SlideShare une entreprise Scribd logo

Mcafee dyntek

L
liquidnetzero
Technologie
1  sur  32
McAfee Data Protection ©© 2007 McAfee, Inc. 2007 McAfee, Inc.
Agenda • The Problem: Data is Lost or Stolen Everyday! • Securing Data Requires Different Thinking • McAfee’s Data Protection Solution — Introducing Total Protection for Data (ToPS Data) • Summary
The Problem Data is Lost or Stolen Everyday! © 2007 McAfee, Inc.
Data Loss: Next Inevitable Corporate Disaster? Explosive Growth Escalating Privacy Public Embarrassment of Mobile Devices Regulations and Disclosure Cost USB Sold Memory Sticks Units BlackBerry SmartPhone Palm/Treo PocketPC + Laptops Desktops 1995 2000 2005 2010 Data Protection: #1 CISO Priority Today 2007 CISO Survey
Increasing Regulatory Pressure US Government • Growing in number and OMG Initiative (USA) US Senate Bill 1350 Proposed complexity (USA) Data Protection Act (Japan) • Public disclosure is California SB 1386 (USA) Sarbanes- Oxley required in the event of (USA) Government Network data loss Security Act (USA) Gramm-Leach-Bliley • Intellectual property loss (USA) Data Protection Act and theft is also a concern HIPAA (UK) (USA) GISRA Directive on Protection (USA) of Personal Data (EU) Datenschutz (Germany)
Increasing Need for Mobile Access to Data USB Explosive Growth in Mobile Devices Sold Memory Sticks Units • Information and data moving out of corporate perimeter BlackBerry SmartPhone • Storage capacity grows as devices become smaller Palm/Treo PocketPC • Advances in mobile device Laptops technology will continue to produce new and more powerful devices Desktops 1995 2000 2005 2010
Increasing Risk of Information Theft • 19 people a minute become new victims of identity theft due to data breaches1 • During a 3 year period, over 217 million Americans were victims of identity theft or exposure2 • Each data breach costs an average of $6.3 million3 • A typical Fortune 1000 company can’t locate 2% of their PC’s4 • A typical Fortune 1000 financial institution loses 1 laptop a day5 1. Identity Theft Resource Center, 2007 2. 2007 Ponmon Institute Cost of Data Breach study 3., 4., 5. www.privacyrights.org
Understanding the Risk The Market Value of Your Sensitive Data $980-$4,900 $147 Trojan to steal Birth certificate account information $490 $98 Credit Card Social Security card Number with PIN $6-$24 $78-$294 Credit card number Billing data $6 $147 PayPal account Driver's license logon and password
The Major Endpoint Threats 1 2 Physical loss or Unauthorized theft of laptops and transfer of data to mobile devices external devices 3 4 Unintentional Privileged users distribution via breach the data e-mail, web, etc. 5 6 Information User applications escapes via print, 7 hacked CD-ROM, DVD, etc. Trojans/key loggers/malware
The Major Endpoint Threats “I’ve seen organizations spend hundreds of millions of dollars on security safeguards that were penetrated by a knowledgeable person with a handheld device.” Bill Boni CSO, Motorola
Securing Data Requires Different Thinking © 2007 McAfee, Inc.
Today’s Security Solution Gap Anti-virus • Most ―information security‖ products don’t actually ―secure information‖ Change/Patch Authentication Management — They are designed to protect Threat networks and servers VPN Detection Anti-virus — They do little to protect the LAN confidentiality and integrity of Clients information Web Filtering Anti-spyware Servers • Information is in constant motion Firewall —making it difficult to lock down
Current Approaches to Security Do Not Protect the Most Valuable Asset: Your Data System-centric view of data protection: Protect the perimeter, one system at a time User Authentication Sensitive Data Access Control
Data Protection Requires Different Thinking Data is not static, so security cannot be static – it must persist with the data itself. This is Data-Centric Protection. Encryption Strong Authentication Data Loss Prevention Device Control
Throwing Point Tools at the Problem Doesn’t Work! Non-security staff must manage myriad of point High Management security systems. Compounds with changes in Cost personnel and systems No Alignment You are unable to align needs with security to Policy policy requirements Managing the lifecycle of security rules becomes Life Cycle overly complex, increasing infrastructure Vulnerabilities vulnerability Broken Business Businesses processes break as systems go Processes their own way on security Lack of centralized monitoring and auditing Data Loss Risk opens vulnerabilities that could lead to data loss
Data Protection Requires Different Thinking Easy to Lose Easy to Transfer Enticing to Steal $490 $147 ® $98 $147 Cybercrime “Black Market” Value Data must be protected regardless of: Usage Location Device Access
The McAfee Solution Total Protection Suite for Data (ToPS Data) © 2007 McAfee, Inc.
The Solution: McAfee Data Protection McAfee Data Loss Prevention McAfee Device Control Full control and absolute visibility Prevent unauthorized use of over user behavior removable media devices Data Loss Device Prevention Control Integrated McAfee Total technologies for a Protection™ total data protection for Data solution. Endpoint Encrypted Encryption USB McAfee Endpoint Encryption McAfee Encrypted USB Full-disk, mobile device, and file Secure, portable external and folder encryption coupled storage devices with strong authentication
McAfee is Your Trusted Advisor Too many vendors, too many use cases, too overwhelming McAfee’s guided, phased deployment path to complete data protection Block Monitor & Encrypt Encrypt Multilayer unauthorized Secure All Laptops mobile data Protection devices Channels ® Data Loss Prevention Device Control Endpoint Encrypted Encryption USB Increasing Protection and Compliance
