480 likes | 495 Views
>> ComputerLinks University <<. Utimaco Safeware - The Data Security Company. Tommaso Bucci Country Manager tommaso.bucci@utimaco.it. Software and hardware solutions for Data Encryption E-Mail Encryption Digital Signatures Data Leakage Prevention Primary Users:
E N D
>> ComputerLinks University << Utimaco Safeware - The Data Security Company Tommaso Bucci Country Manager tommaso.bucci@utimaco.it
Software and hardware solutions for Data Encryption E-Mail Encryption Digital Signatures Data Leakage Prevention Primary Users: Medium to Large Enterprises Utimaco SafewareCore Business Areas Information Protection and Control Securing your e –assets
Software and hardware solutions for Data Encryption E-Mail Encryption Digital Signatures Data Leakage Prevention Primary Users: Medium to Large Enterprises Utimaco SafewareCore Business Areas Information Protection and Control Discover Classify Information Monitor Protect Securing your e –assets
Utimaco SafewareThe Data Security Company Utimaco secures electronic assets in an insecure digital world • Trusted company for 25 years • Listed on the German Stock Exchange • €49.4 million of revenue in 2006/2007 • CAGR growth of 22.5% over past 3 years • 300+ employees* • Global presence • 12 subsidiaries • Strong partner network • Awarded major certifications • 6+ million Utimaco users Offices Reseller/Distributors * June 2008
Recognized by Gartner as a LeaderUtimaco Scores Highest for Completeness of Vision • Utimaco has been in the Leadership Quadrant for the last three consecutive years • "The easy-to-understand [Utimaco] product bundle provides all features normally requested by buyers. It is highly interoperable with other key management systems...“ (Source: Gartner – Magic Quadrant for Mobile Data Protection, September, 10th 2007) This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Utimaco Safeware AG.
Today’s Challenges2. Rise of stolen/lost Confidential Information • 70% of all company data are stored redundant on Endpoints(notebooks, desktops, USB Memory sticks), not only on servers* *Ponemon Institute, U.S. Survey: Confidential Data at Risk, August 2006
Today’s Challenges2. Rise of stolen/lost Information • Reasons for Data Breaches in Enterprises Ponemon Institute, 2007 Anual Study: Costs of Security Breaches
Today’s Challenges2. Rise of stolen/lost Information • What is the probability that devicescontain unprotected confidential data? 60% 59% 55% 36% 35% PDA Laptop USB stick Desktop File server Ponemon InstituteU.S. Survey: Confidential Data at Risk, August 2007
Today’s Challenges3. Compliance • Data theft and regulatory compliance replaces malwareas top security concern Enterprise Top Security Concerns in 2007 Theft of Information Regulatory Compliance Viruses 0% 5% 10% 15% 20% 25% 30% 35% 40% Cisco Security Survey 2007http://www.channelregister.co.uk/2007/04/19/security_fears_poll/
Insider:Top 3 Data leakages in Enterprises Today’s Challenges4. Threats associated with Insiders • Reasons for data leakage in Enterprises InternalBreaches 60 % External Breaches20 % Workshare 2007 www.securitymanager.de/magazin/news_h20605.html IDC, Trend Micro: Data Leakage Business Survey, Feb. 2008
Today’s Challenges5. Growing Business Impact of Data Breaches Top 10 MobileDevices Leaks(2006 -2007) Source: INFOWATCH http://www.infowatch.com/threats?chapter=162971949&id=207784708
Today’s Challenges5. Growing Business Impact of Data Breaches • Average Incident Cost per compromised record: $182 Customer Costs Incremental Costs • Unbudgeted legal, audit and accounting fees • Notification of customers • Free or discounted service to customers • Call center expenses • Public and investor relations • Internal investigations • Brand damage • Loss of existingcustomers • Recruiting newcustomers 30% 54% 16% Productivity Costs • Lost employee productivity 100,000 Lost Records = $18.2 Million Liability + Lost Customers Source: Ponemon Institute ‚2006 Annual Study: Cost of a Data Breach‘
SafeGuard Enterprise addresses these challenges Data Protection & Control Need for Integrated IT SecurityIn general • IT Security in Enterprises Today & Tomorrow ”Yesterday” Integrated Solutions Fragmented Solutions Open Enterprise Security Walling Off Security Compliance requests
SafeGuard EnterpriseDelivering an Integrated Solution • A modular information protection control platform that enforces policy-based security for PCs and mobile devices across mixed environments – it is easy to use for the end user and iscentrally managed by a single console. (In Process)
