05.05.2021-webinar-presentation-experts-series-How-to-Switch-to-a-Better-DLP.pdf
ngvson
23 views
40 slides
Aug 18, 2024
Slide 1 of 40
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
About This Presentation
webinar-presentation-experts-series-How-to-Switch-to-a-Better-DLP
Slide Content
How to Switch to a Better DLP:
Protecting Assets and Enabling Business, Securely
Tom Stringer, Director Field Sales Engineering
Digital Guardian
Protecting Assets and Enabling Business, Securely
Tom Stringer, Director Field Sales Engineering
Digital Guardian
Tom Stringer –Dir Field Sales Engineering
▪Sales Engineering Director, N.
Amer. East. Manages a team of
Sales Engineers
▪6 years with DG, 20+ years working
with Software Security vendors
▪Wears many hats including
supporting Pre-sales opportunities
in the North East and Canada
▪Previously with Proofpoint and
Websense
▪Sales Engineering Director, N.
Amer. East. Manages a team of
Sales Engineers
▪6 years with DG, 20+ years working
with Software Security vendors
▪Wears many hats including
supporting Pre-sales opportunities
in the North East and Canada
▪Previously with Proofpoint and
Websense
Bill Bradley –Director of Marketing, Digital Guardian
▪Leads Product Marketing for
Digital Guardian
▪20+ years of Marketing & Sales
Experience
•Field Sales, Competitive Analysis,
Product Marketing & Management
▪Previously at Rapid7 and General
Electric
▪Leads Product Marketing for
Digital Guardian
▪20+ years of Marketing & Sales
Experience
•Field Sales, Competitive Analysis,
Product Marketing & Management
▪Previously at Rapid7 and General
Electric
Agenda
Why Your Current DLP May Be Holding You Back (And How to Sell
the Upgrade)
How to Show Return on Security Investment...Quickly!
Enterprise DLP Without the Complexity
Digital Guardian Data Protection Platform
Q&A
Why Your Current DLP May Be Holding You Back (And How to Sell
the Upgrade)
How to Show Return on Security Investment...Quickly!
Enterprise DLP Without the Complexity
Digital Guardian Data Protection Platform
Q&A
Every Business Is At Risk
Just one recent example
US Indicts Man Behind Shopify Insider Breach | Digital Guardian
Just one recent example
US Indicts Man Behind Shopify Insider Breach | Digital Guardian
Business Initiatives + Protecting Data
▪Can you still achieve the goals you set
out for when your organization started
its data protection program?
▪What compromises due to technology
limitations must you make?
▪What is the impact of doing nothing?
▪Can you still achieve the goals you set
out for when your organization started
its data protection program?
▪What compromises due to technology
limitations must you make?
▪What is the impact of doing nothing?
Business Initiatives + Protecting Data
Common Goals
1.Protect sensitive data, meet
compliance requirements
2.Support the business, share
decision making responsibilities
3.Identify risks or gaps
4.Enable secure growth
Common Goals
1.Protect sensitive data, meet
compliance requirements
2.Support the business, share
decision making responsibilities
3.Identify risks or gaps
4.Enable secure growth
Imagine Simplified Data Protection
Only
Office Suite
XLSX
DOCX
PPTX
Only
Save / Email
Operations File TypesApplicationsPersona
Well trained
Motivated
Accurate
Interactions
Click on the ribbon
Only
Office Suite
XLSX
DOCX
PPTX
Only
Save / Email
Operations File TypesApplicationsPersona
Well trained
Motivated
Accurate
Interactions
Click on the ribbon
Reality has it differently ...
versus
Office Suite
XLSX
DOCX
PPTX
versus
Save / Email
Operations File TypesApplicationsPersona
Well trained
Motivated
Accurate
Interactions
Click on the ribbonNot motivated
Compromised
Disgruntled
Untrained
Stressed
Sloppy
100s100s100s
Automation /
Custom Prompts
versus versus
Databases
heterogenous
Filesystems
heterogenous
Cloud
Repositories
heterogenous
Endpoint OS
heterogenous
versus
Office Suite
XLSX
DOCX
PPTX
versus
Save / Email
Operations File TypesApplicationsPersona
Well trained
Motivated
Accurate
Interactions
Click on the ribbonNot motivated
Compromised
Disgruntled
Untrained
Stressed
Sloppy
100s100s100s
Automation /
Custom Prompts
versus versus
Databases
heterogenous
Filesystems
heterogenous
Cloud
Repositories
heterogenous
Endpoint OS
heterogenous
Ok, I’m interested in a new approach. Now what?
