ca orchestria dlp solution overvie€¦ · ca data loss prevention > comprehensively protect...
TRANSCRIPT
![Page 1: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/1.jpg)
CA DLP
Gijo MathewCA Inc.March 2009
![Page 2: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/2.jpg)
2 March 26, 2009 CA DLP Copyright © 2009 CA
Business ChallengeProtect a broad set of critical information
“Traditional”
Which risk areas concern you?
Personally Identifiable Information (PII)
Birthdates
Employee Numbers
Social Security/NI Numbers
Credit Card Information
Personal Health Information
Intellectual Property (IP)
Source Code
Product Design Documents
Research Information
Patent Applications
Customer Lists
Non Public Information (NPI)
Financial Information
M&A Activities & Info
Executive Communication
Legal/Regulatory Matters
Corporate Policies
Employee Behavior
Intimidation
Gifts and Entertainment
Communication with Press
Inappropriate Web Use
Customer Treatment
Complaints
Service Level Infractions
Promises & Guarantees
Harassment
Financial Controls
Budgets & Forecasts
Audit Materials
Expense Reports
Quarterly Reports & Filings
Communication with regulators
Which risk areas are you aware of?
Ris
k A
reas
Additional
![Page 3: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/3.jpg)
3 March 26, 2009 CA DLP Copyright © 2009 CA
Accurate Analysis Without it, the data cannot be protected
SCORING WEIGHTING
Content Registration
Exact Data Matching
Index Data Match
Bayesian Inference
Content Description
Keywords
Stemming
Wildcards
Contextual Analysis
Identity
Hierarchy
Role
Source
Destination
Conceptual Analysis
Intent Aware
Business Aware
Absence of Content
SOPHISTICATION & ACCURACY
= + + +
![Page 4: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/4.jpg)
4 March 26, 2009 CA DLP Copyright © 2009 CA
> Complete coverage is required for
consistency and reinforcement
Use one policy definition across the
entire enterprise
Foil those with malicious intent
> Flexibility to deploy by module
Start with one coverage point and
expand to the others
> Centralized reporting and admin
Required to manage costs and identify
the true risk areas within the firm
Complete Coverage Eliminate the gaps
Endpoints
File Shares& Data Repositories
Message Servers& MTAS
Network
Across the enterprise, there are four areas to cover:
![Page 5: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/5.jpg)
5 March 26, 2009 CA DLP Copyright © 2009 CA
> Benefits
Accelerate deployment time / time-to-value
Leverage best practices
Reduce costs
> Broad coverage is required
All information types (more than just Social Security Numbers!)
Regulatory compliance
Employee behavior and customer management
Financial controls
Classification
Other industry-specific needs
Pre-Built Policy Why re-invent the wheel?
![Page 6: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/6.jpg)
6 March 26, 2009 CA DLP Copyright © 2009 CA
> One size does not fit all
Should the CEO be blocked in the same
manner as customer service representative?
> Flexibility drives productivity
Must allow users to do their jobs
Rely on education to eliminate the inadvertent
breaches
> Self-remediation is the ultimate
Empower users to correct their own mistakes
Track the user’s decision (disregard vs. heed)
Lower management and IT burden and cost
Appropriate Action Flexibility and self-remediation
![Page 7: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/7.jpg)
7 March 26, 2009 CA DLP Copyright © 2009 CA
CA Data Loss Prevention
> Comprehensively protect sensitive data
against both inadvertent and malicious loss
> Enforce protection policies at the endpoint,
message server, network and for stored data
> Benefits
Minimize the threat of data loss from insiders
Discover and control sensitive information across the organization
Comply with information security guidelines
Protect data collaboration among employees and partners
Prevent exposure of intellectual property
Enforce appropriate employee behavior and data usage
Protect health and medical related information
![Page 8: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/8.jpg)
8 March 26, 2009 CA DLP Copyright © 2009 CA
Data and Resource ProtectionHolistic Data-Centric Security
> Discover and classify data to enforce security policies
> Protect against inappropriate server access and data loss
> Manage to compliance requirements and reduce related costs
> Simplify management and auditing of data and server access policies
Server Access Management Data Loss Prevention
• Fine-grained access control
• Policy-based management
• Secure policy-based reporting
• Host protection against data loss
• Data at Rest (Stored Data)
• Data in Motion (Email, Web…)
• Data in Use (Saving, Printing…)
![Page 9: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/9.jpg)
9 March 26, 2009 CA DLP Copyright © 2009 CA
Conclusion
> The threat is real, and it affects all companies
> Current business and regulatory climate has made
the problem more acute
> Effectively address the threat with complete
coverage and accurate detection
> You must combine technology and experience to
win the war
![Page 10: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/10.jpg)
10 March 26, 2009 CA DLP Copyright © 2009 CA
Parting ThoughtTough economy heightens insider threat
> Stressed employees = vulnerable company
Insiders with access to corporate
information, such as customer data or
corporate secrets, might want to steal or
disclose it for financial gain or simply to
get back at their companies.
