Absolute DDS Data & Device Security Otto Eberstein

Similar documents
General Data Protection Regulation (GDPR) and the Implications for IT Service Management

Getting ready for GDPR. Philipp Hobler EMEA Field CTO Global Technology Office Dell EMC Data Protection Solutions

How WhereScape Data Automation Ensures You Are GDPR Compliant

Guide to Cyber Security Compliance with GDPR

General Data Protection Regulation (GDPR)

NEW DATA REGULATIONS: IS YOUR BUSINESS COMPLIANT?

GDPR: A technical perspective from Arkivum

G DATA Whitepaper. The new EU General Data Protection Regulation - What businesses need to know

Cybersecurity The Evolving Landscape

Make security part of your client systems refresh

Teradata and Protegrity High-Value Protection for High-Value Data

Delivering Integrated Cyber Defense for the Cloud Generation Darren Thomson

General Data Protection Regulation (GDPR) The impact of doing business in Asia

Managing Privacy Risk & Compliance in Financial Services. Brett Hamilton Advisory Solutions Consultant ServiceNow

Managed Security Services - Endpoint Managed Security on Cloud

Cybersecurity Considerations for GDPR

SOC-2 Requirement Solution Brief. EventTracker 8815 Centre Park Drive, Columbia MD SOC-2

HIPAA Compliance Assessment Module

Carbon Black PCI Compliance Mapping Checklist

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Data Theft

GDPR: An Opportunity to Transform Your Security Operations

201 CMR COMPLIANCE CHECKLIST Yes No Reason If No Description

WHITE PAPER. The General Data Protection Regulation: What Title It Means and How SAS Data Management Can Help

SOLUTION BRIEF HELPING BREACH RESPONSE FOR GDPR WITH RSA SECURITY ADDRESSING THE TICKING CLOCK OF GDPR COMPLIANCE

THE PROCESS FOR ESTABLISHING DATA CLASSIFICATION. Session #155

THE STATE OF ENDPOINT PROTECTION & MANAGEMENT WHY SELF-HEALING IS THE NEW MANDATE

GDPR: Get Prepared! A Checklist for Implementing a Security and Event Management Tool. Contact. Ashley House, Ashley Road London N17 9LZ

Accelerate GDPR compliance with the Microsoft Cloud

CipherCloud CASB+ Connector for ServiceNow

the SWIFT Customer Security

Getting ready for GDPR

Neil Peters-Michaud, CHAMP Cascade Asset Management ITAM Awareness Month December 2016

Altitude Software. Data Protection Heading 2018

PCI DSS Addressing Cyber-Security Threats. ETCAA June Gabriel Leperlier

Cybersecurity Auditing in an Unsecure World

Introducing KASPERSKY ENDPOINT SECURITY FOR BUSINESS

CYBERSECURITY RISK LOWERING CHECKLIST

GUIDE. Navigating the General Data Protection Regulation Mini Guide

Total Security Management PCI DSS Compliance Guide

Google Identity Services for work

3 rd Party Certification of Compliance with MA: 201 CMR 17.00

RSA Solution Brief. The RSA Solution for VMware. Key Manager RSA. RSA Solution Brief

Data Protection and GDPR

AN IPSWITCH WHITEPAPER. 7 Steps to Compliance with GDPR. How the General Data Protection Regulation Applies to External File Transfers

EU GDPR and . The complete text of the EU GDPR can be found at What is GDPR?

E-Security policy. Ormiston Academies Trust. James Miller OAT DPO. Approved by Exec, July Release date July Next release date July 2019

GDPR AND WHAT IT MEANS FOR CRM AND CUSTOMER ENGAGEMENT MAY. A 7-step practical guide to achieving and maintaining GDPR compliance by 25 May 2018

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Elevation of Privilege

EU General Data Protection Regulation (GDPR) Achieving compliance

Data Privacy and Protection GDPR Compliance for Databases

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Malware Outbreak

GUIDE. MetaDefender Kiosk Deployment Guide

Introduction. Deployment Models. IBM Watson on the IBM Cloud Security Overview

Prohire Software Systems Limited ("Prohire")

NORTH AMERICAN SECURITIES ADMINISTRATORS ASSOCIATION Cybersecurity Checklist for Investment Advisers

Ensuring Desktop Central Compliance to Payment Card Industry (PCI) Data Security Standard

A Security Admin's Survival Guide to the GDPR.

