mike bass - why i quit my dream job at citi: a data centric approach to key management

Ionic Security Inc. PUBLIC INFORMATION

Why I Quit My Dream Job At Citi: A Data Centric Approach to Key Management


I’ve spent most of my career focusing on cryptography & identity. Just a few of the companies I have worked for over the years


Deal Rooms

Internal and External

Secure Collaboration

BYOD

Mobile

Cloud

Secure Storage

Custom Apps

(SDKs and APIs)

Secure Email

Publications

and Reports

KEY MANAGEMENT

~ 40,000 developers

Over 108 countries

Scores of regional regulations and

jurisdictions

Thousands of COTS and custom

applications


Does this secure your data?

- Encryption Algorithm?- Hashing Algorithm?- Key Size?- Random Number Generation?- Key expiration?- Key Storage?- Password for the key?- Password storage?

Data Security

Policy

Secure Email

Secure Storage


Cloud

MobileBYOD

Publications and Reports

Deal Rooms

Custom Apps (SDKs and

APIs)

Data Security Policies and

Standards


Does this really represent your data?


Does this?


Data Security

Policy

Secure Email

Secure Storage


Cloud

MobileBYOD


Deal Rooms


APIs)

Centralized data security policy locally interpreted and implemented

leads to implementation silos and constrained data

Data Security

Policy

Secure Email

Secure Storage


Cloud

MobileBYOD


Deal Rooms


APIs)


|Cloud|

A World of Constrained Data – Have you enabled the

business?

Your Business Your Partners

|Customers||BYOD|

Data Constrained

Ionic Security Inc. PUBLIC INFORMATION 12

Authorized users & groups

Embargo & Expiration

Data jurisdiction / Physical location restrictions

Data classification level

Usage restrictions; cut/copy/print/save as…

What

When

Where

Who

How

Enforced Policies

User and device identity

Time-stamped access history

Location of user

Data is being accessed

Record actions performed with data

What

When

Where

Who

How

Real-time Visibility

Cross-group accesses

Unusual access patterns

Conflicting locations

Anomalous data alerts

High velocity or risky behaviors

What

When

Where

Who

How

Behavior Analytics


Data Protection as a Service

• What

• Where

• When

• How

• Who

Data Policy

• What

• Where

• When

• How

• Who

Data Visibility

• What

• Where

• When

• How

• Who

Data Analytics

Encryption

Access Control and

Authorization

Data Jurisdiction

and Regulatory Compliance

Data Control

Visibility and Analytics

Classification and Tagging

DPaaS



DPaaS

Classification and Tagging Service

Information Protection Policy Service

Analytics and

Reporting

Key Distribution Service

IPaaS Enabled AppContent Creation

IPaaS Enabled AppContent Consumption

Policy Updates

Secret Key

Authentication

Data analysis (Classification,

retention, participants…)

Policy Updates

Secret Key

Authentication

Data Access Request

New Secret Key

Data analysis (Classification,

retention, participants…)


Security Policy


DATA, unconstrained

Policy Driven

Machine enforceable

Data protection

with Visibility,

Analytics and on

premise key residency

for structured and

unstructured dataData Control


DATA, Unconstrained

Your Business Your Partners

Customers|BYOD|Citizens|…

Federated Interoperable Data

Protection Cloud Services

DPaaS Vendor C

DPaaS Vendor B

DPaaS Vendor A

Data Control

Data Control Data Control

Data Control Data Control


What could your lines of business do with the analytics?

What if you knew the location, access usage and retention

period of every duplicate file everywhere in and outside of your

organization?

How much more value could you get with your data if you had

complete visibility and control?

What else can you do with all of that data?

Data On Your Data = Money

Ionic Security Inc. PUBLIC INFORMATION 19

So Why Did I quit?


Contact Information:

Mike BassHead of Customer Strategy

[email protected]

mike bass - why i quit my dream job at citi: a data centric approach to key management

Technology