ProteggereiDatiAziendalion-premises e nel cloud

Similar documents
CloudSOC and Security.cloud for Microsoft Office 365

Data Insight Feature Briefing Box Cloud Storage Support

SYMANTEC DATA CENTER SECURITY

Inside Symantec O 3. Sergi Isasi. Senior Manager, Product Management. SR B30 - Inside Symantec O3 1

EM L05 Symantec Mobile Management Managing ios and Android Devices

The Device Has Left the Building

WHITE PAPER AIRWATCH SUPPORT FOR OFFICE 365

Datasheet. Only Workspaces delivers the features users want and the control that IT needs.

The Cloud Identity Crisis

Mobile Security Overview Rob Greer, VP Endpoint Management and Mobility Product Management Dave Cole, Sr. Director Consumer Mobile Product Management

Encryption Vision & Strategy

CipherCloud CASB+ Connector for ServiceNow

Virtual Machine Encryption Security & Compliance in the Cloud

EM L01 Introduction to Mobile

Addressing Today s Endpoint Security Challenges

Preventing the Next Insider Threat from Leveraging Cross Domain Data Movement

Securing Office 365 with MobileIron

Fencing the Cloud. Roger Casals. Senior Director Product Management. Shared vision for the Identity: Fencing the Cloud 1

Speaker Introduction Who Mate Barany, VMware Manuel Mazzolin, VMware Peter Schmitt, Deutsche Bahn Systel Why VMworld 2017 Understanding the modern sec

Update on new Microsoft Cloud Technology

Securing the New Perimeter:

Deploying Lookout with IBM MaaS360

Notification Template Limitations. Bridge Limitations

QUICK START: SYMANTEC ENDPOINT PROTECTION FOR AMAZON EC2

Symantec Endpoint Protection Family Feature Comparison

CAN MICROSOFT HELP MEET THE GDPR

Symantec & Blue Coat Technical Update Webinar 29. Juni 2017

Passwords Are Dead. Long Live Multi-Factor Authentication. Chris Webber, Security Strategist

A Practical Step-by-Step Guide to Managing Cloud Access in your Organization

Securing Office 365 with SecureCloud

Lookout Mobile Endpoint Security. AirWatch Connector Guide

To the Designer Where We Need Your Help

WORKPLACE Data Leak Prevention: Keeping your sensitive out of the public domain. Frans Oudendorp Ronny de Jong

Service Description VMware Workspace ONE

Disclaimer This presentation may contain product features that are currently under development. This overview of new technology represents no commitme

The Evolution of Data Center Security, Risk and Compliance

Enterprise Vault Overview Nedeljko Štefančić

Centrify Identity Services for AWS

Securing Your Most Sensitive Data

Augmenting security and management of. Office 365 with Citrix XenMobile

Related Labs: Introduction to Universal Access and F5 SAML IDP (Self-paced)

Best Practices in Securing a Multicloud World

Lookout Mobile Endpoint Security. Deploying Lookout with BlackBerry Unified Endpoint Management

Overview. Premium Data Sheet. DigitalPersona. DigitalPersona s Composite Authentication transforms the way IT

Android Enterprise Device Management with ZENworks 2017 Update 2

Veritas Desktop and Laptop Option Software Compatibility List

The Need In today s fast-paced world, the growing demand to support a variety of applications across the data center and help ensure the compliance an

KODO for Samsung Knox Enterprise Data Protection & Secure Collaboration Platform

SOLUTION BRIEF RSA SECURID SUITE ACCELERATE BUSINESS WHILE MANAGING IDENTITY RISK

Phil Schwan Technical

Trust in the Cloud. Mike Foley RSA Virtualization Evangelist 2009/2010/ VMware Inc. All rights reserved

PrinterOn Mobile App MDM/MAM. Basic Integration Guide

General Data Protection Regulation (GDPR) The impact of doing business in Asia

User-to-Data-Center Access Control Using TrustSec Design Guide

Symantec Ghost Solution Suite Web Console - Getting Started Guide

ForeScout Extended Module for VMware AirWatch MDM

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

Symantec VIP Quick Start Guide. Helping your users. Version 1.0. Author Maren Peasley Symantec. All rights reserved.

Trend Micro Guide and solution to help embrace Consumerization and BYOD. James Walker EMEA Product Marketing Manager 26 September 2012

Six steps to control the uncontrollable

Next-Gen CASB. Patrick Koh Bitglass

Zero Trust in Healthcare Centrify Corporations. All Rights Reserved.

Microsoft IT deploys Work Folders as an enterprise client data management solution

Privilege Security & Next-Generation Technology. Morey J. Haber Chief Technology Officer

State of Cloud Adoption. Cloud usage is over 90%, are you ready?

NetBackup for vcloud Director

Cloud Security: Constant Innovation

Technical Brief Veritas Technical Education Services

SMARTCRYPT CONTENTS POLICY MANAGEMENT DISCOVERY CLASSIFICATION DATA PROTECTION REPORTING COMPANIES USE SMARTCRYPT TO. Where does Smartcrypt Work?

How to Apply a Zero-Trust Model to Cloud, Data and Identity

Vodafone Secure Device Manager Administration User Guide

Product Brief. Circles of Trust.

Introducing. Secure Access. for the Next Generation. Bram De Blander Sales Engineer

How NOT To Get Hacked

Cybercrime e minacce informatiche: trend emergenti e soluzioni innovative u

Go mobile. Stay in control.

Netwrix Auditor for Active Directory

Partner Information. Integration Overview Authentication Methods Supported

GLOBALPROTECT. Key Usage Scenarios and Benefits. Remote Access VPN Provides secure access to internal and cloud-based business applications

[Type text] RELEASE NOTES. Version 5.1.1

Citrix ShareFile Share, store, sync, and secure data on any device, anywhere

Avanan for G Suite. Technical Overview. Copyright 2017 Avanan. All rights reserved.

Identity & Access Management

Enabling the Mobile Workforce

Secure Access - Update

PCI DSS Compliance. White Paper Parallels Remote Application Server

Single Sign-On. Introduction

ArcGIS Online A Security, Privacy, and Compliance Overview. Andrea Rosso Michael Young

VeriSign Managed PKI for SSL and Symantec Protection Center Integration Guide

Netwrix Auditor for SQL Server

Symantec Endpoint Protection Mobile - Admin Guide v3.2.1 May 2018

Make security part of your client systems refresh

Quick Heal Mobile Device Management. Available on

Solution Overview Cisco Tetration Analytics and AlgoSec: Business Application Connectivity Visibility, Policy Enforcement, and Business-Based Risk and

Technical Session I: Managing Your Data in a Hybrid World

Building an Effective Threat Intelligence Capability. Haider Pasha, CISSP, C EH Director, Security Strategy Emerging Markets Office of the CTO

IMPORTANT! Files saved to this USB are NOT automatically encrypted. You must use the SecureLock II software interface to secure your files.

Google Identity Services for work

SECURE DATA EXCHANGE

McAfee Total Protection for Data Loss Prevention

Transcription:

ProteggereiDatiAziendalion-premises e nel cloud Antonio Forzieri Cyber Security Practice Lead, Global

Agenda 1 Symantec Information Centric Encryption Introduction 2 Common business objectives addressed by Symantec Information Centric Encryption 3 Technical Architecture Overview 4 Symantec Services 2

Challenges with information protection in the cloud Public WiFi Home Office Every Location Datacenter Regional Office On-Prem Mobile USB BYO Every Device 3

Delivering Information Centric Security See Data Wherever It Lives Control User Access Protect Data from Being Leaked 4

Symantec Information Centric Security(ICS) Components CloudSOC Data Loss Prevention (DLP) Discovers sensitive data across all channels with central policy controls CloudSOC (CASB) Extends existing DLP policies, workflows, and detection to Cloud Apps Validation and ID Protection Service (VIP) Secures access to critical data with Multi-Factor Authentication DLP ICT NEW Information Centric Encryption (ICE) Integrated policy driven encryption and identity access NEW Information Centric Tagging (ICT) Increases DLP efficiency with User driving DLP tagging VIP ICE 5

How do I get visibility of sensitive data? DLP gives visibility of sensitive data across any channel. DLP Cloud + CloudSOCgives visibility of Shadow IT in sanctioned and unsanctioned cloud apps. DLP DLP Cloud Shadow cloud Public WiFi Every Location Home Office Datacenter Regional Office Mobile USB BYOD On-Prem Every Device 6

How do I protect my data when it is outside of my control? Encryption keeps your data safe from unwanted access DLP DLP Cloud Encryption Public WiFi Every Location Home Office Datacenter On-Prem Regional Office Mobile USB BYOD Every Device 7

How can I ensure my data will not be compromised? Multi-Factor Authentication (MFA) controls access by protecting your data from stolen credentials DLP DLP Cloud ICE supports other SAML v2.0 solutions VIP Encryption Public WiFi Every Location Home Office Datacenter On-Prem Regional Office Mobile USB BYOD Every Device 8

Allow the right people to access the right data by monitoring its flow protecting it wherever it goes controlling access and keeping it out of the wrong hands 9

Symantec Information Centric Encryption Addressing Business Objectives

Challenge: I need to protect data on premise, in the cloud, and on mobile Shadow Cloud Visibility of data is lost when moved to Shadow Cloud Users forget to protect data Or copied to unmanaged devices Managed Data is no longer protected if accessed by unintended users 11