McAfee Endpoint Encryption You need • Encryption for laptops, desktops, and mobile devices with the flexibility to choose full-disk or file/folder Data Loss Device Prevention Control encryption • Confidence in integrity of sensitive data when a device is lost or stolen • Safe Harbor protection (i.e. Loss of encrypted data = non-event and does not require public disclosure) Endpoint Encrypted Encryption USB McAfee offers • Broad support for laptops, desktops, and mobile devices • Full audit-trails for compliance & auditing needs • Support for multiple strong authentication methods • Certifications: FIPS 140-2, Common Criteria Level 4 (highest level for software products), BITS, CSIA, etc.
McAfee Endpoint Encryption Full-Disk Encryption .DOC .XLS .APPS Files/APPS Files are in full text and fully viewable 1 1 by the authorized user(s) and application(s) Lorem ipsum dolor sit amet Lorem ipsum dolor sit amet 2 Files are Sectors are Operating 2 System translated assembled into sectors into files Encrypted 3 Sectors are Encryption sectors are 3 Driver encrypted in decrypted in memory #$$%%#%%&& #$$%%#%%&& memory 4 Sectors are Sectors are Hard Disk 4 stored in read from hard disk hard disk
McAfee Endpoint Encryption File and Folder Encryption 1 • Define policies more granularly than with full-disk encryption 2 Corporate • Full Windows Explorer integration Administrator Directory 3 • Automatic encryption and decryption with no performance loss, transparent to users 4 Client Client Client • Protect files and folders on Computer Computer Computer desktops, laptops, and servers 5 File Server Terminal Server
McAfee Endpoint Encryption Mobile Device Encryption • Protect your corporate data assets as your users go mobile • Creates encrypted, protected space on mobile devices to protect sensitive data • Supports multiple strong authentication methods • Renders data on mobile devices in the event of data loss or theft • Encryption policies on your mobile devices all centrally managed
McAfee Data Loss Prevention You need Data Loss • To prevent users from accidentally or maliciously Device Prevention Control leaking sensitive data • Full visibility and control over usage & movement of confidential data • To enable your infrastructure and data to protect itself Endpoint Encrypted Encryption USB McAfee offers Printer Copy & • Protection against accidental leakage via everyday Paste user tasks • Complete spectrum of actionable responses upon detecting loss of confidential data such as — Detailed logging & forensic evidence gathering — Real-time prevention & blocking Monitor Usage — User and administrator notification Print USB — Quarantine of confidential data Screen Copy
McAfee Data Loss Prevention Classify confidential data Build content-based, reaction rules Monitor sensitive data transfer By location Prevent confidential data from leaving the enterprise By content Notify administrator and end users By file-type Quarantine confidential data By fingerprint Enforce encryption
McAfee Device Control You need • To monitor and allow only authorized devices to Data Loss Device connect to endpoint Prevention Control • Restriction and blocking capabilities of the use of unauthorized devices such as iPods • Enforcement control over what data can be copied onto authorized devices Endpoint Encrypted Encryption USB McAfee offers • Fine-grained control of data and devices — Only allow company-authorized devices ® — Enforce control over what data can be copied to devices FireWire • Policies per user, group or department, i.e. allow CEO to connect any device while other employees can only connect sub-set of devices • Detailed user and device-level logging for auditing and compliance needs
McAfee Device Control • Based on McAfee Data Loss ePO Prevention (DLP) technology Management Console • Complete content-aware, and Device and Policies context-aware device-blocking Data Events capability • Regulate how users copy data to external devices Serial/Parallel Other • Increase productivity and the ability to safely use any USB devices as CD/DVD part of daily work activities WI/IRDA • Ensure control of all external FireWire Bluetooth devices USB
McAfee Encrypted USB You need Data Loss Device Prevention Control • Secure external storage media for your power users • Ability to ensure sensitive data transported via external media is continuously protected Endpoint Encrypted Encryption USB McAfee offers • A range of secure portable storage devices • Strong Access Control and Encryption • Centralized Management • Internal and External Compliance Support
McAfee Encrypted USB • Deploy easily on an enterprise-wide scale • Easily deploy and track devices through a single console • Streamline workflow to save time and money • Leverage Active Directory to match users and devices • Encrypt data on-the-fly • Enable secure data portability
McAfee ePO: Centralized Management and Compliance Support • You need: — Data protection to support compliance efforts for tough global data privacy regulations — Detailed logging and auditing for internal and regulatory compliance needs • McAfee offers: MITS — Detailed auditing and logging to meet the PCI GLBA PIPEDA Sarbanes- Oxley FFIEC DPA EUDPD Solvency II Basel II R-DPL toughest regulations HIPAA FISMA J-SOX DPA — ―Safe Harbor‖ protection with data CPC encryption Art. 43 — Rich set of policy & reporting templates to DTO-93 DPA CPA SA-PL help comply with regulations
Summary 1. There is increasing regulatory pressure to protect data 2. Insiders are the biggest threat to your data – and they are increasingly more mobile 3. A breach, no matter how big or how small, puts your business at risk 4. Which endpoint threats worry you the most? 5. Traditional approaches to data security won’t work – you need data-centric security that enables your data and infrastructure to protect itself 6. Continuing to use point tools to solve the problem creates inconsistencies in enforcement, can break business processes, and increase operational costs 7. McAfee provides you with the comprehensive solution you need to address the risks to your data
Thank You! © 2007 McAfee, Inc.

