(slides) an ounce of prevention is worth $5.9m: how to use symantec unified security to prevent data...

WEBCAST: AN OUNCE OF PREVENTION 1WEBCAST: AN OUNCE OF PREVENTION

Chris Wargo, CISSP, CISAPresenter:

An Ounce of Prevention Is Worth… $5.9M

How to use Symantec Unified Security to prevent data breaches due to lost or stolen devices

WEBCAST: AN OUNCE OF PREVENTION

Agenda

About infoLock Technologies

The Lost or Stolen Device Problem

The Symantec Unified Security Solution

Business Use Cases

Q&A

2


About infoLock Technologies

3

• Information security consulting & integration services

• Symantec Security Focus Partner

• DLP Master Specialist & INSIGHT DLP Appliance developer

• 100+ DLP, Encryption, and Mobility implementations; customers range from 100 to 40,000+ users

• Customers in all industry verticals – financial services, healthcare, insurance, government, technology, legal, manufacturing, and telecommunications


58% of employees store company-sensitive information on their personal devices

40% of employees use sensitive business data they have taken with them when they changed companies

More than 50% of employees send business documents to their personal email and don’t delete them after use

One-third of employees move work files to file sharing apps without permission

Sources:What’s Yours Is Mine: How Employees are Putting Your Intellectual Property at Risk, Symantec & Ponemon InstituteSecurity Awareness Training: It's Not Just for Compliance, Enterprise Management Associates

Mobile Workforce + BYOD = Risk

Credit Suisse Says VP Stole Secrets

4

WEBCAST: AN OUNCE OF PREVENTION 5

The lost or stolen device problem

The average value of one lost laptop is $49,2461

49% of data breaches in the healthcare industry are caused by lost or stolen computing devices2

31% of data breaches across all industries are caused by human error, including lost or stolen devices3

When the loss or theft of a device causes a data breach, the total cost increases by as much as $18 per lost record3

Sources:(1) The Billion Dollar Lost Laptop Problem, Ponemon Institute, 2010(2) Fourth Annual Benchmark Study on Patient Privacy & Data Security, Ponemon Institute, 2014(3) 2014 Cost of Data Breach Study: United States, Ponemon Institute


The average cost of a data breachin the US is $5.9 Million


Symantec Unified Security is the Solution

No single technology can prevent data breaches due to lost or stolen devices. By using Symantec’s multi-layered Unified Security approach, however, you get the comprehensive protection you need to safeguard your critical data and ensure that a lost or stolen device doesn't end up costing you millions.


DATA LOSS PREVENTION

ENCRYPTION

MOBILITY SUITE

1. Locate and monitor your critical data

2. Encrypt and protect data on endpoints

3. Manage and secure mobile devices

Unified Security Model


Locate and monitor critical data

Symantec Data Loss Prevention enables you to discover, monitor and protect confidential information wherever it is stored or used

• Email, web, and other network-based communications• Servers, databases and other document repositories• Laptops, desktops, and removable storage• Mobile devices• Cloud applications

DATA LOSS PREVENTION

MANAGE

MANAGE

DISCOVER

• Identify scan targets

• Run scan to find sensitive data on network & endpoint data

• Enable or customize policy templates

• Remediate and report on risk reduction

MONITOR

11

22 33

PROTECT

44

55

• Inspect data being sent

• Monitor network & endpoint events

• Block, remove or encrypt

• Quarantine or copy files

• Notify employee & manager

How It Works

10


Threat Coverage

USB/CD/DVD

Stored data

Email

Instant Message

FTP

SharePoint / Exchange

Databases

File Servers

Print/Fax

DLP PolicyMonitoring & PreventionDiscovery & Protection

Webmail

Web servers

Untrusted networks

11



Detection Technology

DescribedContent Matching

Indexed Document Matching

Vector Machine Learning

DESCRIBED DATA

Non-indexable data

Lexicons

Regular Expressions

Data Identifiers

STRUCTURED DATACUSTOMER DATA

Customer / EmployeeData

Partial row matching

Near perfect accuracy

UNSTRUCTURED DATAINTELLECTUAL PROPERTY

Designs / Source / Financials

Derivative match

Near perfect accuracy

UNSTRUCTURE DATAINTELLECTUAL PROPERTY

Designs / Source / Financials

Derivative match

Very High Accuracy

300M+ rows per server 5M+ docs per server

Exact Data Matching

12


Symantec Difference – Workflow

80% of DLP is Incident Response

13

Right Automation Resolution, Enforcement, Notification

Right Person Route Incidents to Right Responder

Right Order High Severity of Incidents First

Right Information 5 Second Test

Right Action 1 Click Response

Right Metrics Prove Results to Execs and Auditors


Symantec Data Loss Prevention Products

14

Management PlatformSymantec Data Loss Prevention Enforce Platform

STORAGE ENDPOINT

Network Discover

Data Insight

Network Protect

Endpoint Discover

Endpoint Prevent

Mobile Email Monitor

Network Monitor

Network Prevent for Email

Network Prevent for Web

NETWORK

Mobile Prevent


Symantec Data Loss Prevention for Mobile

Corporate Email

Web Applications

Third Party Apps

Monitor confidential data downloaded to company and employee-owned devices

Monitor and block confidential data sent from company-owned devices

Mobile Email Monitor Mobile Prevent

15


Encrypt and protect data on endpoints

ENCRYPTION

Symantec Encryption enables organizations to deliver enterprise-wide data protection. Our solutions provide standards-based technology, centralized policy management, compliance-based reporting, and universal management for your encryption products.


