1 / 20

Endpoint Data Protection and Leakage Prevention

Endpoint Data Protection and Leakage Prevention. Edy Almer VP Product Management & Marketing. Agenda. What Problem are we solving ? Legislation and Regulation Possible solutions Regaining Control of Endpoints and Data:

shayna
Download Presentation

Endpoint Data Protection and Leakage Prevention

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Endpoint Data Protection and Leakage Prevention Edy Almer VP Product Management & Marketing

  2. Agenda • What Problem are we solving ? • Legislation and Regulation • Possible solutions • Regaining Control of Endpoints and Data: Data Protection and Leakage Prevention with Safend Data Protection Suite • Safend Auditor • Safend Discoverer • Safend Inspector • Safend Encyptor • Safend Protector • Safend Reporter • Summary • Securing your Endpoints - Proprietary & Confidential -

  3. Data Leakage and Targeted AttacksA Clear and Present Danger - Proprietary & Confidential -

  4. Compliance Requirements States that currently have data protection laws States that do not currently have data protection laws - Proprietary & Confidential -

  5. Government /Industry Regulations • PCI DSS • HIPAA • GLBA • US State PII regulations • SOX • BASEL II • UK Data Protection Act • South Africa PPI - Proprietary & Confidential -

  6. Cost of Data BreachesRecovery Cost Averages Average Incident Cost: $6.75 million Average Incident Costper compromised record: $204 Customer Costs Incremental Costs • Unbudgeted legal, audit and accounting fees • Notification to customers • Free or discounted service to customers • Call center expenses • Public and investor relations • Internal investigations • Brand damage • Loss of existingcustomers • Recruiting newcustomers 30% 54% 16% Among the incidents reported, the most expensive data breach cost nearly $31 million to resolve, and the least expensive cost $750,000. Productivity Costs • Lost employee productivity Source: 5th annual "Cost of a Data Breach" study by the Ponemon Institute - Proprietary & Confidential -

  7. Approaches for Data/Access Protection • Encryption (at rest)Encrypt Removable Storage,Hard Drives against accidental loss. • Encryption (in use – DRM)Microsoft, Adobe, management tools. • Egress point controlPort/Device Control, Endpoint/GW DLP (IPS**, WAF**, FW**) • Access Control ListNTFS ACL, Database proxy, application level proxy, NAC • Full Spyware applications – record everything - Proprietary & Confidential -

  8. Single Lightweight Agent • Agent Includes Multi-tiered Anti-tampering Capabilities • Simple and Reliable Installation Process • Hard Disk Encryption • Centrally Managed and Enforced • Transparent SSO • Seamless authentication support • Easy Recovery • Strong Security and Tamper Resistant • Content Based DLP • Content Aware Application Control • Data Leakage Prevention Through: • Email, IM and Web • External Storage • Printers • Any Application/Protocol • Port & Device Control • Detachable Storage Control • Removable Storage Encryption • CD/DVD Encryption • Wireless Control • Hardware Keylogger Protection safenddiscoverer - Sensitive Data Location and Mapping safendreporter – Security and Compliance Analysis safendauditor – Endpoint security status audit - Proprietary & Confidential -

  9. Safend Data Protection Suite Architecture - Proprietary & Confidential -

  10. Safend Data Protection SuiteSingle Management Server & Single Management Console

  11. Content Aware Application Control Data Leakage Prevention Through: Email, IM and Web External Storage Printers Application (all protocols) Out of the box predefined classifications and Policies Interactive Message Center for user education Safend Inspector protector encryptor safendinspector discoverer - Proprietary & Confidential -

  12. Safend Protector Key Features • Prevents data leakage and penetration via endpoints • Detects and restricts any devices • Enforces granular policies over physical, wireless and removable storage devices via real-time analysis of low-level port traffic • Tamper-resistant • Centrally managed & seamlessly integrates with Active Directory • Ensures regulatory complianceEasy to use and scalable safendprotector encryptor inspector discoverer - Proprietary & Confidential -