Recommandé

Health Data Encryption: The Seven Principals of Privacy
Health Data Encryption: The Seven Principals of PrivacyHealth Data Encryption: The Seven Principals of Privacy
Health Data Encryption: The Seven Principals of PrivacyCompliancy Group
 
Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012Creus Moreira Carlos
 
Information Security For Small Business
Information Security For Small BusinessInformation Security For Small Business
Information Security For Small BusinessJulius Clark, CISSP, CISA
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Don Grauel
 
Digital Responsibility: towards a new world order ?
Digital Responsibility: towards a new world order ?Digital Responsibility: towards a new world order ?
Digital Responsibility: towards a new world order ?University of Geneva
 
Halvorsen on Risk Cyber Webinar
Halvorsen on Risk Cyber WebinarHalvorsen on Risk Cyber Webinar
Halvorsen on Risk Cyber WebinarHalvorsen on Risk
 
Document%20 Safer%20 Introduction
Document%20 Safer%20 IntroductionDocument%20 Safer%20 Introduction
Document%20 Safer%20 Introductionerry wardhana
 
The Accidental Cloud: Privacy and Security Issues in a BYOD World
The Accidental Cloud: Privacy and Security Issues in a BYOD WorldThe Accidental Cloud: Privacy and Security Issues in a BYOD World
The Accidental Cloud: Privacy and Security Issues in a BYOD Worldmkeane
 

Recommandé

Health Data Encryption: The Seven Principals of Privacy
Health Data Encryption: The Seven Principals of PrivacyHealth Data Encryption: The Seven Principals of Privacy
Health Data Encryption: The Seven Principals of PrivacyCompliancy Group
 
Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012Wk online trust solutions overview january 2012
Wk online trust solutions overview january 2012Creus Moreira Carlos
 
Information Security For Small Business
Information Security For Small BusinessInformation Security For Small Business
Information Security For Small BusinessJulius Clark, CISSP, CISA
 
Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Clinton- Cyber IRT Balto 10_2012
Clinton- Cyber IRT Balto 10_2012Don Grauel
 
Digital Responsibility: towards a new world order ?
Digital Responsibility: towards a new world order ?Digital Responsibility: towards a new world order ?
Digital Responsibility: towards a new world order ?University of Geneva
 
Halvorsen on Risk Cyber Webinar
Halvorsen on Risk Cyber WebinarHalvorsen on Risk Cyber Webinar
Halvorsen on Risk Cyber WebinarHalvorsen on Risk
 
Document%20 Safer%20 Introduction
Document%20 Safer%20 IntroductionDocument%20 Safer%20 Introduction
Document%20 Safer%20 Introductionerry wardhana
 
The Accidental Cloud: Privacy and Security Issues in a BYOD World
The Accidental Cloud: Privacy and Security Issues in a BYOD WorldThe Accidental Cloud: Privacy and Security Issues in a BYOD World
The Accidental Cloud: Privacy and Security Issues in a BYOD Worldmkeane
 
Massachusetts New Data Security Laws Presentation
Massachusetts New Data Security Laws PresentationMassachusetts New Data Security Laws Presentation
Massachusetts New Data Security Laws Presentationbillanetworks
 
Privacy Safe Guarding Sensitive PII Handbook 2013
Privacy Safe Guarding Sensitive PII Handbook 2013Privacy Safe Guarding Sensitive PII Handbook 2013
Privacy Safe Guarding Sensitive PII Handbook 2013- Mark - Fullbright
 
Rainer+3e Student Pp Ts Ch03
Rainer+3e Student Pp Ts Ch03Rainer+3e Student Pp Ts Ch03
Rainer+3e Student Pp Ts Ch03kbzdox ivanovich
 
Jennings it security overview 1 2
Jennings it security overview 1 2Jennings it security overview 1 2
Jennings it security overview 1 2Donald Jennings
 
MA Privacy Law
MA Privacy LawMA Privacy Law
MA Privacy Lawtravismd
 
Social Engineering and Identity Theft
Social Engineering and Identity TheftSocial Engineering and Identity Theft
Social Engineering and Identity TheftScott Teipe, CISSP, CISM
 
Transitory Electronic Communication: Recordless Messaging in the Context of a...
Transitory Electronic Communication: Recordless Messaging in the Context of a...Transitory Electronic Communication: Recordless Messaging in the Context of a...
Transitory Electronic Communication: Recordless Messaging in the Context of a...jonneiditz
 
Introduction to computer
Introduction to computerIntroduction to computer
Introduction to computerRoshanMaharjan13
 
Staying Safe and Secure Online
Staying Safe and Secure OnlineStaying Safe and Secure Online
Staying Safe and Secure Onlineevolutionaryit
 
Information_Security_Class
Information_Security_ClassInformation_Security_Class
Information_Security_ClassDr. Robert L. Straitt
 
Electronic files are records too
Electronic files are records tooElectronic files are records too
Electronic files are records tooBob Larrivee
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...SafeNet
 
2016 legal seminar for credit professionals
2016 legal seminar for credit professionals2016 legal seminar for credit professionals
2016 legal seminar for credit professionalsKegler Brown Hill + Ritter
 
CCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR
 
Iot privacy vs convenience
Iot privacy vs convenienceIot privacy vs convenience
Iot privacy vs convenienceDon Lovett
 
Legally Correct But Technologically Off the Mark - The Case of Arie Genger
Legally Correct But Technologically Off the Mark - The Case of Arie GengerLegally Correct But Technologically Off the Mark - The Case of Arie Genger
Legally Correct But Technologically Off the Mark - The Case of Arie GengerMark Hyde
 