Symantec Encryption Products

17

Management ConsoleSymantec Encryption Management Server

File Share Encryption

Drive Encryption

Removable Storage Encryption

Gateway Email Encryption

STORAGE ENDPOINT NETWORK


Reduces cost and accelerates deployment using a single unified console to oversee operations

Enforces security policies automatically from a centrally-managed console

Provides robust compliance reporting across multiple products (endpoint encryption, email encryption, etc.)

Integration with Symantec Protection Center; correlates endpoint status to identify unprotected systems and remediate accordingly

Symantec Encryption Management Server


Comprehensive Multi-Platform Coverage

Optional Silent Deployment

High Performance

Provides Safe Harbor should a device be lost or stolen

Protects against unauthorized access

Symantec Drive Encryption


Safeguard intellectual property

Share encrypted data easily and seamlessly

Transparently manage security policies through directory integration

Decrypts and encrypts data without an installed client (offline access)

Enables access to encrypted data on Windows and Mac computers

Symantec Removable Storage Encryption


Defense-In-Depth: Encryption + Data Loss Prevention

21

Network DLP / Email Gateway Encryption• Automatically encrypt emails containing sensitive data• Notify employees in real time/context about encryption

policies and tools

Storage DLP / Shared Storage Encryption• Discover where confidential data files are stored and

automatically apply encryption• Ease the burden to staff with near transparence

Endpoint DLP / Endpoint Encryption• Target high risk users by discovering what laptops contain

sensitive data• Protect & enable the business by targeting encryption

efforts to sensitive data moving to USB devices


Manage and secure mobile devices

Symantec Mobility: Suite 5.0 provides an integrated modular solution to centrally manage and provide secure use of mobile devices for your organization

MOBILITY SUITE


Symantec Mobility: Suite 5.0

Symantec™ Mobility: Suite

Mobility: Device Management (MDM)

Mobility: Application Management (MAM)

Includes Secure Email and Secure Web

Mobility: Threat Protection powered by

Norton™

23


Provides visibility and control over smartphones and tablets

Provides anti-theft functions to locate, lock, reset, and wipe the device

Advanced security settings ensure compliance to internal and external security requirements

Prevents non-compliant devices from connecting to corporate assets.

Symantec Mobility: Mobile Device Management


Symantec Mobility: Application Management

Protects corporate apps and data by wrapping a layer of security and policy management around mobile apps without any source code changes or SDK embedding

Provides granular control of corporate apps and data with comprehensive per-app policies

Containerizes corporate apps – providing clean separation between corporate and personal data for BYOD organizations

Enables self-service distribution of apps through Enterprise App Store with roles-based security and data protection


Symantec Mobility: Threat Protection

Enables compliance with policy and regulatory requirements

Protects against viruses, snoopware, data theft, SMS scams, and mobile malware

Restricts vulnerabilities and possible attack vectors by enabling only required phone features


Use Case: Financial Services Firm

The Situation:Auditors and accounting staff use laptops and smartphones when working at customer sitesThe Risk:Devices may contain sensitive corporate and/or customer data and could represent data breach if lost or stolen; Smartphones could be used to attempt unauthorized access to corporate networkThe Solution:Use Symantec DLP to locate and identify sensitive data on devices; Use Symantec Encryption to encrypt laptop hard drives and protect data; Use Symantec Mobility Suite to enforce corporate security policies and control access to corporate network


Use Case: High Tech Manufacturing Firm

The Situation:Engineering and design staff utilize portable computing and data-bearing devices when traveling between offices and manufacturing plantsThe Risk:Hard drives and removable storage devices may contain sensitive corporate information, including valuable intellectual property; Malicious insiders could try to remove sensitive data and sell to competitorsThe Solution:Use Symantec DLP to locate sensitive data on devices, monitor use, and prevent unauthorized transfer; Use Symantec Encryption to encrypt drives and storage devices to protect data in the event of loss or theft


Use Case: Healthcare Provider

The Situation:Doctors and healthcare providers use smartphones and tablets for care delivery; administrators use laptops and removable storage for business process, billing, and claims related tasksThe Risk:Smartphones and tablets may be used for personal use, exposing sensitive ePHI and diagnostic information; Portable computing devices may contain large amounts of sensitive patient data and financial informationThe Solution:Use Symantec Mobility Suite to wrap diagnostic apps, control usage, and provide secure access; Use Symantec Encryption to ensure that all sensitive data is protected in the event of loss or theft


Conclusion

The Mobile Workforce and BYOD are trends that are here to stay. Portable computing and heterogeneous mobile devices will continue to proliferate, and our sensitive data will follow with them. There is no single point solution that can protect your organization. You need a multi-layered Unified Security approach that protects your critical information wherever it is used to ensure that a lost or stolen device doesn’t end up costing you millions.


For more information:Chris Wargo

[email protected]

Thank you!

mailto:[email protected]

(slides) an ounce of prevention is worth $5.9m: how to use symantec unified security to prevent data...

Technology

ounce of prevention2

ounce of prevention58

data breachin

patient privacy data

sensitive business data

lost record3sources

cost of data breach

unified security model1