Criminal Justice Information Security (CJIS) Guide for ShareBase in the Hyland Cloud

ISO/IEC Solution Brief ISO/IEC EventTracker 8815 Centre Park Drive, Columbia MD 21045

Privileged Account Security: A Balanced Approach to Securing Unix Environments

CA Security Management

First aid toolkit for the management of data breaches. Mary Deligianni Senior Associate 15 February 2018

ISO COMPLIANCE GUIDE. How Rapid7 Can Help You Achieve Compliance with ISO 27002

INCIDENTRESPONSE.COM. Automate Response. Did you know? Your playbook overview - Unauthorized Access

WHITEPAPER HEALTHCARE S KEY TO DEFEATING CYBERATTACKS

2016 Data Protection & Breach Readiness Webinar Will Start Shortly. please download the guide at

Data Sheet: Endpoint Security Symantec Multi-tier Protection Trusted protection for endpoints and messaging environments

SECURITY & PRIVACY DOCUMENTATION

AIRMIC ENTERPRISE RISK MANAGEMENT FORUM

Employee Security Awareness Training Program

Virtual Machine Encryption Security & Compliance in the Cloud

Jeff Wilbur VP Marketing Iconix

Quick Heal Mobile Device Management. Available on

How To Establish A Compliance Program. Richard E. Mackey, Jr. SystemExperts Corporation

Security Architecture

ISO27001 Preparing your business with Snare

Bring Your Own Device Policy

A company built on security

GDPR Controls and Netwrix Auditor Mapping

GDPR: A QUICK OVERVIEW

GDPR How to Comply in an HPE NonStop Environment. Steve Tcherchian GTUG Mai 2018

DATA PROTECTION BY DESIGN

Mapping BeyondTrust Solutions to

Everything visible. Everything secure.

General Data Protection Regulation: Knowing your data. Title. Prepared by: Paul Barks, Managing Consultant

Data Management and Security in the GDPR Era

SaaS Flyer for Trend Micro

Data Sharing Agreement. Between Integral Occupational Health Ltd and the Customer

Evolved Backup and Recovery for the Enterprise

Security Information & Policies

Transforming Security Part 2: From the Device to the Data Center

Endpoint Security for DeltaV Systems

Procedure: Bring your own device

Clearing the Path to PCI DSS Version 2.0 Compliance

Securing Office 365 with SecureCloud

Securing Your Most Sensitive Data

Practical SCADA Cyber Security Lifecycle Steps

Mobile Data Security Essentials for Your Changing, Growing Workforce

All you need to know and do to comply with the EU General Data Protection Regulation

General Data. Protection Regulations MAY Martin Chapman Head of Ops & Sales Microminder. Presentation Micro Minder Ltd 2017

Transcription:

Absolute DDS Data & Device Security Otto Eberstein Regional Director EMEA Sales & Alliances

WHAT WE DO Absolute provides persistent endpoint security and data risk management solutions for computers, tablets, and smartphones. Our customers depend on us to provide them with a unique and trusted layer of security so they can manage mobility while remaining firmly in control. By providing them with a reliable two-way connection with all of their devices, our customers can secure endpoints, assess risk, and respond appropriately to security incidents. HOW WE DO IT Our Persistence technology is embedded into the core of most devices at the factory. Once activated, it provides you with comprehensive visibility into all of your devices allowing you to confidently manage mobility, investigate potential threats, and take action if a security incident occurs. Most importantly, you can apply remote security measures to protect each device and the data it contains. No other technology can do this. 2015 Absolute Software Corporation. All rights reserved. 2

Persistence Technology Partners Embedded in over half a billion devices by major manufacturers since 2005 OEM Persistence Wins 3 2015 Absolute Software Corporation. All rights reserved. 3

