610 likes | 758 Views
Welcome to SOPHOS DATA LEAKAGE PREVENTION AND DATA PROTECTION SEMINAR 28 JAN 2010 HOTEL EQUATORIAL KL. SC Systems Sdn Bhd. Thank you. http://www.facebook.com. https://twitter.com/scsystems. http://www.scsystems.com.my/. http://www.youtube.com/watch?v=bySYNTXtb6U.
E N D
Welcome to SOPHOS DATA LEAKAGE PREVENTION AND DATA PROTECTION SEMINAR 28 JAN 2010 HOTEL EQUATORIAL KL
SC Systems Sdn Bhd Thank you
http://www.facebook.com https://twitter.com/scsystems http://www.scsystems.com.my/ http://www.youtube.com/watch?v=bySYNTXtb6U
SC Systems Sdn Bhd The Team
SC Systems SdnBhd Team Caren Lee Charles Kong Kevin Ho Carol Chai Mohd Fedli Sophos Malaysia Team MF Che Eugene TEH Johnny Yeo
Invited Guest Speaker Mr Ogie Tabor Sophos Philippines
SC Systems Sdn Bhd Our Support and Blogs
Phone Support +603-9200 6220 (Normal Office Hour) +603-80767467 (03-80SOPHOS) 24 x 7 support@scsystems.com.my supportasia@sophos.com Normal Office Hour – 2 to 4 hours respond support@scsystems.com.my Normal Office Hour – Immediately * www.sophos.com/support Sophos Products Knowledgebase - 24 x 7
http://scsys.blogspot.com/ http://www.sophos.com/blogs/gc/ http://www.sophos.com/blogs/duck/
Sophos Malaysia Mr Che Mun Foong
Data Leakage Prevention Charles Kong S. C. charles@scsystems.com.my
What is Data Leakage Prevention (DLP)?
How is this data exposed? Leakage via USB Loss of devices Leakage via email and web Email represents the single greatest potential liability for data loss * Data is representative and uses an IDC data point on the split between accidental and deliberate data loss.
NUS Data leakage – 1st April 2009 • NUS accidentally leaks personal data of some 15,700 alumni members • Consequences of personal data falling into the wrong hands • What can organisation do to prevent accidental data leakage? Source : http://www.zaobao.com.sg/sp/sp090416_501.shtml
Hong Kong : Police confidential Data Leak • 26th May 2008, police confidential and classified documents discovered by Foxy King • The documents include information on three undercover police officers who have bought illegal substances in a dubious Mong Kok disco and cars used by people suspected of thefts from motor vehicles in Wong Tai Sin Source : HKCERT Source : HKCERT
Headlines are the tip of the iceberg Brand damage Loss of customers Incremental internal costs Direct costs of intellectual property loss
Today’s ChallengesRise of stolen/lost Confidential Information • ???? Notebook • Lost or stolen weekly at the eight largest airports in EMEA • ???? Notebooks • Lost or stolen weekly in US airports (estimated) July 2008 www.vnunet.com/vnunet/news/2223012/eu-travellers-losing-laptops-airports
5000 notebooks forgotten in London Taxis during a 6 months period www.theregister.co.uk/2005/01/25/taxi_survey Today’s Challenges2. Rise of stolen/lost Confidential Information • 3.300 Notebook • Lost or stolen weekly at the eight largest airports in EMEA • 12.000 Notebooks • Lost or stolen weekly in US airports (estimated) July 2008 www.vnunet.com/vnunet/news/2223012/eu-travellers-losing-laptops-airports
Lost laptop orother device 35% 2. Rise of stolen/lost Confidential Information • 70% of all company data are stored redundant on Endpoints(notebooks, desktops, USB Memory sticks), not only on serversPonemon Institute, U.S. Survey: Confidential Data at Risk, August 2007 • Cost of data break will increase 20% per year through 2009Gartner Symposium/ ITxpo , Oct. 2007 • Top - reason for Data Breaches in EnterprisesPonemon Institute, 2007 , Anual Study: Costs of Security Breaches
Data Leakage Prevention And Regulatory Compliance
Today’s Challenges Lost or stolen data on mobile devices Encryption keys lost or stolen Intellectual Property Unauthorizedinternal serveraccess Insecure outsourcing Data theft via removablemedia E-mailinterception
Anti-Spyware PUAs Anti-Rootkit Application Control Genotype NAC LIGHT Device Control Wireless Block Data Leakage Prevention Anti-Virus Endpoint Security and Control 9 Real integration with unified console, engine and agent Behavior (HIPS) Firewall
Anti-Spyware PUAs Anti-Rootkit Application Control Genotype NAC LIGHT Device Control Wireless Block Data Leakage Prevention Encyrption Anti-Virus Endpoint Security and Control 9.5 Real integration with unified console, engine and agent Behavior (HIPS) Firewall
So how does it all actually work ? Best explained with a typical “use case”
An example = Bill in HR and his laptop • At 4:30pm Bill‘s boss asks him to get some budget figures together about staffing levels and wages for next year. Bill‘s boss needs it 10am Monday morning for a meeting • Bill‘s bus leaves at 5:10pm and he doesn‘t like taking his laptop on the bus......so he exports the raw staff data from the ERP sytem and dumps it to a spreadsheet on his hard drive. • Bill‘s plan is to copy the file to his usb sitck and leave a bit early (he‘s going to be working all weekend anyway......)
An example = Bill in HR and his laptop • So he plugs in his trusty US key and tries to save the spreadsheet to his E: • He get‘s a nice pop up messages from SESC9 explaining that the file trasfer has been blocked. Bill shouldn‘t be doing this (a customisable message)
An example = Bill in HR and his laptop • So he opens explorer and tries copying the file to E:
An example = Bill in HR and his laptop • Next he tries to burn to a CD....
An example = Bill in HR and his laptop • ..... I know !!
An example = Bill in HR and his laptop • So he tries to email it to home, via the corporate Outlook email client....
An example = Bill in HR and his laptop • So he tries his Gmail account .....