▪Planning
▪Goals
▪Build Consensus
▪Planning
▪Goals
▪Build Consensus
Ok, I’m interested in a new approach. Now what?
▪Visibility First = Metrics
•Gather data to share with business units and
stakeholders, data owners
•Share withthem the data they need to make
informed policy decisions
•Useful to track improvements and show ROI
▪Provide Risk based policy recommendations
•Not all data is the same
•Leverage existing experience and best practices
▪Visibility First = Metrics
•Gather data to share with business units and
stakeholders, data owners
•Share withthem the data they need to make
informed policy decisions
•Useful to track improvements and show ROI
▪Provide Risk based policy recommendations
•Not all data is the same
•Leverage existing experience and best practices
Start here –Identify Objectives
▪Be Prepared, research internally.
•Requirements?
•Compliance, Intellectual Property, Insider threat
▪PCI, PII, PHI, ITAR…
▪Identify data egress channels that are of primary concern
•Typical USB, Cloud storage, email, webmail
•Do your homework and find *all* the escape routes
▪Leverage Available Resources
▪Be Prepared, research internally.
•Requirements?
•Compliance, Intellectual Property, Insider threat
▪PCI, PII, PHI, ITAR…
▪Identify data egress channels that are of primary concern
•Typical USB, Cloud storage, email, webmail
•Do your homework and find *all* the escape routes
▪Leverage Available Resources
Start here –Engaging DLP Providers
▪Have use cases in mind to make it real
▪Was there an incident that we don’t want to see happen again?
•Have people become too free using webmail or USB with sensitive data
•Was a recent employee departure found too late that they had printed
out confidential information?
•Was there malicious code or ransomwarethat is thought to have
accessed sensitive data?
▪If you’re prepared to discuss a specific issue, you're likely to have
a better experience than if you have overly generalized
discussions
▪Have use cases in mind to make it real
▪Was there an incident that we don’t want to see happen again?
•Have people become too free using webmail or USB with sensitive data
•Was a recent employee departure found too late that they had printed
out confidential information?
•Was there malicious code or ransomwarethat is thought to have
accessed sensitive data?
▪If you’re prepared to discuss a specific issue, you're likely to have
a better experience than if you have overly generalized
discussions
5 Phase Approach for DLP Success
Insight Baseline Educate Act Assess
Insight Baseline Educate Act Assess
Stage 1: Insight
Identify Existing
Behavior & Define
Acceptable
Behavior
Insight Baseline Educate Act Assess
Identify Existing
Behavior & Define
Acceptable
Behavior
Insight Baseline Educate Act Assess
Trade Secrets / Intellectual Property
Customer Data
Engineering Drawings
PHI/PII Data
Credit Card Data
Source Code
Unstructured Data
Email
Discover
Data
Burn to
CD
DVD
Send
To
Printer
File
Encrypt
View
&
Open
USB
Devices
Save to
Local
Drive
Cut
&
Paste
Print
Screen
Delete
&
Recycle
Classified
Files
Launch
unapproved
Applications
Cloud
Application
Network
Upload
Attach
To
Email
Lost or
Stolen
Laptop
DG DATA Centric Approach –DAR, DIU, DIM
Visibility, Discovery, Classification, Audit & Control
Customer Data
Engineering Drawings
PHI/PII Data
Credit Card Data
Source Code
Unstructured Data
Discover
Data
Burn to
CD
DVD
Send
To
Printer
File
Encrypt
View
&
Open
USB
Devices
Save to
Local
Drive
Cut
&
Paste
Screen
Delete
&
Recycle
Classified
Files
Launch
unapproved
