Quick Wins with Data Loss Prevention How to Make DLP Work for You

Similar documents
Quick Wins With DLP. Applying the Quick Wins process to deploy a high impact solution, Rich Mogul, Securosis. Sponsors of Today's Event:

Pragmatic Data Security. Rich Mogull Securosis

Low Hanging Fruit: Quick Wins with Data Loss Prevention

Low Hanging Fruit: Quick Wins with Data Loss Prevention

McAfee Total Protection for Data Loss Prevention

01.0 Policy Responsibilities and Oversight

Microsoft Security Management

Cybersecurity What Companies are Doing & How to Evaluate. Miguel Romero - NAIC David Gunkel & Dan Ford Rook Security

CipherCloud CASB+ Connector for ServiceNow

NERC Staff Organization Chart Budget 2019

RSA pro VMware. David Matějů. RSA, The Security Division of EMC

NERC Staff Organization Chart Budget 2019

HIPAA Compliance: What it is, what it means, and what to do about it. Adam Carlson, Security Solutions Consultant Intapp

NERC Staff Organization Chart Budget 2018

Don t Be the Next Data Loss Story

Security and Privacy Governance Program Guidelines

locuz.com SOC Services

Sensitive Data Loss is NOT Inevitable

Reducing Operational Costs and Combating Ransomware with McAfee SIEM and Integrated Security

Speakers. Shellie Zavatsky Director of Internal Audit at Hurley Medical Center. Trent Long Director of Managed Privacy Services at FairWarning, Inc

FFIEC Cyber Security Assessment Tool. Overview and Key Considerations

RED HAT ENTERPRISE LINUX. STANDARDIZE & SAVE.

ISACA Greater Kansas City Chapter

Agenda GDPR Overview & Requirements IBM Secure Virtualization Solution Overview Summary / Call to Action Q & A 2

Security by Default: Enabling Transformation Through Cyber Resilience

RSA Data Loss Prevention (DLP)

Sustainable Security Operations

MaaS360 Secure Productivity Suite

Faculty/Presenter Disclosure

Demonstrating Compliance in the Financial Services Industry with Veriato

Ready, Willing & Able. Michael Cover, Manager, Blue Cross Blue Shield of Michigan

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

GDPR: An Opportunity to Transform Your Security Operations

McAfee MVISION Cloud. Data Security for the Cloud Era

What It Takes to be a CISO in 2017

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview

Mission Defense via Information-Centric Security

Enterprise Guest Access

Security Architecture

Datasheet. Only Workspaces delivers the features users want and the control that IT needs.

1 Copyright 2011, Oracle and/or its affiliates. All rights reserved. Insert Information Protection Policy Classification from Slide 7

A Risk Management Platform

OVERVIEW BROCHURE GRC. When you have to be right

Certified Information Security Manager (CISM) Course Overview

McAfee Skyhigh Security Cloud for Citrix ShareFile

MHA Consulting BCM Metrics Resiliency Through Measurement

How to Prepare a Response to Cyber Attack for a Multinational Company.

Best Practices & Lesson Learned from 100+ ITGRC Implementations

Security Correlation Server System Deployment and Planning Guide

The Benefits of EPCS Beyond Compliance August 15, 2016

CA Security Management

Privacy By Design: Privacy smart from the start. Agenda. 1. About Deloitte. 2. Privacy Incidents Around the World. 3. Privacy Smart from the Start

THE ART OF SECURING 100 PRODUCTS. Nir

SIEM Solutions from McAfee

Issues that Matter Notification and Escalation

The Customer Relationship:

Securing Your Most Sensitive Data

NetWitness Overview. Copyright 2011 EMC Corporation. All rights reserved.

BPS Suite and the OCEG Capability Model. Mapping the OCEG Capability Model to the BPS Suite s product capability.

DigitalPersona for Healthcare Organizations

UK Permanent Salary Index November 2013 Based on registered vacancies and actual placements

Unlocking the Power of the Cloud

Compliance with NIST

DevOps Anti-Patterns. Have the Ops team deal with it. Time to fire the Ops team! Let s hire a DevOps unit! COPYRIGHT 2019 MANICODE SECURITY

Cloud is the 'Only' Way Forward in Information Security. Leveraging Scale to Make the Unknown Known, in Dev, Sec & Ops.

