Gordon Tredgold, SVP Global IT at Henkel - Fast Leadership - Accelerating Pro...
InfoWatch - Data loss prevention (dlp) and social media monitoring (smm)
1. Data Loss Prevention (DLP)
and
Social Media Monitoring (SMM)
Workshop
Alexander Zarovsky
Chief Business Development Officer
InfoWatch
2. Who We Are
Group of companies founded in 2003 as the spin off of
Headquarters: Moscow City / Russia, Subsidiary in Germany,
actively present in Middle East (UAE, Saudi Arabia, Bahrain, Qatar, Oman)
Global Partnership Alliances in Russia & CIS, Asia, Middle East, Europe
and South America
8 years of experience in data analysis and information control,
over 150 successful projects in enterprise segment
Focus on:
Data Loss Prevention
& Protection (DLP)
Intellectual Property Protection
IT Security Risk Management
and Compliance
Social Media Monitoring (SMM)
and Reputation Management
4. Digital Assets of a Company
Information is often the most valuable asset of a company
5. Data Leakage / Misuse Trends
Problem awareness
is growing
6. Data Leakage / Misuse Trends
900
800
700
600
2006
500
2007
2008
400
2009
2010
300
2011
200
100
0
2006 2007 2008 2009 2010 2011
Number of leaks 198 333 530 747 794 801
Number of leaks occurred at organizations, that were subsequently published in mass media
7. 2011 Worst Incidents in Numbers
Sony Online Entertainment
Size: 101 million user accounts
Type of Data: name, home and e-mail addresses,
login credentials, some credit card information
Epsilon, Alliance Data Systems
Size: Unknown; 60 million records estimated
Type of Data: e-mail addresses, some names
HBGary Federal
Size: 60,000 records
Type of Data: corporate emails, presentations, client reports
WordPress
Size: Unknown, 18 million records estimated
Type of Data: source code, API keys, passwords
9. Data Leaking Channels
2010 Unspecified 2011
Laptops, smart phones
5.0% 5.0% 6.6%
2.0%
Personal computers
16.2%
12.0% 8.5%
Removable media
20.0%
9.6%
Web
19.1%
25.0%
E-mail 13.9%
7.0%
16.0%
Paper documents 13.6%
6.2%
6.2%
8.0%
Spare copy media
Other
10. Data Leaks by Industry Segment
2010 2011
2% 4%
12%
Commercial leaks Commercial leaks
31%
16% Governmental leaks 45% Governmental leaks
Educational leaks Educational leaks
70%
Unspecified 20% Unspecified
11. Which Sensitive Data are Leaking Out
Types of Leaks, 2011
3% 2%
3%
Personal data
Commercial secret
State secret
Unspecified
92%
Personal data keeps a leading position in announced incidents
12. World Data Leaks Trends
Forecast
Hardly probable registered data leaks growth in English speaking
countries. Possible decline.
Growth of data leaks incident amount and probability increase
of their overseas disclosure
Gradual adoption of mandatory leak incident notice worldwide
DLP technology adoption by country
Mass adoption: USA, Great Britain, Australia
Emerging adoption, rapid growth: East Europe, Asia, Middle East
Careful reconsideration of data security practices in favor of DLP
in Western Europe as a result of legislation amendements
15. DLP Marketing vs. Reality
The market is immature and forced by leading vendors
More technologies doesn’t protect you at 100%, while more
security policies doesn’t mean that you’re getting a better data
protection
Company needs a mixture of technology and methodology
for working with its information assets
Data classification is still an issue
Remote access to business applications is not completely
secured by DLP, but is highly required
16. IT Security Risk Management
vs. DLP and SMM
Mitigating information security risks with DLP toolset
Forensics, investigation of incidents and retrospective analysis
Reputation management with social media monitoring
17. DLP Business Processes
Challenge and manufacturing
Product design
Suppliers
Manufacturer
Highly proprietary intellectual
property, product designs
Partners
Healthcare
DLP solution that blocks access Healthcare
Doctors
or quarantinesscans, other medical
Digital X-ray, CAT
sensitive information providers
creates a barrier, interrupting the flow
information
of data or blocking it altogether
Real estate Homebuyers
and sellers
Mortgage
lenders Real estate
Real estate transaction documents agents
19. InfoWatch DLP Technology Circuit
Decision
Interception Analysis Storage
Making
• Software agents Data Analysis • Allow • Centralized
at employees’ unchangeable
workstations • Formal attributes • Block archive
(sender/recipient
• Gateway Traffic attributes, file digital • Further • Responsibility
interceptors hash, etc.) processing zones management
• Server-side • Content • Monitoring of
plug-ins (e.g. OWA) • Linguistics including Arabic current actions
• Digital fingerprints
with sensitive data
• Templates • Retrospective
• OCR analysis and
investigation
20. InfoWatch DLP Lifecycle