Applications
Cloud
Application
Network
Upload
Attach
To
Lost or
Stolen
Laptop
DG DATA Centric Approach –DAR, DIU, DIM
Visibility, Discovery, Classification, Audit & Control
Digital Guardian Architecture offers Extensive Coverage
Continuous Event Logging, Automated Classification, User Awareness, Training, Controls &
Forensic Capture
Discovery & Identification
Content
Context
User
Enterprise Applications
File Name
Compiled Binary
File Image Name
MD5 hash
Network Operations
All Ports & Protocols
Secured & Unsecured Wireless
Physical & Virtual Adapters
Bluetooth, MTP, and IrDA, P2P
Email Operations
Send
Reply/to All
Forward
Whitelist/Blacklist of
Domains
Removable Media
USB
CD/DVD
Smartphone/Tablet
Manufacturer
Serial Number
Web Operations
Webmail
Social Media
NTU, FTP, Dropbox
Printing
Network
Local
PDF
Open
Write
Save
Delete
Copy/Move
Save As
Copy & Paste
Print Screen…
Data Operations
Continuous Event Logging, Automated Classification, User Awareness, Training, Controls &
Forensic Capture
Discovery & Identification
Content
Context
User
Enterprise Applications
File Name
Compiled Binary
File Image Name
MD5 hash
Network Operations
All Ports & Protocols
Secured & Unsecured Wireless
Physical & Virtual Adapters
Bluetooth, MTP, and IrDA, P2P
Email Operations
Send
Reply/to All
Forward
Whitelist/Blacklist of
Domains
Removable Media
USB
CD/DVD
Smartphone/Tablet
Manufacturer
Serial Number
Web Operations
Webmail
Social Media
NTU, FTP, Dropbox
Printing
Network
Local
Open
Write
Save
Delete
Copy/Move
Save As
Copy & Paste
Print Screen…
Data Operations
Insight Baseline Educate Act Assess
Stage 2: Baseline
Develop Baseline,
Models, and Policies
Stage 2: Baseline
Develop Baseline,
Models, and Policies
What Can DG Discover
▪Unusual Behaviors:
•Rarely touched file types
•Unusual work schedule
•Accessing inactive server
▪People or Entities Doing Things They Normally Don’t
▪Data Flows, Non-Standard Business Processes, etc.
▪Unusual Behaviors:
•Rarely touched file types
•Unusual work schedule
•Accessing inactive server
▪People or Entities Doing Things They Normally Don’t
▪Data Flows, Non-Standard Business Processes, etc.
Use Data to Establish the Baseline
▪Understand how Users
Handle Sensitive Data
▪Role or Group Based
Reporting
▪Understand how Users
Handle Sensitive Data
▪Role or Group Based
Reporting
Use Data to Establish the Baseline
▪Start High and
Look for
Anomalies
▪Drill Down for
the Full Story
▪Start High and
Look for
Anomalies
▪Drill Down for
the Full Story
Use Data to Establish the Baseline
▪Start High and
Look for
Anomalies
▪Drill Down for
the Full Story
▪Start High and
Look for
Anomalies
▪Drill Down for
the Full Story
Understanding Non -Humans
▪Start High and
Look for
Anomalies
▪Drill Down for
the Full Story
▪Start High and
Look for
Anomalies
▪Drill Down for
the Full Story
Understanding Non -Humans
▪Start High and
Look for
Anomalies
▪Drill Down for
the Full Story
▪Start High and
Look for
Anomalies
▪Drill Down for
the Full Story
Understanding Non -Humans
Understanding Non -Humans
Stage 3: EDUCATE
Educate and Inform
on Smart Data Use
Insight Baseline Educate Act Assess
Educate and Inform
on Smart Data Use
Insight Baseline Educate Act Assess
“Digital Guardian
offers us an
opportunity to not
only better protect
patient privacy, it
gives us better
insight into how our
own sensitive data
processes really
work.”
VP, IT Operations
Stage 3: EDUCATE
offers us an
opportunity to not
only better protect
patient privacy, it
gives us better
insight into how our
own sensitive data
processes really
work.”
