1 / 29

Complete Messaging Security: More than Spam Protection

Complete Messaging Security: More than Spam Protection. November 15, 2014. Agenda. Today’s messaging security requirements Including content security & outbound email risks Proofpoint Solutions Introduction to Proofpoint Case Studies Wrap-up and Q & A. Multiple Threats to Email Security.

pearl-jensen
Download Presentation

Complete Messaging Security: More than Spam Protection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Complete Messaging Security: More than Spam Protection November 15, 2014

  2. Agenda • Today’s messaging security requirements • Including content security & outbound email risks • Proofpoint Solutions • Introduction to Proofpoint • Case Studies • Wrap-up and Q & A Proofpoint Confidential

  3. Multiple Threats to Email Security Enterprise Email Threats • Threats are both inbound and outbound • Spam is gaining: 300% growth in past 18 months • Spam costs $1,943** in lost productivity per employee per year • 43% of large companies employ staff to monitor outbound email* • Companies estimate that nearly 25% of emails contain content that poses a legal, financial, or regulatory risk* • 27% of companies terminated an employee for violating email policies in past year* Firewall Internet Spam, virus, phishing Firewall Proprietary info, corporate memos, regulatory compliance NetworkThreats Content Security Risks Directory harvest, DoS, hacking *Source: Forrester Resarch study **Source: Nucleus Research Proofpoint Confidential

  4. Top Outbound Email Concerns Source: Proofpoint/Forrester Survey 2005 Proofpoint Confidential

  5. What’s Occurred in Last 12 Months Source: Proofpoint/Forrester Survey 2005 Proofpoint Confidential

  6. Enforce Internal Governance • Comply with internal policy • Protect internal memos, plans • Monitor for sexual harassment, hostile work environments • Control financial reportingfor Sarbanes-Oxley “75% of executives were very concerned or concerned about compliance with internal email policies” • Business risks • PR/brand damage, decreased shareholder value • Employee litigation • Regulatory penalties Source: Proofpoint/Forrester survey 2005 Proofpoint Confidential

  7. Protect Privacy • Comply with privacy regulations • HIPAA, GLBA, CA-SB1386 • Protect customers’ private data • Prevent identity theft “Failure to comply with HIPAA can result in civil penalties of up to $25,000 per year, and criminal penalties of up to $250,000 plus imprisonment” • Business risks • Loss of customers & trust • Regulatory penalties • PR/brand damage, decrease in shareholder value Source: American Medical Association Proofpoint Confidential

  8. Secure Intellectual Property • Protect the crown jewels • IP is different for every organization • Product designs, source code • Secure classified data “Over 1/3 of those surveyed had investigated a suspected loss of proprietary information over email in past year” • Business risks • Loss of business and competitive advantage • PR/brand damage, decrease in shareholder value • Decrease in national security Source: Proofpoint/Forrester survey 2005 Proofpoint Confidential

  9. Information gathering Policy creation Policy Application Controls Access controls Communication Controls Risk Mitigation Starts with Policy Business, departments, industry, intellectual property, corporate data, regulations, audit Email Controls Source: Modified from Institute of Internal Auditors Proofpoint Confidential

  10. Agenda • Today’s messaging security requirements • Including content security & outbound email risks • Proofpoint Solutions • Introduction to Proofpoint • Case Studies • Wrap-up and Q & A Proofpoint Confidential

  11. Digital Asset Security Regulatory Compliance Anti-virus Anti-spam Email Firewall Secure Messaging Content Compliance Anti-virus Anti-spam Email Firewall Digital Asset Security Content Compliance Regulatory Compliance Secure Messaging Proofpoint MTA Proofpoint Messaging Security Console The Proofpoint Solution • Comprehensive, future-proof content security suite • Patent-pending Proofpoint MLX content classification • Can prevent infractions, report and secure email • Enterprise-grade architecture for outbound security Proofpoint Confidential

  12. Proofpoint Spam Detection Module Powered by Proofpoint MLX Machine Learning • 3rd generation technology is more advanced than Bayesian and signature techniques • Detects 100,000+ spam attributes • Commercial spam • Adult or pornographic spam • Phishing attacks • Zero administration • Automatic updates every week • No need to custom rules • No decay in effectiveness “98.9%: The highest spam blocking rate we’ve ever seen = 9.0 out of 10.0” “What sets Proofpoint apart is that it combines SVM with other detection approaches.” Emerging Technology Showcase Award Proofpoint Confidential

  13. Industry Leading Anti-virus • Employ anti-virus at the gateway • “Defense in depth” strategy • Automatic virus updates • Push to production or receive alerts • Fastest production-ready updates • Centralized management • Proofpoint Messaging Security Console • One interface for spam, virus, email firewall • Flexible virus handing • Full virus reporting # of unique viruses 1986 1988 1990 1992 1994 1996 1998 2000 2002 Source: F-Secure Proofpoint Confidential

  14. Proofpoint Content Compliance Module Internal governance and control • Compliance with internal policy • Monitor 400+ standard file types • File Type Profiler for custom types • Add custom footers/disclaimers • Monitoring for inappropriate business communication • Prevent hostile work environments • Audit for sexual harassment • Installed with offensive language dictionary Proofpoint Confidential