Leveraging the LincPass in USDA

Martijn Loderus. Merritt Maxim. Principal Analyst Forrester. Director & Global Practice Partner for Advisory Consulting Janrain

McAfee Skyhigh Security Cloud for Amazon Web Services

IT Security Training MS-500: Microsoft 365 Security Administration. Upcoming Dates. Course Description. Course Outline $2,

Top Privacy Issues for Infosec Professionals

Watson Developer Cloud Security Overview

Mastering The Endpoint

Protecting Against Modern Attacks. Protection Against Modern Attack Vectors

WITH ACTIVEWATCH EXPERT BACKED, DETECTION AND THREAT RESPONSE BENEFITS HOW THREAT MANAGER WORKS SOLUTION OVERVIEW:

Securing SharePoint TASSCC TEC 2009 Web 2.0 Conference

Symantec DLP: Detection Innovation and Expanded Coverage

Not your Father s SIEM

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

Trust in the Cloud. Mike Foley RSA Virtualization Evangelist 2009/2010/ VMware Inc. All rights reserved

Aligning Agency Cybersecurity Practices with the Cybersecurity Framework

CERT Symposium: Cyber Security Incident Management for Health Information Exchanges

Data Loss Prevention:

EU GDPR & NEW YORK CYBERSECURITY REQUIREMENTS 3 KEYS TO SUCCESS

TRUSTED IT: REDEFINE SOCIAL, MOBILE & CLOUD INFRASTRUCTURE. John McDonald

Decoding security frameworks for effective cyber defense. David Allott McAfee

Outbound and Data Loss Prevention in Today s Enterprise

OWA Security & Enhancements

Reinvent Your 2013 Security Management Strategy

Industrial Defender ASM. for Automation Systems Management

7 Steps to Complete Privileged Account Management. September 5, 2017 Fabricio Simao Country Manager

NERC Staff Organization Chart Budget 2017

Mapping BeyondTrust Solutions to

The HIPAA Security & Privacy Rule How Municipalities Can Prepare for Compliance

Baker Tilly refers to Baker Tilly Virchow Krause, LLP, an independently owned and managed member of Baker Tilly International.

Healthcare in the Public Cloud DIY vs. Managed Services

IPS with isensor sees, identifies and blocks more malicious traffic than other IPS solutions

A company built on security

Changing face of endpoint security

CYBER SECURITY. formerly Wick Hill DOCUMENT* PRESENTED BY I nuvias.com/cybersecurity I

McAfee Network Data Loss Prevention Administration

Transcription:

Quick Wins with Data Loss Prevention How to Make DLP Work for You Rich Mogull, CEO & Analyst Securosis, L.L.C. Mark Moroses, Assistant CIO, Continuum Health Partners John Dasher, Senior Director, Data Protection, McAfee

Agenda Rich Mogull, CEO & Analyst, Securosis, L.L.C. Low-Hanging Fruit: Quick Wins with DLP Mark Moroses, Assistant CIO, Continuum Health Partners How Continuum uses McAfee DLP to protect sensitive patient data John Dasher, Senior Director, Data Protection, McAfee McAfee DLP solution overview 2

Quick Wins with Data Loss Prevention! Rich Mogull! Securosis, LLC!

Too complex to deploy.! Too many false positives.! DLP Fears!

The Quick Wins Process!

"Products that, based on central policies, identify, monitor, and protect data at rest, in motion, and in use through deep content analysis."! -Rich Mogull!

What DLP Provides! Helps you identify where you store sensitive information.! Helps you understand how that information is used and moved throughout your organization.! Proactively protects your information, while limiting impact on legitimate business processes.!

Defining Process!

Process Workflow!

Prepare Directory Why? DLP policies are typically user and group based.! Need to correlate activities back to warm bodies.! Poor directories are a leading obstacle to DLP deployments.! Email vs. Web vs. Endpoint! Servers!

Integrate with Infrastructure! Passive sniffer (SPAN/ Mirror)! Email (MTA)! Network! Software deployment! Endpoint! Admin credentials! Storage!

Integration Recap! For all deployments: Directory services (usually your Active Directory and DHCP servers).! Network deployments: Network gateways and mail servers.! Endpoint deployments: Software distribution tools.! Discovery/storage deployments: File shares on the key storage repositories (you generally only need a username/password pair to connect).!

