Contenu connexe Similaire à Forcepoint Dynamic Data Protection (20) Plus de MarketingArrowECS_CZ (20) Forcepoint Dynamic Data Protection2. DIGITAL
ACTIVITY
“BAD”“GOOD”
THE TRADITIONAL APPROACH TO
CYBERSECURITY
‣ Trusting static policies in a dynamic environment
‣ Decide what is good or bad at a single
point in time
‣ Configure your defenses to stop the bad from
entering and allow the good to pass through
THREAT CENTRIC
Necessary but insufficient
A LACK
OF CONTEXT
EASY TO CLASSIFY EASY TO CLASSIFYHARD TO CLASSIFY
3. “BAD”“GOOD”
A NEW PARADIGM: HUMAN-CENTRIC
CYBERSECURITY
BEHAVIOR CENTRIC
DIGITAL
ACTIVITY
‣ Detect individuals interacting with system that
post the greatest potential user risk
‣ Rapidly and anonymously understand potential
risky behavior and context around it
‣ Decide what is good or bad based on how users
interact with your most valuable data
‣ Continuously revisit your decisions as you and
our machines learn
PROVIDE CONTEXT
TO MAKE OPTIMAL
SECURITY DECISIONS
Risk-adaptive security
4. DATAPEOPLE
FOCUS ON THE TRUE CONSTANTS
PEOPLE DATA
Understanding the intersection
of people, critical data and IP
over networks of different
trust levels.
THE HUMAN POINT
5. Forcepoint
Web & Email
Security
Forcepoint
Data Guard
Forcepoint
NGFW
Forcepoint
CASB
Forcepoint
Insider Threat
Forcepoint
DLP
Gartner Magic Quadrant
Leader in Enterprise DLP
9 consecutive times.
Forcepoint
UEBA
The leader in actionable
insights based on
risk-adaptive scoring.
FORCEPOINT COMMERCIAL PORTFOLIO
6. Copyright © 2018 Forcepoint. | 6
Protect the important data
wherever it resides
Overwhelming
Administrators
Frustrating Users
Mistaking
CURRENT MISSION FOR MODERN SECURITY ORGANIZATIONS
without
for
7. Copyright © 2018 Forcepoint. | 7
GRADUATED ENFORCEMENT BASED ON RISK
For policies governing compliance use-cases or highly sensitive information,
“Block All” can be the action plan for all risk levels.
For policies where additional context can help inform decisions, additional
granularity is now available.
8. Copyright © 2017 Forcepoint. | 8
DYNAMIC DATA PROTECTION PROVIDES AUTOMATED ENFORCEMENT
DATA SOURCES ANALYTIC ENGINE AND INSIGHTS POLICY ENFORCEMENT⟩ ⟩
Forcepoint
Endpoint
OR
Forcepoint DLP
Any Data Source
9. Copyright © 2018 Forcepoint. | 9
STATIC VS DYNAMIC POLICIES IN ACTION
STATIC POLICIES BASED ON PRE-DEFINED RULES
Traditional
DLP Policy
Policy: block files from being copied
to USB drives, alert gets sent to IT
Kate is giving a presentation to senior leadership and tries
to copy her slides to a USB stick
The admin needs to track down the alert
Thousands of alerts come in overwhelming the
security admin team
The security team turns off the DLP policy because
there are too many false positives
Kate is frustrated because simple tasks are blocked
Kate will find another way to solve her problem
The data protection system becomes ineffective
ADMINISTRATOR IMPACTSUSER IMPACTS
Kate, PhD
Research Chemist
10. Copyright © 2018 Forcepoint. | 10
STATIC VS DYNAMIC POLICIES IN ACTION
ACTIONS VARY BASED ON THE RISK LEVEL OF PEOPLE AND THE VALUE OF DATA
Medium
Risk Group
Policy: Rather than just create an alert, take action
and notify the administrator
High
Risk Group
Policy: observe Kate’s every user & machine detail
and block all data transfers or copies anywhere
She gets a supplier’s query about an order
she doesn’t remember placing and then logs
into the supplier’s website to check on it
Kate begins to bulk copy files to
her local machine at off hours.
Low
Risk Group
Policy: encrypt fingerprinted files to USB drives but
allow others to be copied.
Kate is giving a presentation to senior
leadership and tries to copy her slides to
a USB stick
Kate begins accessing highly sensitive
drug formula data and attempts to copy
it off the corporate network
Kate, PhD
Research Chemist
11. Copyright © 2018 Forcepoint. | 11
INSIGHT INTO INTENT
An employee tries to print customer’s
credit card data and the DLP solution
blocks it.
Is this employee a risk?
12. Copyright © 2018 Forcepoint. | 12
INSIGHT INTO INTENT
What if your employee….
tries to print customer’s credit card
data and your DLP solution blocks it,
but then…
tries to upload it to Google Drive and
your CASB solution blocks it, but then…
tries to copy it to USB, and your DLP
solution blocks it, but then…
tries to send it to a personal email
address, and your DLP solution blocks
it, but then…
tries to FTP it outside the organization,
and your DLP solution blocks it…
tries to send it to upload it to Dropbox,
and your CASB solution blocks it, but
then…
Is this employee a risk? How would you know?
13. Copyright © 2018 Forcepoint. | 13
INSIGHT INTO INTENT
Let’s try that again, but with Forcepoint’s Dynamic Data Protection….
Your employee tries to print customer’s credit
card data and your DLP solution blocks it, but
then…
tries to upload it to Google Drive and your
DLP solution blocks it, but then…
tries to copy it to USB, and your DLP solution
blocks it, but then…
tries to send it to a personal email address,
and your DLP solution blocks it, but then…
tries to FTP it outside the organization, and
your DLP solution blocks it…
tries to send it to upload it to Dropbox, and
your CASB solution blocks it, but then…
Employee
Risk
14. Copyright © 2018 Forcepoint. | 14
INSIGHT INTO INTENT
Once High Risk is identified,
Security Team has options
1) Initiate an investigation
2) Adjust policies and
implement protective
measures
15. Copyright © 2017 Forcepoint. | 16
BENEFITS OF DYNAMIC DATA PROTECTION
Intelligent DLP
Increased
Productivity
Detect and Respond to High-Impact Events in a
Shorter Amount of Time.
Provide greater flexibility in policies, and adapt
enforcement based on calculated risk.
Proactive Security
Management
Reduce the amount of DLP alerts that need to be
triaged, transition DLP from broad to individual
policies.
16. Copyright © 2017 Forcepoint. | 17
FORCEPOINT DYNAMIC DATA PROTECTION
THANK YOU!
LEARN MORE AT forcepoint.com/dataprotection