Rethinking Document Management eBook
Rethinking Document Management eBookRethinking Document Management eBook
Rethinking Document Management eBookKimberly Jones
 
Leading Practices in Information Security & Privacy
Leading Practices in Information Security & PrivacyLeading Practices in Information Security & Privacy
Leading Practices in Information Security & PrivacyDonny Shimamoto
 
3rd Annual Biometrics for National Security and Defense
3rd Annual Biometrics for National Security and Defense3rd Annual Biometrics for National Security and Defense
3rd Annual Biometrics for National Security and DefenseAlexa Deaton
 
Cookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspectiveCookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspectiveCastlebridge Associates
 
McAfee MOVE & Endpoint Security
McAfee MOVE & Endpoint SecurityMcAfee MOVE & Endpoint Security
McAfee MOVE & Endpoint Securitynetlogix
 
McAfee Data Protection (DLP & Encryption)
McAfee Data Protection (DLP & Encryption)McAfee Data Protection (DLP & Encryption)
McAfee Data Protection (DLP & Encryption)Vladyslav Radetsky
 

Contenu connexe

Tendances

Massachusetts New Data Security Laws Presentation
Massachusetts New Data Security Laws PresentationMassachusetts New Data Security Laws Presentation
Massachusetts New Data Security Laws Presentationbillanetworks
 
Privacy Safe Guarding Sensitive PII Handbook 2013
Privacy Safe Guarding Sensitive PII Handbook 2013Privacy Safe Guarding Sensitive PII Handbook 2013
Privacy Safe Guarding Sensitive PII Handbook 2013- Mark - Fullbright
 
Rainer+3e Student Pp Ts Ch03
Rainer+3e Student Pp Ts Ch03Rainer+3e Student Pp Ts Ch03
Rainer+3e Student Pp Ts Ch03kbzdox ivanovich
 
Jennings it security overview 1 2
Jennings it security overview 1 2Jennings it security overview 1 2
Jennings it security overview 1 2Donald Jennings
 
MA Privacy Law
MA Privacy LawMA Privacy Law
MA Privacy Lawtravismd
 
Transitory Electronic Communication: Recordless Messaging in the Context of a...
Transitory Electronic Communication: Recordless Messaging in the Context of a...Transitory Electronic Communication: Recordless Messaging in the Context of a...
Transitory Electronic Communication: Recordless Messaging in the Context of a...jonneiditz
 
Staying Safe and Secure Online
Staying Safe and Secure OnlineStaying Safe and Secure Online
Staying Safe and Secure Onlineevolutionaryit
 
Electronic files are records too
Electronic files are records tooElectronic files are records too
Electronic files are records tooBob Larrivee
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...SafeNet
 
CCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR
 
Iot privacy vs convenience
Iot privacy vs convenienceIot privacy vs convenience
Iot privacy vs convenienceDon Lovett
 
Legally Correct But Technologically Off the Mark - The Case of Arie Genger
Legally Correct But Technologically Off the Mark - The Case of Arie GengerLegally Correct But Technologically Off the Mark - The Case of Arie Genger
Legally Correct But Technologically Off the Mark - The Case of Arie GengerMark Hyde
 
Rethinking Document Management eBook
Rethinking Document Management eBookRethinking Document Management eBook
Rethinking Document Management eBookKimberly Jones
 
Leading Practices in Information Security & Privacy
Leading Practices in Information Security & PrivacyLeading Practices in Information Security & Privacy
Leading Practices in Information Security & PrivacyDonny Shimamoto
 
3rd Annual Biometrics for National Security and Defense
3rd Annual Biometrics for National Security and Defense3rd Annual Biometrics for National Security and Defense
3rd Annual Biometrics for National Security and DefenseAlexa Deaton
 
Cookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspectiveCookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspectiveCastlebridge Associates
 

Tendances (20)

Massachusetts New Data Security Laws Presentation
Massachusetts New Data Security Laws PresentationMassachusetts New Data Security Laws Presentation
Massachusetts New Data Security Laws Presentation
 
Privacy Safe Guarding Sensitive PII Handbook 2013
Privacy Safe Guarding Sensitive PII Handbook 2013Privacy Safe Guarding Sensitive PII Handbook 2013
Privacy Safe Guarding Sensitive PII Handbook 2013
 
Rainer+3e Student Pp Ts Ch03
Rainer+3e Student Pp Ts Ch03Rainer+3e Student Pp Ts Ch03
Rainer+3e Student Pp Ts Ch03
 
Jennings it security overview 1 2
Jennings it security overview 1 2Jennings it security overview 1 2
Jennings it security overview 1 2
 
MA Privacy Law
MA Privacy LawMA Privacy Law
MA Privacy Law
 
Social Engineering and Identity Theft
Social Engineering and Identity TheftSocial Engineering and Identity Theft
Social Engineering and Identity Theft
 
Transitory Electronic Communication: Recordless Messaging in the Context of a...
Transitory Electronic Communication: Recordless Messaging in the Context of a...Transitory Electronic Communication: Recordless Messaging in the Context of a...
Transitory Electronic Communication: Recordless Messaging in the Context of a...
 
Introduction to computer
Introduction to computerIntroduction to computer
Introduction to computer
 
Staying Safe and Secure Online
Staying Safe and Secure OnlineStaying Safe and Secure Online
Staying Safe and Secure Online
 
Information_Security_Class
Information_Security_ClassInformation_Security_Class
Information_Security_Class
 
Electronic files are records too
Electronic files are records tooElectronic files are records too
Electronic files are records too
 
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
4 Steps to Financial Data Security Compliance Technologies to Help Your Finan...
 
