gtb data loss prevention
DESCRIPTION
Next Generation of Data Leakage & Loss Prevention Technologies. GTB Technologies provides products for data loss prevention in corporate networks and endpoints, in motion and at rest. Its flagship product, the GTB Inspector is a winner of multiple awards and rave reviews in the press . [email protected]TRANSCRIPT
Enterprise Data Loss PreventionEnterprise Data Loss Prevention
The most affordable DLP system in the The most affordable DLP system in the spacespace
Alon Refaeli Alon Refaeli –– EMEA Business Development Manager at GTB Technologies Inc.EMEA Business Development Manager at GTB Technologies [email protected]
DLP Issues Top Concern for CSOs
2
Merrill Lynch CISO Survey, June 27, 2007 The 2008 Global Information Security Workforce Study, Frost & Sullivan, April 22, 2008
The Reality of Today’s Networks
• File Transfers• InformationSharing
• Web Mail• IM• Social Networking• Skype
3
• SAAS• PAAS• Cloud Computing• Web Apps
• Bots• Virus• Hackers• Port Hopping• Tunneling
Threats are Targeting Information
Uneducated User
Leakage
Theft
• Business Partners
• Webmail
• Social Networking
• Cloud
External Threat Actors
Malicious Insider
Theft
Exfiltration
• Nation States
• Organized Non-State Actors (e.g., Terrorist groups)
• Organized Crime
• Advanced Persistent Threats
Copyright 2011 GTB DLP Suite
What the analysts say:What the analysts say:
Frost & Sullivan believes that GTB is on track to becoming Frost & Sullivan believes that GTB is on track to becoming the dominant provider of DLP/ILP solutions in the financial the dominant provider of DLP/ILP solutions in the financial market. market. World dlp research September 2008World dlp research September 2008
When using fingerprinted data, the catch rate is 100%. If you When using fingerprinted data, the catch rate is 100%. If you When using fingerprinted data, the catch rate is 100%. If you When using fingerprinted data, the catch rate is 100%. If you have sensitive data on your enterprise you need this have sensitive data on your enterprise you need this device… you will sleep much better knowing your data is device… you will sleep much better knowing your data is protected. protected. SC Magazine 2007SC Magazine 2007
Copyright 2011 GTB DLP Suite Slide
NetworkNetwork
•• Scans all Scans all outbound trafficoutbound traffic
•• Highest Highest
EndpointEndpoint
•• DiscoverDiscover•• ProtectProtect•• AuditAudit
eDiscoveryeDiscovery
•• Scan DesktopsScan Desktops•• Scans file sharesScans file shares•• Reports on Reports on
The GTB DLP componentsThe GTB DLP components
•• Highest Highest accuracyaccuracy
•• Able to block Able to block without a proxy without a proxy serverserver
•• File format File format agnosticagnostic
•• AuditAudit•• ControlControl•• ContentContent--AwareAware
•• Reports on Reports on vulnerable filesvulnerable files
•• Automatic batchAutomatic batch
Centralized policy, reporting and workflowCentralized policy, reporting and workflow
Supports all languagesSupports all languages
Copyright 2011GTB DLP Suite
Slide
1. Who is sending my data?
•• InsidersInsiders
2. What data is being sent?
•• PIIPII
3. Who is receiving my data?
•• IP addressIP address
DLP answers three questions:DLP answers three questions:
•• InsidersInsiders•• IntrudersIntruders•• Spyware/VirusesSpyware/Viruses
•• PIIPII•• PHIPHI•• Source CodeSource Code•• IPIP
•• IP addressIP address•• Email destinationEmail destination•• Geographic Geographic
locationlocation
Copyright 2011GTB DLP Suite
Slide
1. Control a broken 1. Control a broken business processbusiness process
••Who is sending, Who is sending, what data and to what data and to whom?whom?
2. Demonstrate 2. Demonstrate ComplianceCompliance
••I have no way of I have no way of enforcing data loss enforcing data loss compliance compliance regulationregulation
3. Automate Email 3. Automate Email EncryptionEncryption
••How do I automate How do I automate encrypting emails encrypting emails which require it?which require it?
The 8 useThe 8 use--cases for Network DLPcases for Network DLP
44. Detect or Block . Detect or Block encrypted contentencrypted content
••Should I allow Should I allow encrypted data to encrypted data to leave without leave without content content inspection?inspection?
5. Severity Blocking5. Severity Blocking
••Some breaches are Some breaches are so severe that I so severe that I prefer to altogether prefer to altogether block them!block them!
6. Visibility to SSL6. Visibility to SSL
••I have no visibility to I have no visibility to SSL in general and SSL in general and HTTPS in particular!HTTPS in particular!
7. Detect/Block TCP 7. Detect/Block TCP from nonfrom non--trusted trusted
usersusers••How do I detect How do I detect transmissions from transmissions from nonnon--trusted users trusted users (Malware/Viruses/Tr(Malware/Viruses/Trojans)ojans)
Copyright 2011 Slide
inspection?inspection?
••My employees are My employees are not complying with not complying with the Written the Written Information Information Security Policy Security Policy (WISP)(WISP)
8. Employees’ 8. Employees’ EducationEducation
GTB DLP SuiteGTB DLP Suite
What data must be protected?What data must be protected?Personal identifiable information (PII)Personal identifiable information (PII)
•• Credit card numberCredit card number•• Social security numberSocial security number•• Customer nameCustomer name•• AddressAddress•• AddressAddress•• Telephone numberTelephone number•• Account number/Member numberAccount number/Member number•• PIN or passwordPIN or password•• Username & password Username & password •• Drivers license numberDrivers license number•• Date of birthDate of birth
Copyright 2011 GTB DLP Suite Slide
Fingerprint Detection Engine Fingerprint Detection Engine ––Structured DataStructured DataThe most accurate detection engine in the DLP spaceThe most accurate detection engine in the DLP space
Feature Benefit
Can fingerprint any database Highest flexibility
Multi-field detection No false positives
Automatic fingerprints refresh Easy maintenance and operation
Automatically deletes fingerprints that are no longer Options for time-based sensitive content
Automatically deletes fingerprints that are no longer sensitive
Supports user-defined fields Protects your direct business data
Fingerprints 1 million fields in 10 minutes Very high performance
Copyright 2011 GTB DLP Suite Slide 10
GTB advanced fingerprinting technology GTB advanced fingerprinting technology -- FilesFiles
Fingerprint Detection Engine Fingerprint Detection Engine –– Unstructured DataUnstructured DataThe most accurate detection engine in the DLP spaceThe most accurate detection engine in the DLP space
Feature Benefit
Multiple data stream fingerprints using proprietary algorithm
Allows for partial file match
Options for binary or text detection Detects images inside files
Options for excluded content Detects sensitive data only
Automatically deletes fingerprints that are no longer Options for time-based sensitive content
Automatically deletes fingerprints that are no longer sensitive
User defined sensitivity (in bytes) Highest possible control on what is detected
Virtual zero false positive rate Highest accuracy
Multi-language support Files in any language can be protected
Copyright 2011 GTB DLP Suite Slide 12
Data Patterns DetectionData Patterns Detection
•• Extended REGEX templates out of the boxExtended REGEX templates out of the box
•• Patterns defined through REGEX in PHPPatterns defined through REGEX in PHP
•• Lexicons supportLexicons support
•• User defined severity level per pattern ruleUser defined severity level per pattern rule
Copyright 2011 GTB DLP Suite Slide
•• User defined severity level per pattern ruleUser defined severity level per pattern rule
•• Multi field weights and occurrencesMulti field weights and occurrences
•• Support for all languagesSupport for all languages