Those with technical-savvy might seek to
sabotage corporate data and systems
Employees are easy targets for
opportunistic rivals
“…on the other side is the challenging economic environment and potential redundancies that have created a distracted workforce and a growing number of disgruntled former employees.” - Mike Maddison, head of Deloitte's security and privacy practice
![Page 11: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/11.jpg)
Websense Provides Essential Information Protection
![Page 12: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/12.jpg)
Today’s Webscape
Top 100 sites Next 1 million sites Next 100 million sites
THE DYNAMIC WEB• Constantly changing content• Millions of varied pages per site• Legitimate sites compromised• Legacy security systems obsolete • Requires real-time content analysis
THE KNOWN WEB• Current events, regional, genre sites • Less user-generated content• Reputation, URL databases fairlyeffective
THE UNKNOWN WEB• Junk, personal, scam, adult, etc. • Million of new sites appear daily• Reputation and URL databases can’t keep up
• Requires real-time categorization and real-time security scanning
Web
Tra
ffic
90% social networking or search
45% of these supported user-generated content
70% hosted or involved in malicious activity
in past six months
![Page 13: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/13.jpg)
Threat Vectors Converge in Sophisticated Attacks
• Spear Phishing” CEO targeted Email
• 25-80% traffic from gmail, yahoo, hotmail SPAM, GOOG top 5 SPAM source
Threats
• 5 years ago 99% of malicious content was attachments,
• Today 95% of malicious content is URLs
Convergence
Web
Security
Data
SecurityMessaging
Security
Integrated Security
![Page 14: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/14.jpg)
Websense – Essential Information Protection
![Page 15: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/15.jpg)
DLP
5
![Page 16: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/16.jpg)
Only Websense Provides
Business Intelligent Controls
Who
Human Resources
Customer Service
Finance
Accounting
Legal
Sales
Marketing
Technical Support
Engineering
What
Business Plans
M&A Plans
Employee Salary
Patient Information
Financial Statements
Customer Records
Technical Documentation
Competitive Information
Where
Benefits Provider
Personal Web Storage
Blog
Customer
Removable Media
Spyware Site
Business Partner
Competitor
Analyst
How
File Transfer
Instant Messaging
Peer-to-Peer
Web
Audit
Notify
Remove
Quarantine
Encrypt
Block
File Access
Copy/Paste
Print Screen
Action
Confirm
Data Regulated by
PCI DSS
![Page 17: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/17.jpg)
Data Security: A Practical Approach to Protection
![Page 18: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/18.jpg)
2007 NPI Violations
0
2000
4000
6000
8000
10000
12000
14000
Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
Messag
es w
ith
NP
I V
iola
tio
ns
Real Customer Results: Best Practices & The Benefits of Integrated Controls
Monitoring Communications Enforcing Communication Policy
En
forc
em
en
t
No
tifica
tion
s
![Page 19: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/19.jpg)
Data-In-Motion
User sendssensitive data
Accurate detectionof policy violation
Selective and automated enforcement (quarantine)
Notification
Role-based remediation
Report on informationrisk and compliance
Comprehensive DLP
Data-In-Use
User copies
confidential document
Accurate detection
of policy violation
Selective and automated
enforcement (quarantine)
Notification
Role-based remediation
Report on Information
risk and compliance
Data-at Rest
Start with pre-built
policies
Scan endpoints, laptops,shared volumes
Detect unsecured data
Classify policyviolations
Remediation workflow
Report on informationrisk and compliance
![Page 20: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/20.jpg)
10
About Websense
• Leading Provider of Web, Messaging and
Data Security Solutions
• Annual Billings: $356m +
• Employees: 1,250
• >50,000 customers worldwide
• 42 million subscription seats
• 5,000 value-add resellers, worldwide
• Award-winning partner program
• Global development with ~5 sites
• Global security research with >80 dedicated
content researchers
• Global support and services
![Page 21: CA Orchestria DLP Solution Overvie€¦ · CA Data Loss Prevention > Comprehensively protect sensitive data against both inadvertent and malicious loss > Enforce protection policies](https://reader033.vdocuments.net/reader033/viewer/2022053007/5f0b5e347e708231d4302c21/html5/thumbnails/21.jpg)
• Over 50,000 customers worldwide
• Over 41 million subscription seats
• 5,000 value-added resellers
• Award-winning global support and services
Government
Manufacturing Media
Technology Telecommunications
Healthcare – Insurance Financial Services
Transportation - Energy
Retail
Customers Who Trust WebsenseGlobal Coverage and Support