insider and outsider threat data protection solution by digital guardian
TRANSCRIPT
Insider and Outsider Threat Data Protection SolutionIt’s about the data!
The Nature of Data Protection is Changing
2
And the Threats to Your Data Have Changed
3
You Need Data Security That Starts at the Source
4
Patented, Proven Endpoint Agent
5
Automatic Sensitive Data Classification
6
STOP Data Theft From Insiders and Outsiders
7
The Only SINGLE Agent to Protect Data From…
8
DIGITALGUARDIANTM
for Outsider Threat Protection
DIGITALGUARDIANTM
for Outsider Threat Protection
Real-Time Threat Detection• Real time pattern detection via intelligent correlation rules
Real-Time Alerting & Instant Response• Attack alerts & instant quarantine & stop attacks in their tracks
Forensic Data Collection & Reporting Deep visibility into events across the user machine - kernel and user level
Maximizes the Return on Security Investment Easy direct integration extends your investment
Bi-directional integration, SIEM integration
10
DIGITALGUARDIANTM
for Insider Threat Protection
DIGITALGUARDIANTM
for Insider Threat Protection
Key Features:• Kernel Level Data Visibility
• Automatic, Content & Context Driven Data Classification
• Flexible Policy Management and Enforcement
• Best-in-Class Reporting and Dashboards
• Forensics Reporting and Legal Case Management
12
DIGITALGUARDIANTM
for Insider Threat Protection
Kernel Level Data Visibility• Deepest visibility to all events at point of risk/egress
• Broadest coverage of systems (Windows, MAC OS X and Linux)
• Broadest coverage of environments (Network, Cloud, Virtual, Online and Offline)
13
DIGITALGUARDIANTM
for Insider Threat Protection
Automatic, Content & Context Driven Data Classification
• Classify based on context, content, and user-definition
• Classify all data types • (structured, unstructured, MSOffice, CAD, source code, media, video, and more)
• Apply persistent and inheritable classification tags
14
Auto & User Classification
15
macJoe Smith
462-81-540642 Wallaby
Cook
Upload/Download Source/Destination
Application
Network State
Operation
Drive Type
Time of Day
User
Computer
Classification
Session
1. Content 2. Context 3. User
~200ContextualParameters
3 ways of classifying data
DIGITALGUARDIANTM
for Insider Threat Protection
Policy Management and Enforcement • Powerful, customizable policy creation engine to define and deploy rules
• Flexible application and device management and control
Best-in-Class Reporting and Dashboards
Forensics Reporting & Case Management
• Evidentiary-level data capture & advance forensic data incident investigation
16
DIGITALGUARDIANTM
Flexible Deployment OptionsOn Premise, Managed Security Program, Hybrid
Flexible Deployment Models
18
Infrastructure hosted in your
environment
Self-administration
Policies, rules and reports
managed by you
Engage with Verdasys Pro
Services as needed
Infrastructure hosted in
Verdasys private cloud
Administered by Verdasys Pro
Services
Access to policies, rules, and
reports
Weekly status meetings
Infrastructure hosted in your
environment.
Administered remotely by
Verdasys Pro Services
Data remains within your IT
environment.
Option 1
On PremiseOption 2
Managed ServiceOption 3
HybridManaged Service On Premise
“By selecting the managed service deployment option, we were able to be up and running in a matter of weeks. The
added visibility into how our confidential data is being used is invaluable.”
CISO, Regional Bank
Deployment Methodology
19
Install Agents
Record Actions
Build Trends
Normalize Behavior
Identify Outliers
Identify Concerns
Display Warnings
Request Justification
Educate Users
Tune rules & policies
Rebuild Trending
Display Blocks
Enforce Policies
Alert on Violations
Encrypt egress
MONITOR PROMPT ENFORCE
Digital Guardian’s Insider Threat Protection
methodology focuses on 3 primary areas:
monitor, prompt, and enforce
Digital Guardian
20
“Data is King: So How do you Best Protect the King?” Check out our Webinar with Wendy Nather to get the best tips on protecting your data!http://bit.ly/DataIsKing
“You need agents everywhere. They’re necessary because today’s malware interacts at the kernel level, so
prevention needs to run similarly deep to keep up.” - Mike Rothman, Analyst & President, Securosis