Solution: Enforce encryption before data is moved out of the organisation 1. CloudSOC intercepts file Policy rule DLP / CloudSOC 2. Automated DLP policies ensure file is protected 3. ICE encrypts the data and creates a protective wrapper around the data 12

Challenge: Sharing data in the cloud can be risky and inefficient Co-workers I need this data urgently! Partners Clients Where are my keys? Vendors Encrypted files can be difficult to share 13

Solution: Manages encryption and keys for easy data sharing ICE identity services ensures efficient authentication Co-workers Partners Clients Vendors Authentication CloudSOCencrypts using ICE libraries Windows and Mac ICE Endpoint Utility supported ICE Endpoint Utility Managed Unmanaged Unmanaged users need to download utility and register 14

Challenge: How can I remain in control of my data and prove it? How do I know who has accessed my data? How can I recall all copies? How can I prove to my auditors I am compliant? Regulations: HIPAA PCI FISMA, etc. How can I restrict how many copies are made? How can I prevent the data being edited or printed? 15

Solution: Ensure compliance using report data and access controls Monitor sensitive data movement within the cloud Show lifecycle of data wherever it resides Control user access even when data is outside of the organization User and file history user email filename time of access OS details Access Denied 16

Symantec Information Centric Encryption Technical Architecture

ICE architecture in context of ICS Symantec CloudSOC Symantec Cloud Symantec Identity for ICE Idp(SAML 2.0) e.g., VIP Access manager DLP Cloud Service Connector ICE Admin portal DLP Enforce Authentication AWS Key Management services Managed Unmanaged devices devices ICE Endpoint Utility ICE mobile (ios) (VIP mobile app) Corporate Administrator 18

CloudSOC components Symantec CloudSOC Symantec Cloud Symantec Identity for ICE Idp(SAML 2.0) VIP Access manager DLP Cloud Service Connector ICE Admin portal DLP Enforce Authentication AWS Key Management services Managed Unmanaged devices devices ICE Endpoint Utility ICE mobile (ios) (VIP mobile app) Corporate Administrator 5 19

DLP components Symantec CloudSOC Symantec Cloud Symantec Identity for ICE Idp(SAML 2.0) VIP Access manager DLP Cloud Service Connector ICE Admin portal DLP Enforce Authentication AWS Key Management services Managed Unmanaged devices devices ICE Endpoint Utility ICE mobile (ios) (VIP mobile app) Corporate Administrator 20

ICE components Symantec CloudSOC Symantec Cloud Symantec Identity for ICE Idp(SAML 2.0) VIP Access manager DLP Cloud Service Connector ICE Admin portal DLP Enforce Authentication AWS Key Management services Managed Unmanaged devices devices ICE Endpoint Utility ICE mobile (ios) (VIP mobile app) Corporate Administrator 21

ICE Endpoint Utility Symantec CloudSOC Symantec Cloud Symantec Identity for ICE Idp(SAML 2.0) VIP Access manager DLP Cloud Service Connector ICE Admin portal DLP Enforce Authentication AWS Key Management services Managed Unmanaged devices devices ICE Endpoint Utility ICE mobile ios (VIP mobile app) Corporate Administrator 22

Context Aware Decryption Managed Device (Employee) Open permissions by Default Favors usability of data Telemetry collected Admin can revoke rights Unmanaged Device (Partner/BYOD) Configurable permissions Favors security of data Content lock features Telemetry on original file only Pushed by IT admin to employee devices Available for download from Symantec website 23

Hardware and software supported in v101 Cloud API apps Office365 OneDrive Box ICE Endpoint Utility platform support Windows 7, 8, 8.1, 10 Mac 10.10, 10.11, 10.12 ios 9.x, 10.x Supported browsers Admin portal - Firefox, Chrome Partner (receiving an encrypted file) - Firefox, Chrome, IE, Safari, Edge 24

Symantec Information Centric Encryption Demonstration

How it all works DLP / CloudSOCdecide what data to protect and drives encryption VIP Multi-Factor Authentication for decryption ICE Console for central management files Data Classification VIP Authentication DLP CloudSOC ICE Encryption Centralized Management Console Revoke Access Granted File Denied Partners Clients Vendors Co-workers 26

Thank you! Copyright 2015Symantec Corporation. All rights reserved.symantec and the Symantec Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the U.S. andother countries. Other names may be trademarks of their respective owners. This document is provided for informational purposes only and is not intended as advertising. All warranties relating to the information in this document, either express or implied, are disclaimed to the maximum extent allowed by law. The information in this document is subject to change without notice.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback