order to obtain a secure and monitored environment.
Reports are customizable and can be configured to meet any needs, regulatory or otherwise.
The Covertix Dashboard allows an administrator to keep a hand on the pulse and react to any violation or trend in real time.
Reporting and Dashboard
Micro Focus Confidential
CyberArk integration allows a bank to share documents through CyberArk vault, but ensures that the consumption of these documents outside of the organization (outside CyberArk Vault) is audited and controlled via the Covertix solution.
Dropbox integration allow customers who use Dropbox file sharing to protect automatically uploaded files and manage file uses whenever the file travel outside the premises.
Varonis integration with Covertix provides customers the following feature to add to their solution:
Protection of sensitive data in motion and at rest inside and external to the organization
IRM (Information Rights Management) control on sensitive data
Audit trail for data after it’s left the organization
Secured view of files and documents by external parties
3rd Party Integration
Micro Focus Confidential
Thank You.
#MicroFocusCyberSummit
#MicroFocusCyberSummit
Expanding Secure Communication Beyond Your Network using SecureMail
July 2018
Anthony Knight, Global Product Manager
© 2018 Micro Focus Private | Confidential | Internal Use OnlyMicro Focus Confidential
Enables the user to read and send encrypted email
Download from the App Store and Google Play
SecureMail Mobile
Micro Focus Confidential
Enables the user to read and send encrypted email
Download from the App Store and Google Play
SecureMail Mobile
Micro Focus ConfidentialMicro Focus Confidential
Removed app passcode – now uses device passcode
Improved internationalization – incl. language support
Preview Microsoft files – within the app
iPhone 10 support – incl. UI enhancements
Improved attachment support – for any file format
Extended support for attachments – incl. files from cloud storage including iCloud, OneDrive, Google Drive, Dropbox etc.
SecureMail Mobile iOS App – Feature Overview
Micro Focus Confidential
Preview attachment – while composing a secure message
New instruction tutorial – to improve usability for 1st time users
External file support – from file app, tap sharing icon to add as an attachment with Voltage SecureMail
Face ID/Touch ID authentication – add’l layer of security, can be toggled on or off as needed
SecureMail Mobile iOS App – Feature Overview
Micro Focus Confidential
Add attachments from camera
Designate recipients
Attach additional file types – incl. .pdf, .doc, .xml, .html from Google drive, Dropbox etc.
Open and add files from cloud apps – to Voltage SecureMail(from external and cloud storage)
SecureMail Mobile Android App – Feature Overview
Micro Focus Confidential
DEMO – SecureMail Mobile
End User DLP – on device
Covertix integration
Simplified user onboarding
Push notifications – to iWatch, etc.
Apple Watch integration
OWA
SecureMail Mobile App – Future Plans
Micro Focus Confidential
Micro Focus Confidential
Software product roadmaps indicate Micro Focus’ directional intention at a point in time. In an evolving environment, roadmaps are subject to change and are therefore not a commitment or representation by Micro Focus to develop, modify, market or deliver a software product, code or functionality or to meet any specific timetable. They are also confidential information and therefore not for disclosure to others or use other than for your evaluation of a business relationship with Micro Focus.
Thank You.
#MicroFocusCyberSummit
#MicroFocusCyberSummit