Pre-DLP DLP Post-DLP
• Information • DLP software • Qualified digital
security audit implementation evidence
• Information assets • Software collection
classification adjustment • Internal
on the fly in accordance investigation
• Regulatory with customer
approved assistance
documents
development regulations • Legal proceeding
• DLP system against violator
maintenance
21. InfoWatch CrypKey DRM as DLP add on
Sensitive documents are encrypted as they leave your organization
Only intended users outside of your organization can view
the document/file and only if you provide them with a Key
The Key you provide limits the rights of the end user and the amount
of time you authorize a document’s lifecycle
The use of the document/file is locked to the end-user computer
Documents remain encrypted so the risk of copying and sharing
without your authorization is eliminated
22. InfoWatch CrypKey DRM Key Features
Highly Secure
Uses same encryption level as bank transactions
Document use is locked to end-user computer
Rights Management
Printing can be blocked
Copy/Paste and Screen Capture can be blocked
Use of document can be time or use limited
Document Management
Back-end activation server used to manage document use
Receive alert when document is activated
Application
PDF, PPT, XLS, DOC and many other file types
24. InfoWatch DLP Technology Advantages
Preloaded industry-specific rules, policies and reports
Forensic Storage for automatic data classification and incident
investigation
Gateway and endpoint components for traffic management,
device control and transparent data encryption with DRM
Robust proprietary data analysis technologies:
linguistics, OCR, templates analyzer, file header analysis, etc.
Securely managed remote access to corporate infrastructure
Proven enterprise-grade scalable architecture
Support of up to 20,000+ users in one Data Center
25. InfoWatch DLP Compliance Enabler
Forensic storage (archive) and investigation tools
Control over the information flow with sophisticated real-time
and historical reports
Data security with encryption, IRM & DRM
26. InfoWatch DLP in Large Enterprise Topology
C o n fig u ra tio n
R u le s
A le rts
F o re n sic D a ta
Shadow Copies
Device Monitor
Print Monitor
CryptoStorage
27. Social Media Monitoring:
Where Reputation is Built and Lost
2 000 000 000 Internet users worldwide
900 000 000 in Facebook
300 000 000 in Twitter
Social media is #1 activity on the Web
91% of online adults use social media
in a typical month
Social media are websites which content is created by users:
blogs, microblogs, forums, social networks, media portals, etc.
In social media people share opinions (especially negative) about
everything, including brands, services, actions, etc.
28. Facebook Statistics
Usage in Middle East Countries
# in global Growth Growth % Penetration
Country No of Users
rating in last 6 month in last 6 month in population
21. Egypt 11 447 040 +985 360 +9.41% 14.22%
29. Pakistan 6 945 140 +534 320 +8.34% 3.92%
32. Saudi Arabia 5 239 040 +92 880 +1.80% 20.36%
United Arab
48. 3 075 840 +168 140 +5.78% 61.82%
Emirates
56. Jordan 2 458 720 +233 300 +10.48% 38.38%
62. Iraq 2 086 280 +432 640 +26.13% 7.03%
86. Kuwait 771 400 -126 700 -14.10% 27.66%
89. Qatar 698 540 +217 240 +45.13% 83.07%
103. Oman 485 060 +62 860 +14.89% 16.34%
111. Bahrain 355 480 +9 280 +2.68% 48.17%
Source: Facebook Statistics by Country by Socialbakers, Sep 2012
http://www.socialbakers.com/facebook-statistics/?interval=last-6-months#chart-intervals
29. Facebook Statistics
Usage in Southeast Asia
# in global Growth Growth % Penetration
Country No of Users
rating in last 6 month in last 6 month in population
3. India 53 624 320 8 604 540 +19.11% 4.57%
4. Indonesia 39 817 960 533 440 +1.23% 16.39%
16. Thailand 16 399 820 2 176 160 +15.29% 24.70%
18. Malaysia 12 818 680 452 920 +3.66% 49.00%
27. Vietnam 7 185 380 4 011 900 +126.42% 8.02%
51. Singapore 2 801 900 197 520 +7.59% 59.60%
95. Cambodia 632 720 142 480 +28.99% 4.29%
98. China 552 920 107 160 +23.95% 0.04%
Source: Facebook Statistics by Country by Socialbakers, Sep 2012
http://www.socialbakers.com/facebook-statistics/?interval=last-6-months#chart-intervals
30. What This Means for a Company
People often share 57% customers
Online comments =
negative experience start problem solving
direct customer feedback
and trust each other on the Web *
Opportunity to develop
Corporate reputation People expect interactive market-leading
suffers communications online products, manage services,
protect business
Company should
Company should react
collect, analyze and
fast to claims
manage online
and questions online
comments
Company should monitor social media in the internet
* According to a TNS research.
