1 / 35

Efficient Classification for Information Assurance in a Federated World

Learn about the importance of information sharing, user awareness, and responsibility in ensuring information assurance. Explore user warning systems, risk management controls, and technology's role in safeguarding data. Discover policies and technologies aiding in sensitive information identification and protection.

ovidio
Download Presentation

Efficient Classification for Information Assurance in a Federated World

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Efficient Classification: A Big Step Toward Information Assurance in a Federated World Scott Morin Vice President of Sales Titus

  2. Sound Bytes from Yesterday • “Information sharing is a source of power” • First Admiral Dato’ HjRusli • “You have got to deal with the person machine interface” • First Admiral Dato’ HjRusli • “Moving from Milspec to COTS makes a lot of sense in certain circumstances” • Lt. Colonel Jim Dryburgh

  3. Sound Bytes From Yesterday • “Operate, Innovate, Educate” • Air Vice-Marshall John Blackburn

  4. Titus • “Provides COTS applications that enable information sharing and assurance that are easy to use while educating end users on information policy should they inadvertently make a mistake”

  5. Up Next • Demo

  6. Not so fast • “Talk to me about how your industry perspective can contribute to the solution of my problem - don’t talk product!” • Air Vice-Marshall John Blackburn

  7. For Now – Lets talk about

  8. The Volvo Shift • Historically • Focused on protecting the payload in the event of an incident (crash) • Seatbelts, Strong Steel, Crumple zones • New Focus • is on preventing the incidents in the first place • Focus on the Driver (user) *You should still wear your seat belt

  9. Drivers (Users) Role and Responsibility in Safety (Security)

  10. User Warning System • Warns user when violating policy • Following too close can be dangerous • Benefit: Education and Awareness - “Safe Driving Distance”

  11. Risk Management Controls • User can tune policy based on their risk tolerance

  12. Adaptive Cruise Control • Uses Sensors to Detect Threats (other cars) • Applies policies based on the situation • Policies: Acceleration, Braking

  13. Other Services • Lane Departure Warning • Collision Avoidance • Won’t make coffee, but will tell you when it is time for one

  14. Technology Helps, Not perfect • Still a role for the driver • Somebody (or some dog) could get hurt

  15. Observations • Works great in some environments • Autobahn in Germany

  16. Does not work everywhere … • Too many Warnings • Distracted • Reduced Productivity • Sometimes you have to disable the system

  17. Some Observations • Technology can help • Educate • Create situational awareness • User/Driver still needs to be part of the equation for best results • Need to find the right balance

  18. Information Assurance Model

  19. The User Community The Careless The Stressed The Disorganized The Partisan The Home Worker The Newcomer The Industrious The Overcautious The Lazy The Spy The Inexperienced

  20. User Awareness and Responsibility • Raise User Awareness • Apply Visual Markings • Force User to Classify and react to policy violations • Help them • Record Actions

  21. Identify Information Sensitivity Click Send Classification pop-up Guided classification Compose email Software is customizable to incorporate required protective markings

  22. Visual Labels for Awareness Subject Marking Header Footer Disclaimer

  23. Classification Selector in Word Save Classification pop-up Compose document Guided classification

  24. Visual Labels for Awareness Header/footer Not shown: Footer Watermark

  25. User Awareness Policy Examples • Policy Verifier: Before Send • Check Recipients • Check Attachments • Check Content All messages are customizable

  26. Keep Internal Information Internal Forward External address warning Internal Only

  27. Check Attached Documents Select label Attach document Message upgraded Attachment Check Document label added

  28. Content Validation – Sensitive Project Default label is blank Click Send Sensitive content detected Send Anyway can be disabled

  29. Content Validation – Sensitive Project Change to Internal Visual markings added

  30. Examples of Military Markings Please Note: Markings within this presentation are for illustration purposes only and do not contain any sensitive data

  31. Assurance = • supported share not need to know • safe enablement not secure hindrance • responsibility not automated security • accountability not mistrust • education not enforcement

  32. Critical Success Factors Interoperability with existing security solutions Centralized administration Fast and easy deployment Verifies policies Validates content

  33. Wiki Leaks – How Labeling helps

  34. Selected WorldWideDefence Customers • United States Army Accessions Command • Lithuanian MoD • Belgian MoD • ARCENT • SOCCENT • JFCOM • SOUTHCOM • STRATCOM • US Forces Korea • US Veterans Affairs • Australian Department of Defence • Danish Defence • Albanian Armed Forces • United States Air Force - SIPR • Central Command • United States Marine Corps • United States Navy • Central Air Force (USAF) • Canadian Armed Forces • Finnish Air Force • NATO – NC3A

  35. Thank You! Scott Morin Scott.Morin@Titus.com www.titus.com

More Related