2016 legal seminar for credit professionals
2016 legal seminar for credit professionals2016 legal seminar for credit professionals
2016 legal seminar for credit professionals
 
CCIAOR Cyber Security Forum
CCIAOR Cyber Security ForumCCIAOR Cyber Security Forum
CCIAOR Cyber Security Forum
 
Iot privacy vs convenience
Iot privacy vs convenienceIot privacy vs convenience
Iot privacy vs convenience
 
Legally Correct But Technologically Off the Mark - The Case of Arie Genger
Legally Correct But Technologically Off the Mark - The Case of Arie GengerLegally Correct But Technologically Off the Mark - The Case of Arie Genger
Legally Correct But Technologically Off the Mark - The Case of Arie Genger
 
Rethinking Document Management eBook
Rethinking Document Management eBookRethinking Document Management eBook
Rethinking Document Management eBook
 
Leading Practices in Information Security & Privacy
Leading Practices in Information Security & PrivacyLeading Practices in Information Security & Privacy
Leading Practices in Information Security & Privacy
 
3rd Annual Biometrics for National Security and Defense
3rd Annual Biometrics for National Security and Defense3rd Annual Biometrics for National Security and Defense
3rd Annual Biometrics for National Security and Defense
 
Cookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspectiveCookies and Data Protection - a Practitioner's perspective
Cookies and Data Protection - a Practitioner's perspective
 

En vedette

McAfee MOVE & Endpoint Security
McAfee MOVE & Endpoint SecurityMcAfee MOVE & Endpoint Security
McAfee MOVE & Endpoint Securitynetlogix
 
McAfee Data Protection (DLP & Encryption)
McAfee Data Protection (DLP & Encryption)McAfee Data Protection (DLP & Encryption)
McAfee Data Protection (DLP & Encryption)Vladyslav Radetsky
 
Data Loss Prevention de RSA
Data Loss Prevention de RSAData Loss Prevention de RSA
Data Loss Prevention de RSAAEC Networks
 
Nguyễn Tấn Vi - office of the CISO
Nguyễn Tấn Vi - office of the CISONguyễn Tấn Vi - office of the CISO
Nguyễn Tấn Vi - office of the CISOSecurity Bootcamp
 
SCB 2013 DLP, công nghệ, và phương pháp triển khai
SCB 2013 DLP, công nghệ, và phương pháp triển khaiSCB 2013 DLP, công nghệ, và phương pháp triển khai
SCB 2013 DLP, công nghệ, và phương pháp triển khaiSecurity Bootcamp
 
Vi Minh Toại - Security Risk Management, tough path to success
Vi Minh Toại - Security Risk Management, tough path to successVi Minh Toại - Security Risk Management, tough path to success
Vi Minh Toại - Security Risk Management, tough path to successSecurity Bootcamp
 

En vedette (7)

McAfee MOVE & Endpoint Security
McAfee MOVE & Endpoint SecurityMcAfee MOVE & Endpoint Security
McAfee MOVE & Endpoint Security
 
McAfee Data Protection (DLP & Encryption)
McAfee Data Protection (DLP & Encryption)McAfee Data Protection (DLP & Encryption)
McAfee Data Protection (DLP & Encryption)
 
Enterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - IntelEnterprise API Security & Data Loss Prevention - Intel
Enterprise API Security & Data Loss Prevention - Intel
 
Data Loss Prevention de RSA
Data Loss Prevention de RSAData Loss Prevention de RSA
Data Loss Prevention de RSA
 
Nguyễn Tấn Vi - office of the CISO
Nguyễn Tấn Vi - office of the CISONguyễn Tấn Vi - office of the CISO
Nguyễn Tấn Vi - office of the CISO
 
SCB 2013 DLP, công nghệ, và phương pháp triển khai
SCB 2013 DLP, công nghệ, và phương pháp triển khaiSCB 2013 DLP, công nghệ, và phương pháp triển khai
SCB 2013 DLP, công nghệ, và phương pháp triển khai
 
Vi Minh Toại - Security Risk Management, tough path to success
Vi Minh Toại - Security Risk Management, tough path to successVi Minh Toại - Security Risk Management, tough path to success
Vi Minh Toại - Security Risk Management, tough path to success
 

Similaire à Mcafee dyntek

Ssi Data Protection Solutions V0.2
Ssi Data Protection Solutions V0.2Ssi Data Protection Solutions V0.2
Ssi Data Protection Solutions V0.2olambel
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security ProtectionShawn Crimson
 
The Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesThe Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesGFI Software
 
Exploring Data Privacy - SQL Saturday Louisville 2011
Exploring Data Privacy - SQL Saturday Louisville 2011Exploring Data Privacy - SQL Saturday Louisville 2011
Exploring Data Privacy - SQL Saturday Louisville 2011John Magnabosco
 
Better to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and SecurityBetter to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and SecurityEric Kavanagh
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesSeccuris Inc.
 