VP, IT Operations
Stage 3: EDUCATE
Stage 4: ACT
Enforce Acceptable
Behavior
Insight Baseline Educate Act Assess
Enforce Acceptable
Behavior
Insight Baseline Educate Act Assess
Incident Categories, Types, & Severities
❖Unauthorized Access
❖Potential Malware
❖Improper Usage
❖Unsuccessful Attempt
❖Explained Anomaly
❖Insider Threat
❖Opportunistic
❖Outsider
❖Broken Business practice
❖Critical Impact
❖High Impact
❖Moderate Impact
❖Low Impact
Classification of Incidents enables the
prioritization of incident management
while enabling meaningful metrics
❖Unauthorized Access
❖Potential Malware
❖Improper Usage
❖Unsuccessful Attempt
❖Explained Anomaly
❖Insider Threat
❖Opportunistic
❖Outsider
❖Broken Business practice
❖Critical Impact
❖High Impact
❖Moderate Impact
❖Low Impact
Classification of Incidents enables the
prioritization of incident management
while enabling meaningful metrics
Stage 5: Assess
Ongoing Review of
Behavior and Risk
Continuous Policy Tuning
Insight Baseline Educate Act Assess
Ongoing Review of
Behavior and Risk
Continuous Policy Tuning
Insight Baseline Educate Act Assess
Lessons Learned from 100s of Implementations
▪Act Now, Start Small
▪Avoid Policy Paralysis
▪Engage the Business
▪Participate in the Process
▪Be Flexible and Adaptable
▪Act Now, Start Small
▪Avoid Policy Paralysis
▪Engage the Business
▪Participate in the Process
▪Be Flexible and Adaptable
Digital Guardian Data Protection Platform
No Compromise Data Protection
No Compromise Data Protection
Data is *Still* the Ultimate Target
Digital Guardian Platform
▪Analytics & Reporting
Cloud (ARC)
▪Endpoint Agent
▪Network Appliance
▪Applications
•Discover
•Classification
•DLP
•MDR
▪Management Console
3rd Party
Data Intelligence
▪Analytics & Reporting
Cloud (ARC)
▪Endpoint Agent
▪Network Appliance
▪Applications
•Discover
•Classification
•DLP
•MDR
▪Management Console
3rd Party
Data Intelligence
Cloud-Delivered
(SaaS or Managed)
Federated
(Integrations, SDK, API’s)
Cross Platform
(Win, Mac & Linux)
(SaaS or Managed)
Federated
(Integrations, SDK, API’s)
Cross Platform
(Win, Mac & Linux)
Digital Guardian
Managed Security
Program
Digital Guardian
Software as a
Service (SaaS)
Managed Security
Program
Digital Guardian
Software as a
Service (SaaS)
Why Digital Guardian
Cloud-Delivered
Powered by AWS, Digital Guardian
delivers simplified deployment, low
overhead, and elastic scalability for
increased return on your security spend.
Cross Platform
Coverage for your Windows,
macOS, or Linux operating
systems and all your applications,
both browser based and native.
Flexible Controls
Fine-grained controls,
ranging from log & monitor
to automated blocking, help
protect data before it's lost.
Deepest Visibility
We see everything that
happens to your organization’s
sensitive data.
No Policy, No Problem
Our “unknown risk” approach
enables you to see where
sensitive data is located, how it
flows, and where it is put at
risk -all without policies.
Comprehensive Classification
Only Digital Guardian provides
content, user, and context-
based data discovery and
classification.
Cloud-Delivered
Powered by AWS, Digital Guardian
delivers simplified deployment, low
overhead, and elastic scalability for
increased return on your security spend.
Cross Platform
Coverage for your Windows,
macOS, or Linux operating
systems and all your applications,
both browser based and native.
Flexible Controls
Fine-grained controls,
ranging from log & monitor
to automated blocking, help
protect data before it's lost.
Deepest Visibility
We see everything that
happens to your organization’s
sensitive data.
No Policy, No Problem
Our “unknown risk” approach
enables you to see where
sensitive data is located, how it
flows, and where it is put at
risk -all without policies.
Comprehensive Classification
Only Digital Guardian provides
content, user, and context-
based data discovery and
classification.
Questions
39
39
Join Our Next Webinar
Learn How to Migrate to Digital Guardian
▪1:00 PM ET May 12
▪What does the DG DLP onboarding process look like?
▪Join DG to see how easily we can migrate you to DG
Data Loss Prevention.
Register Here: https://info.digitalguardian.com/webinar-data-protection-experts-series-2021.html
Learn How to Migrate to Digital Guardian
▪1:00 PM ET May 12
▪What does the DG DLP onboarding process look like?
▪Join DG to see how easily we can migrate you to DG
Data Loss Prevention.
Register Here: https://info.digitalguardian.com/webinar-data-protection-experts-series-2021.html
Tags
Categories
GeneralDownload
Download Slideshow Get the original presentation fileQuick Actions
Statistics
- Views 23
- Slides 40
- Age 478 days
Related Slideshows
22
Pray For The Peace Of Jerusalem and You Will Prosper
RodolfoMoralesMarcuc
36 views
26
Don_t_Waste_Your_Life_God.....powerpoint
chalobrido8
39 views
31
VILLASUR_FACTORS_TO_CONSIDER_IN_PLATING_SALAD_10-13.pdf
JaiJai148317
35 views
14
Fertility awareness methods for women in the society
Isaiah47
32 views
35
Chapter 5 Arithmetic Functions Computer Organisation and Architecture
RitikSharma297999
31 views
5
syakira bhasa inggris (1) (1).pptx.......
ourcommunity56
32 views