This ratio reaches 65% for people aged 25-34
31. Is Manual Monitoring Efficient?
Web 2.0 environment
Information volume is growing fast
Information is spread instantly
Unstructured data, informal spoken language
Manual Reporting
No QA & transparency: no idea of actual coverage and quality
No options for direct customer interactions
No instant information delivery and ad hoc reporting
No integration with IT systems
32. InfoWatch KRIBRUM: the SMM Solution
Cloud-based system for social media monitoring and analysis
for reputation and customer experience management online
Collects customer feedback in Social Media sources (forums, blogs, news media)
Automatically analyses topics and scores sentiment (emotional attitude)
Manages customer feedback processing workflow
Generates sophisticated reports in real time
35. InfoWatch KRIBRUM Features
Data Extraction Quality
Searching all kinds of online media
Spam and duplicates filtering out (up to 95%)
Close-to-real-time monitoring
Automatic content analysis and sentiment scoring
Industry-specific context consideration
Automatic sentiment scoring: Positive/Neutral/Negative (80%)
Automatic content categorization by topics
Multi-language support (incl. English and Arabic)
Competitive comparisons
Audience identification: most active communities, brand advocates &
critics, opinion leaders, geography and social demographics, and more
36. InfoWatch KRIBRUM Features
Customer Interaction Workflow
Direct response to comments from the service console
Direct links to comments with full text available within the system
Extensive Reporting
Visual interactive reports, flexible data filtering for viewing
Export to XLS, XML, etc.
Corporate Usage
Multi-user support, role-based access model
Cloud-based (SaaS) service
No software installation, all functionality within a web browser
API for integration with IT systems (BI, CRM, Call Center, etc.)
37. InfoWatch KRIBRUM for Top Management
KRIBRUM is not only an efficient tool for sales & marketing and
support teams, but also a means of control for top management:
An objective comprehensive outlook at any moment:
How customers perceive the brand, particular services, etc.
What competitors are doing and how customers are reacting
What goes on in the public information field
Complete unbiased information,
not distorted while being transferred
through hierarchy levels
Visual analytics easily available
at any time right in web browser
38. InfoWatch KRIBRUM Case Study #1
Goal: manage subscribers’ loyalty via improving
customer support and communications in social media
Start: January 2011 The leading
10 objects monitored: telecom group
in Russia,
MTS + 8 other telecom operators + MTS mobile phones
Eastern Europe
Data collected and analysed by May 2012: and Central Asia
Total 2 300 000 posts, incl. nearly 1 000 000 original posts
Among them 850 000+ posts (350 000 originals) related to MTS
Daily traffic: up to 4000 posts, including up to 2000 on MTS
(with occasional peaks of 10 000 publications and more)
Profiles of 803 000 authors of telecom-related postings
System usage:
Used by Department of service support in Moscow and Russian regions
Several hundreds reply messages per day are posted online
Team work with collaboration workflow is in place
Result and plans:
Customer is satisfied with the delivered quality, plans to expand
the monitoring scope and integrate KRIBRUM with Call Center/CRM system
39. InfoWatch KRIBRUM Case Study #2
Goal: improve customer satisfaction via listening
to the Voice of Customer and developing
direct communications with clients in social media The largest credit
institution
Project start: March 2012
in Russia and CIS
Average data volume: 1500 - 2000 posts daily,
50 000 - 60 000 posts monthly (on Sberbank and major competitors)
Current usage – Customer Care service (PR department):
Ad hoc research and analysis of online customer feedback:
Satisfaction with the customer service in offices
Regional differentiations in customer claims and requirements
Product improvements expected by clients, etc.
Direct responding to client’s questions and claims online
Analytical reports to top management
Vision and plans:
Intensify the usage of monitoring data for loyalty management
Involve regional branches into online activities (not just in HQ)
Integration with corporate IT systems
40. Benefits from InfoWatch
Securing corporate reputation and managing customer
experience in social media
Reduction of financial loss / increase of operations
efficiency with effective IT security risk management
and data leakage prevention
Protection of digital assets & intellectual property
Compliance with international standards
(ISO, SOX, Basel III, PCI DSS and other)
41. Thank you!
Alexander Zarovsky
Chief Business Development Officer
InfoWatch
Contact Info +7 495 22 900 22
alexander.zarovsky@infowatch.com
www.infowatch.com
Dubai 2012