  15. Internet 3 1 Block or quarantine based on policy Train Proofpoint MLX Proprietary and Confid DAS 2 Filter outbound email and attachments Proofpoint Digital Asset Security Module Detects and prevents leaks of sensitive information • Employed to: • Enforce internal governance • Protect privacy • Secure intellectual property • Enterprise Data Connector • Allows business users to secure content • Links to file shares, web servers, content management systems Proofpoint Confidential

  16. Proofpoint Regulatory Compliance Module HIPAA compliance for email • Secure protected health information (PHI) • Preloaded with Proofpoint-managed code sets • Common procedure names • Disease names • Drug classes, drug dosage • Drug names • Secure PHI with encryption Security rule: April 2005 General penalty: to $25,000 Wrongful disclosure penalty: $50,000 to $250,000 + imprisonment Proofpoint Confidential

  17. Proofpoint Secure Messaging Module (powered by Voltage™ IBE) Proofpoint MessagingSecurity Gateway or Protection Server • Policy-driven secure messaging • Easy to administer • Easy to use • Low total cost of ownership Sender Proofpoint Secure Messaging Module Recipient Proofpoint Confidential

  18. FTP Proofpoint Network Content Sentry HTTP and FTP Proofpoint Network Content Sentry™ • Monitor HTTP, FTP traffic • Leverage existing policy management, reporting, quarantine Proofpoint Messaging Security Gateway or Protection Server Proofpoint Messaging Security Console Proofpoint Confidential

  19. Agenda • Today’s messaging security requirements • Including content security & outbound email risks • Proofpoint Solutions • Introduction to Proofpoint • Case Studies • Wrap-up and Q & A Proofpoint Confidential

  20. Company Overview The leading provider of messaging security solutions for large enterprises, universities, and government agencies HQ’d in Cupertino, CA; Offices in NA, Europe, Asia 24x7 global support organization Global Reach World-class Team Experts in messaging and security, inventors of messaging Best-of-breed Partners Protecting hundreds of customers, millions of mailboxes 100% reference-able Customer Success Proofpoint Confidential

  21. The Company We Keep Financial Services Telecomm Technology Retail, Services Manufacturing Distribution Healthcare and Pharmaceuticals Public Sector Education Proofpoint Confidential

  22. 3rd Generation “Some learning methods - such as Bayesian filtering - have proved to be unreliable for spam filtering in the enterprise environment.” Technologies 2nd Generation Technologies Proofpoint MLX™: Logistic Regressionand Support Vector Machines Heuristics; Bayesian; Cocktail of 1st and 2nd generations Limitations 1st Generation Limitations Technologies • Solve Limitations: • Immune to randomness • Not reliant onexternal party • Fully automated machine learning • Smarter than Bayesian Only man-made rules; Assumes all independent attributes Signatures; RBLs Summary Limitations Higher False Positives Thwarted by randomness; RBLsrely on inaccurate3rd parties Summary Time BOTH high effectivenessand low false positive Summary Lower Effectiveness The Most Confident Content Inspection Proofpoint MLX – a 3rd Generation Solution Proofpoint Confidential

  23. Agenda • Today’s messaging security requirements • Including content security & outbound email risks • Proofpoint Solutions • Introduction to Proofpoint • Case Studies • Proofpoint architecture and deployment • Q & A Proofpoint Confidential

  24. Case Study: Protection of Privacy—HIPAA Healthcare provider • Company • 3,800 email users • Provides community healthcare services • Key content security concerns • Protect patient privacy • Detect and secure both PHI and payment/claim information for HIPAA and GLBA compliance • Solution • Proofpoint Messaging Security Gateway • Proofpoint Regulatory Compliance module • Proofpoint Digital Asset Security module • PGP Universal Server™ Proofpoint Confidential

  25. Case Study: Protection of Privacy—GLBA Large regional bank in Northeast USA • Company • 8,600 employees • Provider of personal banking services • Key content security concerns • Protect customer privacy • Detect financial informationfor GLBA compliance • Solution • Proofpoint Messaging Security Gateway • Proofpoint Regulatory Compliance module Proofpoint Confidential

  26. Case Study: Secure Intellectual Property Major automobile manufacturer • Company • 12,000 employees • Automotive design centers acrossthe country • Key content security concerns • Protect intellectual property • Stop car designs (CAD files)from leaving through email • Solution • Proofpoint Messaging Security Gateway • Proofpoint Digital Asset Security module Proofpoint Confidential

  27. Case Study: Secure Intellectual Property Software gaming and entertainment • Company • 5,400 employees • Game design in California and Asia • Key content security concerns • Protect intellectual property • Stop game source code from leaving through email • Solution • Proofpoint Protection Server (software) • Proofpoint Digital Asset Security module Proofpoint Confidential

  28. Agenda • Today’s messaging security requirements • Including content security & outbound email risks • Proofpoint Solutions • Introduction to Proofpoint • Case Studies • Wrap-up and Q & A Proofpoint Confidential

  29. Why Proofpoint? • Focused on largest risk – outbound email • Enforces internal governance, protects privacy, secures intellectual property • Prevents breaches from occurring • Low total cost of ownership • Centralized security platform: inbound and out, encryption • Low administration: Proofpoint MLX, managed code sets, smart identifiers • Full visibility: Audit, reporting and forensics • Evolves along with policy & business: Business and IT user interface Proofpoint Confidential

More Related