  13. Reports - Proprietary & Confidential -

  14. Safend Encryptor: • Key Features • Encrypts all data on laptops and desktops – Total Data Encryption • True SSO (Single Sign On) technology Transparent to end users & help-desk personnel • Centrally managed and enforced • Full visibility of organization’s Encryption status • Stable and fault tolerant encryption Total Data Encryption, maintains performance and minimizes the risk of OS failure safendencryptor protector discoverer inspector

  15. Safend Encryptor: Full Audit Trail Detailed Client & Server Log Records Clients status displayed in the Clients World: Client Logs displayed in the Logs World: Server Logs displayed in the Logs World:

  16. Safend Encryptor Full Audit TrailDetailed Server Log Records Examples of Encryptor specific server logs - Proprietary & Confidential -

  17. Thank You ! Edy Almer edy@safend.com

  18. Case Study Healthcare: Firmley Hospital NHS • The Company • Frimley Park Hospital is a 720 bed NHS Foundation Trust employing approximately 3,500 staff and serving a catchment population of over 400,000. • The Challenge: • incorporate differing requirements across different areas of the business where unusual or complex medical devices are in use. • The organization required a solution, which could be deployed within the short timeframes required by the new mandates, which was easy to manage and deploy and would not impact on the productivity of medical staff and administrators.   • Safend’s Solution: • flexibility and granularity of the Safend solution, with a phased roll-out of the policies on a ‘by department’ basis.  This ensured that a consistent machine-based policy could be implemented on most PCs with the occasional custom machine-based policy for unusual medical equipment and  custom user-based policies layered on top to address individual needs. • The end result is that the Trust has an endpoint and mobile data security system that is largely invisible to the user but which provides full assurance that it has satisfied its obligations in securing mobile data. Having evaluated a number of solutions, including one from McAfee/SafeBoot, (which at the time was centrally procured by the NHS),  the Trust decided that the Safend solution was the best fit in terms of manageability and performance.“Safend was chosen because of its comprehensive integrated suite of endpoint security tools, including reporting, port control and disk and media encryption.  The other major criterion for the selection was the need for a centralised solution with minimal management overheads and the need for a system that was largely transparent to the user.” - Firmley Park Hospital NHS, Head of IT - Proprietary & Confidential -

  19. Case Study Government: Navy Mine Warfare Training Center • The Company • The only training center that trains sailors for shipboard mine counter measures. • The Challenge: • To ensure the integrity and security of the sensitive data used for instruction • Seamlessly control data access via portable devices without impeding on instructors’ abilities to access data for teaching purposes. • Safend’s Solution: • Deploying 350 licenses of Safend Protector to guard against data leakage on nearly 850 ports throughout the Navy Mine Warfare Training Center • Comprehensive Security of WiFi, FireWire and game ports “Safend was the no-brainer choice to meet the Navy Mine Warfare Training Center’s needs. Of the 17 products we tested, it was the only one that could not be bypassed because it is loaded at the kernel and since it is not loaded as a service, users can’t shut the software off and circumvent the protection. The product was also very granular, making it easy to control access based on everything from device type to serial number. We found that it’s impossible to beat from our testing – you know you have found the right solution when no matter how hard you bang on it, it won’t break.” - The Navy Mine Warfare Training Center’s Director of Information Technology Herb Armstrong - Proprietary & Confidential -

  20. Case Study Healthcare: LA County Department of Mental Health • The Company • The Los Angeles County Department of Mental Health (DMH) serves approximately one-quarter of a million residents each year, making it the largest mental health service system in the nation. • The Challenge: • Protection from leakage of the Department of Mental Health sensitive and personal client data for thousands of residents. • Appropriately allow the safe use of USB memory sticks while blocking dangerous file types. • Safend’s Solution: • Seamless deployment of Safend Auditor and Protector to over 4,000 machinesat its 130 locations across LA County • Enforce protection policies to ensure that the data being saved was authorized, encrypted and approved to access our corporate ports “Safend was the clear choice to manage DMH’s thousands of endpoints. We chose Safend because its auditing and alerting capabilities were superior to other products we tested. Additionally, Safend offers a tamper proof agent that is unbeatable,” ” - DMH’s Departmental Security Officer Jeff Zito - Proprietary & Confidential -

More Related