Absolute DDS Persistence Technology Persistence technology from Absolute provides you with visibility and control over all of your devices, regardless of user or location. HOW IT WORKS: 1. OEMs embed Persistence technology into the firmware of devices at the factory 2. Once the Absolute software agent is installed, Persistence is activated 3. An automatic reinstallation is triggered if an Absolute software client is removed from a device 4. The reinstallation will occur even if the firmware is flashed, the device is reimaged, the hard drive is replaced, or if a tablet or smartphone is wiped clean to factory settings 2015 Absolute Software Corporation. All rights reserved. 4

Top 5 EU Data Protection Regime Changes 2015 Absolute Software Corporation. All rights reserved. 5

EU General Data Protection Regime Changes to data protection law will come into effect before 2017 The aim of the new law is to streamline and unify the enforcement process across the EU The new law will be a directly applicable Regulation in force across the EU to the member states The new EU data protection regime also includes a statutory right to be forgotten 2015 Absolute Software Corporation. All rights reserved. 6

1. The regulation will apply across Europe The new law will apply throughout the EU It will also affect organisations based outside of the EU that are active in the EU market and offer services to EU citizens 2015 Absolute Software Corporation. All rights reserved. 7

2. Companies are liable to fines of up to two percent of their corporation s annual global turnover There are increased sanctions including fines of up to 100 million or up to 2% of annual global turnover whichever is greater A fine may be avoided if a company can prove it had data policies in place, provided suitable education to employees, and used the correct technology software. 2015 Absolute Software Corporation. All rights reserved. 8

3. Companies will have to notify those whose data has been breached Unless a company can prove that it has technology in place that leaves a lost device inoperable or completely wipes the data contained on it, it will have to notify those involved in a potential data breach. This can lead to significant brand damage, litigation and media reporting of the incident, as well as leading to significant cost in contacting the people affected. 2015 Absolute Software Corporation. All rights reserved. 9

4. Organisations must notify the authorities about data breaches as soon as possible The draft Regulation states that if feasible companies should report a data breach within 72 hours While it could be in the best interest of the business to report a breach within 72 hours, this is easier said than done. 2015 Absolute Software Corporation. All rights reserved. 10

5. Companies with 250 or more employees have to employ a corporate data protection officer Enterprises of a certain size will need to hire someone who s responsible for data protection Companies will be obliged to appoint a properly trained data protection officer 2015 Absolute Software Corporation. All rights reserved. 11

Summary Companies should act now to: Draft data deletion policies to comply with the statutory right to be forgotten Take steps to appoint and train the right data protection officers Look at software solutions to help manage the risks Draft policies to comply with the breach notification requirements Train employees on the risks and how to reduce them Learn more at absolute.com/spotlight 2015 Absolute Software Corporation. All rights reserved. 12

A multi-layered approach to device security Absolute DDS Encryption Anti-Malware / Anti Virus System & Patch Management / Back-up tools Governance, Risk & Compliance reporting & monitoring. Risk Management tools Risk Actions SIEM integration 2015 Absolute Software Corporation. All rights reserved. 13

Lost Laptops: Glasgow City Council Glasgow City Council lost two unencrypted laptops One contained personal data on 20,143 people Laptops stolen from Council offices locking system failed Council discovered a further 74 unencrypted laptops unaccounted for ICO issues monetary penalty of 150,000 in June 2013 ICO also served enforcement notice full audit of IT assets plus asset management training plus annual review 2015 Absolute Software Corporation. All rights reserved. 14

Absolute DDS Data & Device Security LIFECYCLE SECURITY RISK ASSESSMENT RISK RESPONSE Absolute Data & Device Security (DDS), formerly Absolute Computrace, is an adaptive endpoint security solution. It provides you with a persistent connection to all of your endpoints and the data they contain so you can deliver a digital learning experience while promoting a safer school environment and securing your IT assets. 2015 Absolute Software Corporation. All rights reserved. 15

Absolute DDS SCCM Health Check & Persistence Perform a health check on the SCCM agent installation on the endpoint Replace or repair the agent if it has been tampered with. 16 2015 Absolute Software Corporation. All rights reserved. 16

Absolute DDS SIEM Connector SIEM: Security Incident and Event Management Aggregate logs of warnings, incidents etc. from network traffic, endpoints and identify critical issues Absolute DDS alert data can be written to SIEM as SYSLOG messages Compatible with all major vendors 18 2015 Absolute Software Corporation. All rights reserved. 18