Centrally manage data security via a common policy framework • Enforced Security Policy- Compliance with regulations • Cost optimized User-transparent encryption of all data stored on PC, laptops, - Enforced Enterprise Security Policy Content monitoring and filtering for data leakage prevention Encrypt removable mediaEnable data portabilitywith internal & external partners Protect all PC ports from corporate data leakage and targeted attacks- Physical interfaces- Wireless interfaces- Storage Media Secure file share for project collaboration (networks) Manage external encryption products– e.g., BitLocker, Segate, … = coming with V6.0 SafeGuard EnterpriseOverview - Modules (In Process)
Configure Distribute Monitor SafeGuard EnterpriseModules SafeGuard Management Center • Enforces a common policy framework • Granular policies- users, OUs or device types • Centrally manages keys & certificates • Use of existing infrastructure- AD, LDAP, certificates, token, … • Create, exchange, backup keys • Central management of smartcard/token • Secures data in mixed environments • Windows XP, Vista • Manages external encryption solutions • Security officers (hierarchies/roles) • Comprehensive logging/auditing • Licensing viewing
Configure Distribute Monitor SafeGuard EnterpriseModules SafeGuard Management Center
SafeGuard EnterpriseModules SafeGuard Device Encryption • Cross-platform protection(= full disk encryption) of all data • Enforced Security Policy • Compliance with regulations • Comprehensive logging • Transparent to users • Power on Authentication (POA)- Single sign-on to OS- Flexible extendibility for smartcards • No productivity impact • Secure and simple emergency procedurefor lost passwords (Challenge/Response)
SafeGuard EnterpriseModules SafeGuard Device Encryption • Cross-platform protection(= full disk encryption) of all data • Enforced Security Policy • Compliance with regulations • Comprehensive logging • Transparent to users • Power on Authentication (POA)- Single sign-on to OS- Flexible extendibility for smartcards • No productivity impact • Secure and simple emergency procedurefor lost passwords (Challenge/Response)
SafeGuard EnterpriseModules SafeGuard Data Exchange • Portability of encrypted removablemedia (USB drives, external HDDs,memory cards, rewritable CDs/DVDs) • Transparent solution for internal data exchange • Can read encrypted files on a computerwithout SafeGuard installed- Encrypted data exchange with externals • Flexible workflow - mix encrypted and plainfiles on the same media • Password and data recovery via helpdeskchallenge / response
SafeGuard EnterpriseModules SafeGuard Configuration Protection • Protection against corporate data leakage • Port Control • Device Control • WiFi, Bluetooth, IR Control • Support of Whitelists • Restriction of data transfer basedon device type or serial number • In combination with Data Exchange • Unified policies for port protectionand enterprise-grade encryption
SafeGuard EnterpriseModules SafeGuard LeakProof • Ensure that authorized users are ableto access data, but prevent that datafrom leaving the company unprotected • Addresses data threats by insiders whomay not realize that their actions areputting data at risk (future module in SG Enterprise, currently covered by SG LeakProof (standalone)
SafeGuard EnterpriseModules Protection againstinternal breaches SafeGuard LeakProof • Classify sensitive data and scans alldata operations in real time based on • Sensitive keywords (“secret”, “confidential”) • Data structures (credit card numbers, …) • Fingerprinted documents • Inspects file movements to • USB devices, Bluetooth • Webmail, FTP, HTTP, IM, … • Captures sensitive documents, and either • Notify the user (“please be careful”) • Block the operation • Log the operation • Let justify the operation (future module in SG Enterprise, currently covered by SG LeakProof (standalone)
SafeGuard EnterpriseModules SafeGuard File & Folder Encryption • File- and folder-based encryptionfor workgroups on the network • Fine-granularity protection for dataat runtime and on servers enablesconfidential data exchange withbusiness partners • More security through separation ofpowers between • System administrator • Security officers (future module in SG Enterprise, currently covered by SG LAN Crypt)
SafeGuard EnterpriseModules SafeGuard BitLocker Mgmt. (Device Encryption) • BitLocker - Support to enforce enterprisewide, consistent Security Policy for encrypting • Hard disks (all Vista, XP) • Removable media • Central key management for • BitLocker (Vista) • Hard disks (all Vista, XP) • Removable media (Vista, XP) • Simplifies compliance with regulations • Logging/Reporting Utimaco: Microsoft „Gold Certified Partner“and founding member of the SecureIT Alliance.
SafeGuard Management CenterPolicies: Configuration Protection
SafeGuard Management CenterPolicies Logging up to 280 different events
SG Data Exchange • Transparent encryption of removable media (all kinds) • Users can define own keys or PWand exchange these with partners • “Portable” component • Access via PW on PC where no SG software is installed SG Management Center • Central, uniform security administration • Use of existing infrastructure (AD) • Central logging & monitoring • Security hierarchies SG Configuration Protection • Port Control • Device Control • WiFi, Bluetooth, IR Control • Restrict not allowed file transfer SG BitLocker Mgmt. • Central management of BitLocker encryption • SG Enterprise file-based removable media encryption • Central key recovery SafeGuard Enterprise 5.30Summary – Key Messages SG Device Encryption • Power on Authentication (POA) • Transparent device encryption • data all times encrypted • Offers Compliance • Smart Media Encryption • offers high flexibility • Comprehensive emergency tools • Challenge/Response • Support R&R (Lenovo) • Supports XP and all Vista OS
SafeGuard Enterprise 5.30Summary –Benefit SG Data Exchange • All stored data is completely encrypted • Compliance with regulations • No data in the wrong hands • Encrypted data exchange with partners and externals SG Device Encryption • All stored data is completely encrypted • Freeing users from the burden and responsibility of securing local data • No data in the wrong hands • No image loss in case of theft • Compliance with regulations • No user training needed • No loss of productivity SG Management Center • Time- /cost optimized administration • Enforced security policy • Compliance with regulations • No data in the wrong hands SG Configuration Protection • No data leakage through unwanted endoints or removable media • Limitation of unwanted data transfer SG BitLocker Mgmt. • Time- and cost optimized administration • Compliance (logging) • Easy handling of recovery key
Central Management IT Security Securing your e-assets data in use data in motion data at rest SafeGuard EnterpriseSummary - Benefit • Effective Enforcement of a Security policy through … • Centrally managed Security Policies across all devices andremovable media • Data protection (encryption) independent of storage media • Blocking of endpoints (ports, devices, WiFi, …) • Data Leakage prevention (monitoring and filtering) • User transparent encryption (can not be circumvented) • No loss of sensitive data (image/reputation) • Low Administration Costs & Increased Productivity through … • Central Administration • Central Monitoring and distribution of policies • Use of existing infrastructure • Efficient emergency tools
Central Management IT Security Securing your e-assets data in use data in motion data at rest SafeGuard EnterpriseSummary - Benefit • Compliance with regulations through … • Data protection on all devices and removable media • Data Leakage prevention (monitoring and filtering) • Central logging (proof of encryption status) • Central logging of admin activities • Printable inventory and log reports • Central monitoring • 4-eyes principle for security administration, incl. Audit Officer • Investment protection trough … • Future oriented and flexible system architecture (based on standards) • Integration in existing infrastructure (AD, PKI, Token, BitLocker, …)
SafeGuard Enterprise Summary –Key Differentiator Unlike other data protection solutions … • SG Enterprise is a unified and comprehensive security suite that offers the most flexible central policy and key management for data protection and endpoint control • The Smart Media Encryption combines the advantages of file and volume-based encryption in one product • SG Enterprise is the only solution that manages Windows Vista BitLocker Drive Encryption and has full support by MS • SG Enterprise’s scalable and future oriented architecture can be extended to protect data at rest, in motion and in use • SG Enterprise is based on standards
UtimacoTechnology Partners (Selection) Intel (BitLocker) (Rescue & recovery) (Windows PE)
Recognized by Gartner as a LeaderUtimaco Scores Highest for Completeness of Vision • Utimaco has been in the Leadership Quadrant for the last three consecutive years • "The easy-to-understand [Utimaco] product bundle provides all features normally requested by buyers. It is highly interoperable with other key management systems...“ (Source: Gartner – Magic Quadrant for Mobile Data Protection, September, 10th 2007) This Magic Quadrant graphic was published by Gartner, Inc. as part of a larger research note and should be evaluated in the context of the entire report. The Gartner report is available upon request from Utimaco Safeware AG.
The Utimaco Advantage • 25 years experience – data security is all we do! • World-class leading-edge information security portfolio • Effortless integration and implementation with existing system management tools • Open systems philosophy and architecture • Standards-based solutions and certifications ease compliance • Key alliances with Microsoft, Lenovo & Intel • Highly scalable for large organizations • Extensive worldwide partner network
Utimaco– The Data Security Company • Our solutions: • Protect data in use, in motion, and at rest – avoiding data breaches • Provide multi-layered security – combining encryption and data leak prevention (DLP) • Enable regulatory compliance • Leverage the latest technological approaches to securing data Utimaco is an independent security solutions providerthat helps safeguard data in cross-platform environments through a modular, centrally managed 360⁰ approach.
Thank You Tommaso Bucci Country Manager tommaso.bucci@utimaco.it