Homeland Security - strengthening the weakest link
Homeland Security - strengthening the weakest linkHomeland Security - strengthening the weakest link
Homeland Security - strengthening the weakest linkFlaskdata.io
 
DATA LEAK - WHAT IS IT, PREVENTION AND SOLUTIONS
DATA LEAK - WHAT IS IT, PREVENTION AND SOLUTIONSDATA LEAK - WHAT IS IT, PREVENTION AND SOLUTIONS
DATA LEAK - WHAT IS IT, PREVENTION AND SOLUTIONSSprintzeal
 
Embracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG SecurityEmbracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG SecurityBarry Caplin
 
IT Security for the Physical Security Professional
IT Security for the Physical Security ProfessionalIT Security for the Physical Security Professional
IT Security for the Physical Security Professionalciso_insights
 
Data Leakage Presentation
Data Leakage PresentationData Leakage Presentation
Data Leakage PresentationMike Spaulding
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...IBM Security
 
IT Security Presentation - IIMC 2014 Conference
IT Security Presentation - IIMC 2014 ConferenceIT Security Presentation - IIMC 2014 Conference
IT Security Presentation - IIMC 2014 ConferenceJeff Lemmermann
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveBarry Caplin
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveBarry Caplin
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityGianluca Varisco
 
Cyber and Data Risks
Cyber and Data RisksCyber and Data Risks
Cyber and Data Risksrisksmith
 

Similaire à Mcafee dyntek (20)

Dean carey - data loss-prevention - atlseccon2011
Dean carey - data loss-prevention - atlseccon2011Dean carey - data loss-prevention - atlseccon2011
Dean carey - data loss-prevention - atlseccon2011
 
Ssi Data Protection Solutions V0.2
Ssi Data Protection Solutions V0.2Ssi Data Protection Solutions V0.2
Ssi Data Protection Solutions V0.2
 
Axxera End Point Security Protection
Axxera End Point Security ProtectionAxxera End Point Security Protection
Axxera End Point Security Protection
 
The Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage DevicesThe Threats Posed by Portable Storage Devices
The Threats Posed by Portable Storage Devices
 
Exploring Data Privacy - SQL Saturday Louisville 2011
Exploring Data Privacy - SQL Saturday Louisville 2011Exploring Data Privacy - SQL Saturday Louisville 2011
Exploring Data Privacy - SQL Saturday Louisville 2011
 
Better to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and SecurityBetter to Ask Permission? Best Practices for Privacy and Security
Better to Ask Permission? Best Practices for Privacy and Security
 
Data Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective StrategiesData Loss Prevention: Challenges, Impacts & Effective Strategies
Data Loss Prevention: Challenges, Impacts & Effective Strategies
 
Homeland Security - strengthening the weakest link
Homeland Security - strengthening the weakest linkHomeland Security - strengthening the weakest link
Homeland Security - strengthening the weakest link
 
DATA LEAK - WHAT IS IT, PREVENTION AND SOLUTIONS
DATA LEAK - WHAT IS IT, PREVENTION AND SOLUTIONSDATA LEAK - WHAT IS IT, PREVENTION AND SOLUTIONS
DATA LEAK - WHAT IS IT, PREVENTION AND SOLUTIONS
 
Mis05
Mis05Mis05
Mis05
 
Embracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG SecurityEmbracing the IT Consumerization Imperative NG Security
Embracing the IT Consumerization Imperative NG Security
 
IT Security for the Physical Security Professional
IT Security for the Physical Security ProfessionalIT Security for the Physical Security Professional
IT Security for the Physical Security Professional
 
One of 2 protect your business
One of 2 protect your businessOne of 2 protect your business
One of 2 protect your business
 
Data Leakage Presentation
Data Leakage PresentationData Leakage Presentation
Data Leakage Presentation
 
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
Encryption and Key Management: Ensuring Compliance, Privacy, and Minimizing t...
 
IT Security Presentation - IIMC 2014 Conference
IT Security Presentation - IIMC 2014 ConferenceIT Security Presentation - IIMC 2014 Conference
IT Security Presentation - IIMC 2014 Conference
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization Imperitive
 
Embracing the IT Consumerization Imperitive
Embracing the IT Consumerization ImperitiveEmbracing the IT Consumerization Imperitive
Embracing the IT Consumerization Imperitive
 
Refugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on SecurityRefugees on Rails Berlin - #2 Tech Talk on Security
Refugees on Rails Berlin - #2 Tech Talk on Security
 
Cyber and Data Risks
Cyber and Data RisksCyber and Data Risks
Cyber and Data Risks
 

Dernier

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...Martijn de Jong
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slidespraypatel2
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Miguel Araújo
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024The Digital Insurer
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilV3cube
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Scriptwesley chun
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Igalia
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonetsnaman860154
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024The Digital Insurer
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 

Dernier (20)

2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...2024: Domino Containers - The Next Step. News from the Domino Container commu...
2024: Domino Containers - The Next Step. News from the Domino Container commu...
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
Slack Application Development 101 Slides
Slack Application Development 101 SlidesSlack Application Development 101 Slides
Slack Application Development 101 Slides
 
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
Neo4j - How KGs are shaping the future of Generative AI at AWS Summit London ...
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024Axa Assurance Maroc - Insurer Innovation Award 2024
Axa Assurance Maroc - Insurer Innovation Award 2024
 
Developing An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of BrazilDeveloping An App To Navigate The Roads of Brazil
Developing An App To Navigate The Roads of Brazil
 
Automating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps ScriptAutomating Google Workspace (GWS) & more with Apps Script
Automating Google Workspace (GWS) & more with Apps Script
 
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
Raspberry Pi 5: Challenges and Solutions in Bringing up an OpenGL/Vulkan Driv...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
How to convert PDF to text with Nanonets
How to convert PDF to text with NanonetsHow to convert PDF to text with Nanonets
How to convert PDF to text with Nanonets
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 

Mcafee dyntek

  • 1. McAfee Data Protection ©© 2007 McAfee, Inc. 2007 McAfee, Inc.
  • 2. Agenda • The Problem: Data is Lost or Stolen Everyday! • Securing Data Requires Different Thinking • McAfee’s Data Protection Solution — Introducing Total Protection for Data (ToPS Data) • Summary
  • 3. The Problem Data is Lost or Stolen Everyday! © 2007 McAfee, Inc.
  • 4. Data Loss: Next Inevitable Corporate Disaster? Explosive Growth Escalating Privacy Public Embarrassment of Mobile Devices Regulations and Disclosure Cost USB Sold Memory Sticks Units BlackBerry SmartPhone Palm/Treo PocketPC + Laptops Desktops 1995 2000 2005 2010 Data Protection: #1 CISO Priority Today 2007 CISO Survey
  • 5. Increasing Regulatory Pressure US Government • Growing in number and OMG Initiative (USA) US Senate Bill 1350 Proposed complexity (USA) Data Protection Act (Japan) • Public disclosure is California SB 1386 (USA) Sarbanes- Oxley required in the event of (USA) Government Network data loss Security Act (USA) Gramm-Leach-Bliley • Intellectual property loss (USA) Data Protection Act and theft is also a concern HIPAA (UK) (USA) GISRA Directive on Protection (USA) of Personal Data (EU) Datenschutz (Germany)
  • 6. Increasing Need for Mobile Access to Data USB Explosive Growth in Mobile Devices Sold Memory Sticks Units • Information and data moving out of corporate perimeter BlackBerry SmartPhone • Storage capacity grows as devices become smaller Palm/Treo PocketPC • Advances in mobile device Laptops technology will continue to produce new and more powerful devices Desktops 1995 2000 2005 2010
  • 7. Increasing Risk of Information Theft • 19 people a minute become new victims of identity theft due to data breaches1 • During a 3 year period, over 217 million Americans were victims of identity theft or exposure2 • Each data breach costs an average of $6.3 million3 • A typical Fortune 1000 company can’t locate 2% of their PC’s4 • A typical Fortune 1000 financial institution loses 1 laptop a day5 1. Identity Theft Resource Center, 2007 2. 2007 Ponmon Institute Cost of Data Breach study 3., 4., 5. www.privacyrights.org
  • 8. Understanding the Risk The Market Value of Your Sensitive Data $980-$4,900 $147 Trojan to steal Birth certificate account information $490 $98 Credit Card Social Security card Number with PIN $6-$24 $78-$294 Credit card number Billing data $6 $147 PayPal account Driver's license logon and password
  • 9. The Major Endpoint Threats 1 2 Physical loss or Unauthorized theft of laptops and transfer of data to mobile devices external devices 3 4 Unintentional Privileged users distribution via breach the data e-mail, web, etc. 5 6 Information User applications escapes via print, 7 hacked CD-ROM, DVD, etc. Trojans/key loggers/malware
  • 10. The Major Endpoint Threats “I’ve seen organizations spend hundreds of millions of dollars on security safeguards that were penetrated by a knowledgeable person with a handheld device.” Bill Boni CSO, Motorola
  • 11. Securing Data Requires Different Thinking © 2007 McAfee, Inc.
  • 12. Today’s Security Solution Gap Anti-virus • Most ―information security‖ products don’t actually ―secure information‖ Change/Patch Authentication Management — They are designed to protect Threat networks and servers VPN Detection Anti-virus — They do little to protect the LAN confidentiality and integrity of Clients information Web Filtering Anti-spyware Servers • Information is in constant motion Firewall —making it difficult to lock down
  • 13. Current Approaches to Security Do Not Protect the Most Valuable Asset: Your Data System-centric view of data protection: Protect the perimeter, one system at a time User Authentication Sensitive Data Access Control
  • 14. Data Protection Requires Different Thinking Data is not static, so security cannot be static – it must persist with the data itself. This is Data-Centric Protection. Encryption Strong Authentication Data Loss Prevention Device Control
  • 15. Throwing Point Tools at the Problem Doesn’t Work! Non-security staff must manage myriad of point High Management security systems. Compounds with changes in Cost personnel and systems No Alignment You are unable to align needs with security to Policy policy requirements Managing the lifecycle of security rules becomes Life Cycle overly complex, increasing infrastructure Vulnerabilities vulnerability Broken Business Businesses processes break as systems go Processes their own way on security Lack of centralized monitoring and auditing Data Loss Risk opens vulnerabilities that could lead to data loss
  • 16. Data Protection Requires Different Thinking Easy to Lose Easy to Transfer Enticing to Steal $490 $147 ® $98 $147 Cybercrime “Black Market” Value Data must be protected regardless of: Usage Location Device Access
  • 17. The McAfee Solution Total Protection Suite for Data (ToPS Data) © 2007 McAfee, Inc.
  • 18. The Solution: McAfee Data Protection McAfee Data Loss Prevention McAfee Device Control Full control and absolute visibility Prevent unauthorized use of over user behavior removable media devices Data Loss Device Prevention Control Integrated McAfee Total technologies for a Protection™ total data protection for Data solution. Endpoint Encrypted Encryption USB McAfee Endpoint Encryption McAfee Encrypted USB Full-disk, mobile device, and file Secure, portable external and folder encryption coupled storage devices with strong authentication
  • 19. McAfee is Your Trusted Advisor Too many vendors, too many use cases, too overwhelming McAfee’s guided, phased deployment path to complete data protection Block Monitor & Encrypt Encrypt Multilayer unauthorized Secure All Laptops mobile data Protection devices Channels ® Data Loss Prevention Device Control Endpoint Encrypted Encryption USB Increasing Protection and Compliance