DDS Offline Device Freeze Overview Objective:» Allow system administrator to freeze devices that have not called in to Customer Center for a given number of days Characteristics:» Restricted to Security Administrators and Security Power Users» Must request an authorization code prior to creating a Device Freeze Offline Policy or changing membership in an existing policy» Options» Freeze immediately or on next restart (reboot) of device» Randomized or pre-assigned unfreeze codes» Minimum offline period 4 days, maximum 365 days 2015 Absolute Software Corporation. All rights reserved. 20

Use Cases WHEN DATA IS AT RISK Lifecycle Security Create security alerts based on end user profiles and their access to sensitive data Risk Assessment Investigate potential security incidents to quantify risk Risk Response Apply adaptive security measures based on each incident 2015 Absolute Software Corporation. All rights reserved. 26

Use Cases WHEN ENCRYPTION FAILS Lifecycle Security Ensure encryption is deployed and working across all devices Risk Assessment Monitor each device for changes to encryption status Risk Response If encryption is disabled, freeze a device so data cannot be accessed, or delete all data 2015 Absolute Software Corporation. All rights reserved. 27

Peter Borg Enheten för IT-pedagogik Kungälvs Kommun: Absolute DDS är viktigt för Kungälvs kommun, och särskilt viktigt för våra elever och deras föräldrar eftersom det får dem att känna sig trygga. Om en elev befinner sig i en hotfull situation vet de att de kan lämna över sin mobila enhet och undvika en riskabel konfrontation eftersom DDS kan hitta enheten senare. 2015 Absolute Software Corporation. All rights reserved. 28

Use cases and vertical benefits 2015 Lenovo Internal. All rights reserved. 2015 Absolute Software Corporation. All rights reserved. 33

Use Cases/Scenarios WHEN DEVICES GO OUT OF BOUNDS Lifecycle Security Monitor the location of devices on and off network Risk Assessment Receive a notification if a device goes out of bounds Risk Response Freeze a device and block access until the status of a device can be determined. Delete data if the incident is high risk. WHEN DATA IS AT RISK Lifecycle Security Create security alerts based on end user profiles and their access to sensitive data Risk Assessment Investigate potential security incidents to quantify risk Risk Response Apply adaptive security measures based on each incident WHEN ENCRYPTION FAILS Lifecycle Security Ensure encryption is deployed and working across all devices Risk Assessment Monitor each device for changes to encryption status Risk Response If encryption is disabled, freeze a device so data cannot be accessed, or delete all data 2015 Absolute Software Corporation. All rights reserved. 34

One Pager 2015 Lenovo Internal. All rights reserved. 2015 Absolute Software Corporation. All rights reserved. 43

Absolute provides PERSISTENT endpoint security and data risk management solutions for computers, tablets, and smartphones. NO OTHER TECHNOLOGY CAN DO THIS PERSISTENCE TECHNOLOGY is embedded into the BIOS or firmware in the devices during the manufacturing process Once activated, customers who purchase these devices benefit from an extra level of security, persistence, and support. Absolute Data & Device Security (DDS), formerly Absolute Computrace persistently secure all of your endpoints from a single cloud-based console. #1 Asset Reporting Determine what s installed on a device, collect information from each device, including historical data #2 Security Reporting Identify events and activities that could be precursors to a security incident Receive notification if these activities occur #3 Security Alerting Identify risk conditions and receive notification if conditions occur (SIEM enabled) Validate status of security applications (i.e. encryption, anti-malware, SCCM) Produce audit reports on security measures implemented #4 Geotechnology Track assets on Google Map Create Geofences by corporate policies Investigate devices out of bounds or entering an unauthorized location #5 Proactive Security Actions Freeze a device Remotely delete or retrieve data Use certified data delete workflows to decommission a device Set policies to ensure offline devices are automatically protected #6 Reactive Security Actions Produce audit log to prove data on a compromised device was secured, not accessed and safely deleted Perform endpoint forensics investigations Recover lost or stolen devices 44

= 2015 Absolute Software Corporation. All rights reserved. 45

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback