5. Have Broken Business Processes?
Source code
forwarded to private
email accounts?
Lack of visibility of
what & how data is being
leaked?
PCI data copied onto
non-encrypted USBs?
6. DLP Can Help!
Protect Sensitive
Information
Improve Business
Process
Ensure Regulatory
Compliance
7. The Sources of Data Loss
Data Types
Data-in-Motion
Web Post
Network
IM Chat
W I L D
Email
W I L D
Data-at-Rest
Database
Desktop/Laptop
Data-in-Use
Removable Media
Printer
Screen
Clipboard
W E S T
File Share
8. You Cannot Protect What You Don’t Know!
Understanding How & What Data is Leaving Your Organization.
1101010111000100101011101000101010010001001010111010100010010000100100111100011100010011010101110001001010111010001010100100010010101110101000100100001
1011101010001001000010010011110001110 0010011010101110001001010111010001010100100010010101110101000100100001001001111000111000101
Policy
11010101110001001010111010001010100100010010101110101000100100001001001111000111000100110101011100010010101110100010101001000100101011101010001001000010
1011101010001001000010010011110001110 0010011010101110001001010111010001010100100010010101110101000100100001001001111000111000101
Data Analytics
Violations
8
October 29, 2013
Captured
Data
9. Deploy
Data Types
Data Loss Vectors
Solution
DLP Prevent
DLP Monitor
Data-in-Motion
Email
Web Post
Network
IM Chat
Data-at-Rest
DLP Discover
File Share
Database
Desktop/Laptop
Data-in-Use
DLP Endpoint
Removable Media
Printer
Screen
Clipboard
10. Discover Data
DLP Endpoint
DLP Endpoint
DLP Discover
•
Crawl local drives & Tag
Application, location or content
Outlook files (PST/OST)
•
Remediate
Move, delete or encrypt
DLP Discover
•
Crawl servers
Inventory, classify, or fingerprint data
What It Does
Find and protect sensitive information
in storage repositories and hard
drives.
•
Remediate
Move, delete, or encrypt
•
Supported repositories/databases
CIFS/NFS/HTTP(S)/FTP(S)
SharePoint/Documentum
SQL/Oracle/DB2/MySQL Enterprise
11. Protect Data
DLP Endpoint
•
Provide content-aware device
control
Move or block
DLP Endpoint
•
Integrated with Endpoint
Encryption
Email/Web Gateway
File, folder, or USB
•
DRM support
Adobe, MS RMS
DLP Prevent
What It Does
Protect against data loss via outbound
email, web postings, and endpoints such as
laptops, USBs and other devices.
DLP Prevent
•
Analyze network traffic for both
email and web
SMTP/HTTP/HTTPS
IM/Blog/FTP/FTPS
•
Allow, block, bounce or notify
•
Encrypt, quarantine, or redirect
12. Monitor Data
DLP Endpoint
•
Provide content-aware detection
Over 300 content types
Outlook, webmails
DLP Endpoint
IM/FTP/HTTP(S)
Switches/Routers
DLP Monitor
What It Does
Monitor data as it moves across the
network and as it leaves the endpoint.
I/O channels (USB, media, devices)
DLP Monitor
•
Passively monitor all network traffic
Detect tags via keywords or concept
•
Examine how data is being used
What, where, who or why
•
Protocol agnostic
13. Comprehensive Data Protection
Web & Email Gateway
DLP integration with MWG and MEG analyzes
email and ICAP traffic using its realtime rule
engine and enforces actions (Block, Allow,
Encrypt…).
ESM
Ability to inspect, analyse, correlate and
report information of DLP. Secure log
storage (historical). Chain of Custody and
Non-Repudiation.
Web & Email
Gateway
SIEM
MDM/EMM
Database Security
Database monitor for DLP audit and
control of data leak.
Endpoint Encryption
DLP integration with EEFF, EERM
for remediation and to protect
information base on content.
Database
Security
ePO
DLP
Encryption
Mobile
Device Control
Mobile DLP prevent data and
intellectual property loss via Secure
Containers.
Device Control
DLP integration helps control and
audit of external USB Storage
devices on the endpoint.
14. You Cannot Protect What You Don’t Know!
Understanding How & What Data is Leaving Your Organization.
1101010111000100101011101000101010010001001010111010100010010000100100111100011100010011010101110001001010111010001010100100010010101110101000100100001
1011101010001001000010010011110001110 0010011010101110001001010111010001010100100010010101110101000100100001001001111000111000101
Policy
11010101110001001010111010001010100100010010101110101000100100001001001111000111000100110101011100010010101110100010101001000100101011101010001001000010
1011101010001001000010010011110001110 0010011010101110001001010111010001010100100010010101110101000100100001001001111000111000101
Data Analytics
Violations
14
October 29, 2013
Captured
Data
16. Data Discovery
“I’d like to deploy DLP, but
where do I start?”
1000’s of Servers
“I don’t know where all my data sits
and on which servers.”
Millions of files
Unknown content
18. Endpoint Protection
Protected Finance Share
Endpoint
Copied
Tagged
Applications
Enforcement
Web posting
Copy/Paste
Save as/Rename
Download
Tagged
Copy to media/device
19. Enhanced Protection for IP
Clipboard Protection
•
Prevent paste of sensitive information
TO designed apps
e.g. block PCI info being pasted TO
Skype
Screen Capture protection
•
Protect screen capture by any
configured apps (e.g. Snipping tool,
SnagIt)
e.g. pasting of the screen capture will
succeed, but will provide a blurred
image
22. MyDLP
Commercial Support
Virtual Appliance
Web
Mail
Block and Log Actions
Quarantine and Archive Actions
IRM Actions
Customizable Dashboard
Simple Reporting
Exporting to Microsoft Excel
Full-text search with SOLR Integration
Mail Archive
Policy Revisioning
E-mail Notifications
Customizable Notification Messages
Community
Edition
V
V
V
V
V
V
V
V
V
-
Enterprise
Edition
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
23. Removable Storage Devices
Removable Storage Encryption
Removable Storage Inbound Data
Monitor
Printer Protection
Screenshot Protection
Discovery ( Data at Rest )
On Demand Workstation Discovery
MyDLP API
Removable Storage Inbound Archive
Offline Endpoint Protection
Community
Edition
V
-
Enterprise
Edition
V
V
-
V
V
V
V
-
V
V
V
V
V
V
V
24. Microsoft Active Directory Integration
Database Integration (SQL / JDBC)
ICAP Integration
SMTP Gateway Integration
Native Syslog Integration
Community
Edition
V
V
V
V
Enterprise
Edition
V
V
V
V
-
V
25. Keywords
Predefined Dictionaries
Regular Expressions
Partial (Approximate) Document
Matching
Document hashes
Predefined Data Types (e.g. Credit
Card Numbers)
National Identification and Social
Security Numbers
Source Code Identification
Distance (Partial Context Grouping)
Predefined Policies
Custom Content Definition
Community
Edition
V
V
V
Enterprise
Edition
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V
V