data protection - government executive€¦ · protection vendor assessment, march ... symantec...

DATA PROTECTION

USER BEHAVIORTHREAT PROTECTION

✔︎

2

Cloud/Mobile

Data Protection

- Magic Quadrant for Enterprise Data Loss Prevention, Brian Reed, Deborah Kish, 26 February 2017, Gartner, Inc.

- IDC MarketScape Data Loss Protection Vendor Assessment,

March 2018, IDC

A Leader in Gartner’s Magic Quadrant 10 Consecutive Times

Symantec Named a Leader with the Highest Scores

Symantec is the Leader in the DLP Market

- Data Loss Prevention Market Quadrant, October 2018,

The Radicati Group

Symantec is the Top Leader in the DLP Market

Source: June 2019, The Forrester Wave™: Data Security Portfolio Vendors, Q2 2019

6

TEXT AND MARKUPTXTHTMLXMLVisioRTFOasis

Described, Structured and Unstructured Data, Images

WORD-PROCESSINGPAGESCorelFolioLotusWord FilesOneNote

PRESENTATION FORMATSKeynoteCorelLotusFlashPowerPointImpress

SPREADSHEET FORMATSNUMBERSXLSCSVCorelLotusDIF

EMAIL FORMATSDXLEMC ONMMSGEMLEncapsulationVarious

CAD FILES

AutoCAD(DWG, DFX)VisioMicrostation

GRAPHICS FORMATSJPEGPNGBMPLotus PICTIFFWMF

ENCAPSULATION FORMATS

ZIP (PKZIP,WinZip…)RARTARUNIX Compress

PROPRIETARY and OTHERSPDFDatabasesiCalendarMP3PFILEVirtual Card FileEncrypted 7

SSNACCOUNT NUMBER

ROUTING NUMBER

PART NUMBER

RECORD NUMBER

EMPLOYEE ID

PHONE NUMBER

PART OF URL

Lack of Context, Content Similarities, Superficial Inspection, Protocols, Formats

FALSE POSITIVES CHALLENGING INSPECTION

TRAFFIC VARIETY

WEB

EMAIL

FTP

COPY TO USB

CLOUD STORAGE

NAS

FILE SERVERS

ENCRYPTED TRAFFIC8

GDPRData

Breach

Stolen Credentials

Equifax

Malicious Insiders

EXPENSES

Business Operation Impact

Non-Compliance Fines

Collective Legal Actions

Affected Reputation

Operational, Reputational and Legal Risks

9

10

“Symantec offers the most comprehensive sensitive data detection techniques in the market,

with advanced functionality that can cover a wide breadth of data loss scenarios.”1

Form Images, Scanned Documents, Screenshots

SENSITIVE IMAGE RECOGNITION

IMAGES

Source Code, Product Designs

VECTOR MACHINE LEARNING

UNSTRUCTURED TEXT

Non-indexable data

DESCRIBED CONTENT MATCHING

DESCRIBED DATA

PII, Credit Cards, Government IDs

EXACT DATA MATCHING

STRUCTURED DATA

Gives you the highest accuracy and minimizes false positives

¹ Source: Magic Quadrant for Data Loss Prevention, Gartner, January 2016

10

Financial Reports, Marketing Plans

INDEXED DOCUMENT MATCHING

UNSTRUCTURED DATA

PII, Credit Cards, Government IDs

EXACT MATCHDATA IDENTIFIER

STRUCTURED DATA

NEW

Targeted Incident ResponseRight Automation | Resolution, Enforcement, Notification

Right Person | Route Incidents to Right Responder

Right Order | High Severity of Incidents First

Right Information | 5-Second Test

Right Action | 1-Click Response

Right Metrics | Prove Results to Execs and Auditors

With sophisticated incident remediation workflow

1 2

11

12

Analysts Rate Symantec a CASB Leader

•

•

•

•

•

•

•

•

CloudSOC Audit

Compliance Sensitive Data in

Public Cloud(Shadow Data)

GDPR Compliance Risk Report

Shadow IT Assessment

Cloud CostsReport

Compliance Monitoring

Compliance MonitoringCloud Costs ReportShadow IT AssessmentGDPR Cloud App Risk ReportShadow Data Assessment

DataSecurity

ThreatProtection

Visibility

15

Account Takeover & Botnets

MaliciousInsiders & Session Hijacking

Malware &Ransomware in Cloud

DataSecurity

ThreatProtection

Visibility

16

Public Wi-Fi Home Office Regional Office Mobile / IoT Vehicles

Scan Content In Cloud Apps, Remove Malware

• ”Best-in class” anti-malware & sandbox

• Backed by largest civilian threat intelligence network

Threat Intelligence

Anti-MalwareScanning

Advanced Malware Sandbox

Symantec ATP Platform

DataSecurity

ThreatProtection

Visibility

17

Investigate Incidents & Respond Immediately

Detect – User / Entity Behavior Analysis (UEBA) 1Scan Risk-Prioritized User Activities2

Investigate Forensic Records3

Advanced Data Science

DataSecurity

ThreatProtection

Visibility

Respond to Contain4

“Quarantine

user accounts”

“Revoke access

rights to

documents.”

“Increase MFA

requirements.”

18

GDPR

Data Breaches

HIPAAEspionage

Stolen Credentials

PCI

Public Access to Sensitive Information Through Cloud DataSecurity

ThreatProtection

Visibility

19

“Don’t allow PII content to be shared outside the

company.”

“Don't allow sensitive content uploaded to personal

accounts.”

“Automatically identify and track confidential content in the cloud.”

CloudSOC Data Loss Prevention

• Detect sensitive content

• Identify & remediate exposures

• Define access properties

• Enforce access controls

DataSecurity

ThreatProtection

Visibility

20

Symantec EnterpriseDLP Detection

DLP Management

Extend fine-tuned policiesand workflows to cloud

Other Integrations

Native Cloud solution

Enhance DLP solution with CASB insights

21

•••

••••

•

Thank you!