Choose Flavor! Single Data Type! Information Usage!

Choose Deployment Type! Network! Storage! Endpoint!

Define Policies! Single Type! Information Usage! Leverage an existing category when possible.! Tune later.! False positives are good!! Turn on (nearly) everything.! Collect as much as possible to identify usage patterns.!

Monitor! ID! Time! Policy! Channel! Severity! User! Action! Status! 1138! 1625! PII! Email! 1.2 M! rmogull! Blocked! Open! 1139! 1632! HIPAA! IM! 2! jsmith! Notified! Assigned! 1140! 1702! PII! HTTP! 1! 192.168.0.213! None! Closed! 1141! 1712! R&D/Product X! USB! 4! bgates! Notified! Assigned! 1142! 1730! Financials! Storage! 4! 192.168.1.94! Encrypt! Escalated! 1143! 12/1/08! Source Code! Cut/Paste! 12! sjobs! Confirm! Open!

Analyze! Top violations by data type.! Top violations by business unit.! Top violations by volume.! False positive patterns.! Different violations from same source.! Unusual origins.!

What Did We Accomplish?! Established a flexible incident management process.! Integrated with major infrastructure components.! Assessed broad information usage.! Set foundation for later.!

Deployment Best Practices! Evaluate results! Integrate with Infrastructure! Define Initial Policy! Baseline scan! Tune policy! Expand scan scope! Add protection!

Rich Mogull! Securosis, L.L.C.! rmogull@securosis.com! http://securosis.com! AIM: securosis! Skype: rmogull! Twitter: rmogull!

Continuum Health Partners Deploying Data Loss Prevention Mark Moroses, Assistant CIO, Continuum Health Partners

Background Who is Continuum Health Partners? Drivers Regulations - HIPAA Joint commissions to certify best practices Regular audits Failure not an option Policy Must be able to ensure enforcement Need to prove policies are being followed 22

Solution Business Enablement IT supporting physician s needs Allow liberal web access while still having monitoring capabilities Data Risk Assessment Documented inappropriate data leakage, which helped secure budget Investigative Support McAfee DLP has become the starting point for investigations Investigations now able to occur much faster Passing Audits Proving compliance with policies and demonstrating working controls Predictable technology and process speed future audits, reduce manpower requirements 23

Lessons Learned Executive sponsorship Physician with prior first-hand experience Deployment Soft opening Communicated roll-out plan Response Plan No ready, fire, aim Work closely with HR & Legal stakeholders 24

McAfee Data Loss Prevention John Dasher, Senior Director, Data Protection, McAfee

Static DLP Leaks Data Data Violations 26 McAfee Data Protection

Static DLP Leaks Data Data Violations Bit Bucket 27 McAfee Data Protection

McAfee DLP Leverages Data Data Violations 28 McAfee Data Protection

McAfee DLP Leverages Data Data Violations Data Intelligence Capture Fast, accurate policy creation and rapid, indepth investigations 29 McAfee Data Protection

McAfee DLP 9 Advantages Tight Product Integration Integrated technologies provide superior protection Optimized oversight and control Deployment Velocity Protected sensitive data more quickly Drive down deployment and ongoing costs Data Analytics Build better policy, conduct fast investigations Anticipate risks before they become problems

McAfee DLP Solution What Others Say NetworkWorld found that McAfee has a very practical understanding of the role of DLP in a modern organization with innovative features, excellent user interfaces, and a clear vision for the future of DLP. SC Magazine finds McAfee Host DLP to be a good value for customers looking for a lot of features and a lot of flexibility in both data leakage control and enterprise rights management. 31

McAfee DLP Resources Optimized Security Architecture for Data Protection http://www.mcafee.com/us/enterprise/optimize/data_protection.html 10 Steps to Protecting Your Data Low Hanging Fruit: Quick Wins with DLP Forrester Research Total Economic Impact of McAfee DLP McAfee 48-hour Data Risk Assessment http://dataprotection.mcafee.com/forms/riskassessment Data Protection section of McAfee.com http://www.mcafee.com/us/enterprise/products/data_protection/ data_loss_prevention/index.html Continuum and BCI customer case studies Data Protection Blogs http://siblog.mcafee.com/category/data-protection/ 32

Q&A

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback