CA DLP
Gijo MathewCA Inc.March 2009
2 March 26, 2009 CA DLP Copyright © 2009 CA
Business ChallengeProtect a broad set of critical information
“Traditional”
Which risk areas concern you?
Personally Identifiable Information (PII)
Birthdates
Employee Numbers
Social Security/NI Numbers
Credit Card Information
Personal Health Information
Intellectual Property (IP)
Source Code
Product Design Documents
Research Information
Patent Applications
Customer Lists
Non Public Information (NPI)
Financial Information
M&A Activities & Info
Executive Communication
Legal/Regulatory Matters
Corporate Policies
Employee Behavior
Intimidation
Gifts and Entertainment
Communication with Press
Inappropriate Web Use
Customer Treatment
Complaints
Service Level Infractions
Promises & Guarantees
Harassment
Financial Controls
Budgets & Forecasts
Audit Materials
Expense Reports
Quarterly Reports & Filings
Communication with regulators
Which risk areas are you aware of?
Ris
k A
reas
Additional
3 March 26, 2009 CA DLP Copyright © 2009 CA
Accurate Analysis Without it, the data cannot be protected
SCORING WEIGHTING
Content Registration
Exact Data Matching
Index Data Match
Bayesian Inference
Content Description
Keywords
Stemming
Wildcards
Contextual Analysis
Identity
Hierarchy
Role
Source
Destination
Conceptual Analysis
Intent Aware
Business Aware
Absence of Content
SOPHISTICATION & ACCURACY
= + + +
4 March 26, 2009 CA DLP Copyright © 2009 CA
> Complete coverage is required for
consistency and reinforcement
Use one policy definition across the
entire enterprise
Foil those with malicious intent
> Flexibility to deploy by module
Start with one coverage point and
expand to the others
> Centralized reporting and admin
Required to manage costs and identify
the true risk areas within the firm
Complete Coverage Eliminate the gaps
Endpoints
File Shares& Data Repositories
Message Servers& MTAS
Network
Across the enterprise, there are four areas to cover:
5 March 26, 2009 CA DLP Copyright © 2009 CA
> Benefits
Accelerate deployment time / time-to-value
Leverage best practices
Reduce costs
> Broad coverage is required
All information types (more than just Social Security Numbers!)
Regulatory compliance
Employee behavior and customer management
Financial controls
Classification
Other industry-specific needs
Pre-Built Policy Why re-invent the wheel?
6 March 26, 2009 CA DLP Copyright © 2009 CA
> One size does not fit all
Should the CEO be blocked in the same
manner as customer service representative?
> Flexibility drives productivity
Must allow users to do their jobs
Rely on education to eliminate the inadvertent
breaches
> Self-remediation is the ultimate
Empower users to correct their own mistakes
Track the user’s decision (disregard vs. heed)
Lower management and IT burden and cost
Appropriate Action Flexibility and self-remediation
7 March 26, 2009 CA DLP Copyright © 2009 CA
CA Data Loss Prevention
> Comprehensively protect sensitive data
against both inadvertent and malicious loss
> Enforce protection policies at the endpoint,
message server, network and for stored data
> Benefits
Minimize the threat of data loss from insiders
Discover and control sensitive information across the organization
Comply with information security guidelines
Protect data collaboration among employees and partners
Prevent exposure of intellectual property
Enforce appropriate employee behavior and data usage
Protect health and medical related information
8 March 26, 2009 CA DLP Copyright © 2009 CA
Data and Resource ProtectionHolistic Data-Centric Security
> Discover and classify data to enforce security policies
> Protect against inappropriate server access and data loss
> Manage to compliance requirements and reduce related costs
> Simplify management and auditing of data and server access policies
Server Access Management Data Loss Prevention
• Fine-grained access control
• Policy-based management
• Secure policy-based reporting
• Host protection against data loss
• Data at Rest (Stored Data)
• Data in Motion (Email, Web…)
• Data in Use (Saving, Printing…)
9 March 26, 2009 CA DLP Copyright © 2009 CA
Conclusion
> The threat is real, and it affects all companies
> Current business and regulatory climate has made
the problem more acute
> Effectively address the threat with complete
coverage and accurate detection
> You must combine technology and experience to
win the war
10 March 26, 2009 CA DLP Copyright © 2009 CA
Parting ThoughtTough economy heightens insider threat
> Stressed employees = vulnerable company
Insiders with access to corporate
information, such as customer data or
corporate secrets, might want to steal or
disclose it for financial gain or simply to
get back at their companies.
Those with technical-savvy might seek to
sabotage corporate data and systems
Employees are easy targets for
opportunistic rivals
“…on the other side is the challenging economic environment and potential redundancies that have created a distracted workforce and a growing number of disgruntled former employees.” - Mike Maddison, head of Deloitte's security and privacy practice
Websense Provides Essential Information Protection
Today’s Webscape
Top 100 sites Next 1 million sites Next 100 million sites
THE DYNAMIC WEB• Constantly changing content• Millions of varied pages per site• Legitimate sites compromised• Legacy security systems obsolete • Requires real-time content analysis
THE KNOWN WEB• Current events, regional, genre sites • Less user-generated content• Reputation, URL databases fairlyeffective
THE UNKNOWN WEB• Junk, personal, scam, adult, etc. • Million of new sites appear daily• Reputation and URL databases can’t keep up
• Requires real-time categorization and real-time security scanning
Web
Tra
ffic
90% social networking or search
45% of these supported user-generated content
70% hosted or involved in malicious activity
in past six months
Threat Vectors Converge in Sophisticated Attacks
• Spear Phishing” CEO targeted Email
• 25-80% traffic from gmail, yahoo, hotmail SPAM, GOOG top 5 SPAM source
Threats
• 5 years ago 99% of malicious content was attachments,
• Today 95% of malicious content is URLs
Convergence
Web
Security
Data
SecurityMessaging
Security
Integrated Security
Websense – Essential Information Protection
DLP
5
Only Websense Provides
Business Intelligent Controls
Who
Human Resources
Customer Service
Finance
Accounting
Legal
Sales
Marketing
Technical Support
Engineering
What
Business Plans
M&A Plans
Employee Salary
Patient Information
Financial Statements
Customer Records
Technical Documentation
Competitive Information
Where
Benefits Provider
Personal Web Storage
Blog
Customer
Removable Media
Spyware Site
Business Partner
Competitor
Analyst
How
File Transfer
Instant Messaging
Peer-to-Peer
Web
Audit
Notify
Remove
Quarantine
Encrypt
Block
File Access
Copy/Paste
Print Screen
Action
Confirm
Data Regulated by
PCI DSS
Data Security: A Practical Approach to Protection
2007 NPI Violations
0
2000
4000
6000
8000
10000
12000
14000
Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec
Messag
es w
ith
NP
I V
iola
tio
ns
Real Customer Results: Best Practices & The Benefits of Integrated Controls
Monitoring Communications Enforcing Communication Policy
En
forc
em
en
t
No
tifica
tion
s
Data-In-Motion
User sendssensitive data
Accurate detectionof policy violation
Selective and automated enforcement (quarantine)
Notification
Role-based remediation
Report on informationrisk and compliance
Comprehensive DLP
Data-In-Use
User copies
confidential document
Accurate detection
of policy violation
Selective and automated
enforcement (quarantine)
Notification
Role-based remediation
Report on Information
risk and compliance
Data-at Rest
Start with pre-built
policies
Scan endpoints, laptops,shared volumes
Detect unsecured data
Classify policyviolations
Remediation workflow
Report on informationrisk and compliance
10
About Websense
• Leading Provider of Web, Messaging and
Data Security Solutions
• Annual Billings: $356m +
• Employees: 1,250
• >50,000 customers worldwide
• 42 million subscription seats
• 5,000 value-add resellers, worldwide
• Award-winning partner program
• Global development with ~5 sites
• Global security research with >80 dedicated
content researchers
• Global support and services
• Over 50,000 customers worldwide
• Over 41 million subscription seats
• 5,000 value-added resellers
• Award-winning global support and services
Government
Manufacturing Media
Technology Telecommunications
Healthcare – Insurance Financial Services
Transportation - Energy
Retail
Customers Who Trust WebsenseGlobal Coverage and Support