  • 20. McAfee Endpoint Encryption You need • Encryption for laptops, desktops, and mobile devices with the flexibility to choose full-disk or file/folder Data Loss Device Prevention Control encryption • Confidence in integrity of sensitive data when a device is lost or stolen • Safe Harbor protection (i.e. Loss of encrypted data = non-event and does not require public disclosure) Endpoint Encrypted Encryption USB McAfee offers • Broad support for laptops, desktops, and mobile devices • Full audit-trails for compliance & auditing needs • Support for multiple strong authentication methods • Certifications: FIPS 140-2, Common Criteria Level 4 (highest level for software products), BITS, CSIA, etc.
  • 21. McAfee Endpoint Encryption Full-Disk Encryption .DOC .XLS .APPS Files/APPS Files are in full text and fully viewable 1 1 by the authorized user(s) and application(s) Lorem ipsum dolor sit amet Lorem ipsum dolor sit amet 2 Files are Sectors are Operating 2 System translated assembled into sectors into files Encrypted 3 Sectors are Encryption sectors are 3 Driver encrypted in decrypted in memory #$$%%#%%&& #$$%%#%%&& memory 4 Sectors are Sectors are Hard Disk 4 stored in read from hard disk hard disk
  • 22. McAfee Endpoint Encryption File and Folder Encryption 1 • Define policies more granularly than with full-disk encryption 2 Corporate • Full Windows Explorer integration Administrator Directory 3 • Automatic encryption and decryption with no performance loss, transparent to users 4 Client Client Client • Protect files and folders on Computer Computer Computer desktops, laptops, and servers 5 File Server Terminal Server
  • 23. McAfee Endpoint Encryption Mobile Device Encryption • Protect your corporate data assets as your users go mobile • Creates encrypted, protected space on mobile devices to protect sensitive data • Supports multiple strong authentication methods • Renders data on mobile devices in the event of data loss or theft • Encryption policies on your mobile devices all centrally managed
  • 24. McAfee Data Loss Prevention You need Data Loss • To prevent users from accidentally or maliciously Device Prevention Control leaking sensitive data • Full visibility and control over usage & movement of confidential data • To enable your infrastructure and data to protect itself Endpoint Encrypted Encryption USB McAfee offers Printer Copy & • Protection against accidental leakage via everyday Paste user tasks • Complete spectrum of actionable responses upon detecting loss of confidential data such as — Detailed logging & forensic evidence gathering — Real-time prevention & blocking Monitor Usage — User and administrator notification Print USB — Quarantine of confidential data Screen Copy
  • 25. McAfee Data Loss Prevention Classify confidential data Build content-based, reaction rules Monitor sensitive data transfer By location Prevent confidential data from leaving the enterprise By content Notify administrator and end users By file-type Quarantine confidential data By fingerprint Enforce encryption
  • 26. McAfee Device Control You need • To monitor and allow only authorized devices to Data Loss Device connect to endpoint Prevention Control • Restriction and blocking capabilities of the use of unauthorized devices such as iPods • Enforcement control over what data can be copied onto authorized devices Endpoint Encrypted Encryption USB McAfee offers • Fine-grained control of data and devices — Only allow company-authorized devices ® — Enforce control over what data can be copied to devices FireWire • Policies per user, group or department, i.e. allow CEO to connect any device while other employees can only connect sub-set of devices • Detailed user and device-level logging for auditing and compliance needs
  • 27. McAfee Device Control • Based on McAfee Data Loss ePO Prevention (DLP) technology Management Console • Complete content-aware, and Device and Policies context-aware device-blocking Data Events capability • Regulate how users copy data to external devices Serial/Parallel Other • Increase productivity and the ability to safely use any USB devices as CD/DVD part of daily work activities WI/IRDA • Ensure control of all external FireWire Bluetooth devices USB
  • 28. McAfee Encrypted USB You need Data Loss Device Prevention Control • Secure external storage media for your power users • Ability to ensure sensitive data transported via external media is continuously protected Endpoint Encrypted Encryption USB McAfee offers • A range of secure portable storage devices • Strong Access Control and Encryption • Centralized Management • Internal and External Compliance Support
  • 29. McAfee Encrypted USB • Deploy easily on an enterprise-wide scale • Easily deploy and track devices through a single console • Streamline workflow to save time and money • Leverage Active Directory to match users and devices • Encrypt data on-the-fly • Enable secure data portability
  • 30. McAfee ePO: Centralized Management and Compliance Support • You need: — Data protection to support compliance efforts for tough global data privacy regulations — Detailed logging and auditing for internal and regulatory compliance needs • McAfee offers: MITS — Detailed auditing and logging to meet the PCI GLBA PIPEDA Sarbanes- Oxley FFIEC DPA EUDPD Solvency II Basel II R-DPL toughest regulations HIPAA FISMA J-SOX DPA — ―Safe Harbor‖ protection with data CPC encryption Art. 43 — Rich set of policy & reporting templates to DTO-93 DPA CPA SA-PL help comply with regulations
  • 31. Summary 1. There is increasing regulatory pressure to protect data 2. Insiders are the biggest threat to your data – and they are increasingly more mobile 3. A breach, no matter how big or how small, puts your business at risk 4. Which endpoint threats worry you the most? 5. Traditional approaches to data security won’t work – you need data-centric security that enables your data and infrastructure to protect itself 6. Continuing to use point tools to solve the problem creates inconsistencies in enforcement, can break business processes, and increase operational costs 7. McAfee provides you with the comprehensive solution you need to address the risks to your data
  • 32. Thank You! © 2007 McAfee, Inc.