McAfee Endpoint Encryption

Presenter Name

Presentation Date

Agenda

1 2 3 4

Agenda

1

It’s All About the Data!

• SOX • HIPAA • PCI-DSS• GLBA • FISMA• ITAR• State data breach

(e.g., CA SB 1386) • U.K. Data Protection Act

Compliance

• Customer/prospect lists• Price/cost lists • Design docs• Source code• Formulas• Trade secrets• Process advantages• Pending patents• Company logo/artwork

Intellectual Property

• Board minutes• Financial reports• Merger/acquisitions• Product plans• Hiring/firing/layoff plans• Salary information• Acceptable use

High Business Impact(HBI) Information

The goal of all IT security effortsis to PROTECT DATA

Data At Risk, Even From Trusted Insiders

80% of CISOs see employees as the greatest data threat

73% of data breaches come from internal sources

77% unable to audit or quantify loss after a data breach

Survey: Dark Reading/InformationWeek (2009)Survey: MIS Training Institute at CISO Summit (2009)McAfee Datagate Report. Produced by DataMonitor (survey of 1400 IT professionals across UK, US, DR, DE, and Australia)Ponemon (2009)

68% plan to use former company’s confidential data in new job

SanDisk Endpoint Security Survey, April 2009

Types of Data At Risk: What’s Copied to USB Drives

SC Magazine

“Data Breaches Continue to BecomeMore Common and More Severe1”

“DuPont scientist downloaded 22,000 sensitive documents as he got ready to take a job with a competitor…”

“Royal London Mutual Insurance Society loses eight laptops and the personal details of 2,135 people”

“The FSA has fined Nationwide £980,000 for a stolen laptop”

“Personal data of 600,000 on lost laptop”

“ChoicePoint to pay $15 million over data breach—Data broker sold info on 163,000 people”

1 Top Finding from Ponemon 2010 Annual Study: U.S. Enterprise Encryption Trends, November 2010

Consequences of a Breach

• Penalties• Fines• Costs of remediating a data breach• Brand damage• Customer churn• Loss of competitive edge• And more

Increasing Compliance Burden

9

• Key regulations driving encryption in the US are state privacy laws, PCI requirements & HIPAA1

• Find summaries of US & global data protection laws at mcafee.com/us/regulations/index.aspx

1 Top Finding from Ponemon 2010 Annual Study: U.S. Enterprise Encryption Trends, November 2010

Datenschutz (Germany)

GISRA (USA)

Data Protection Act (UK)

Government NetworkSecurity Act (USA)

California SB 1386 (USA)

US Senate Bill 1350 Proposed (USA)

HIPAA (USA)

Gramm-Leach-Bliley (USA)

Japan Personal Information Protection Act (PIPA)

US Government OMB Initiative (USA)

Directive on Protection of Personal Data (EU)

Sarbanes-Oxley (USA)

Payment Card Industry Data Security Standard

The Personal Information protection and Electronic Documents Act (Canada)

Federal Desktop Core Configuration (US Civilian)

GCSX Code of Connection (CoCo) (UK)

2004

2011

1996

Massachusetts 201 CMR 17.00

• Smartphones, netbooks, tablets, USB storage devices

• Used for work and personal

• Indispensible, highly mobile

• Workers using personal non-compliant devices and applications

• Gray area around corporate control of personal devices accessing company data

• Need to deliver corporate data when and where needed

• Devices store and access vast amounts of confidential data

10

Challenges Shaping Data Protection

Computing Cycles in Perspective

New and Increasing Types of Endpoints

1,000,000

100,000

10,000

1,000

100

10

1

1960 1980 2000 2020

Mobile Internet

Desktop Internet

PC

Minicomputer

Mainframe

10B+ Units??

1B+ Units/ Users100M

Units10M Units

1M Units

Increasing use of tablets, smartphones and USB drives equates to increasing risks for data loss

- IDC predicts the combined unit shipments of smartphones and tablets will eclipse total (consumer and corporate) PCs in 20121

- 2010 worldwide USB flash drive shipments are expected to be 275 million2

- Mobile internet connected devices gaining speed

Morgan Stanley

Agenda

2

Key Requirements for Securing Data

Protect data on a wide range of endpoints

Easy, consistent security management

Proof of protection

14

Desktop

McAfee Data Protection

Smartphones

Tablets

Enterprise Data Center

Databases AppsNetwork DLP

Laptop

Removable Media Storage

USB devices

Device ControlEndpoint Encryption for PCEndpoint Encryption for Mac

Host DLP

Endpoint Encryption for Files and Folders

Encrypted USB Devices

Enterprise MobilityManagement

McAfee ePO

Comprehensive ● Integrated ● Centrally Managed

McAfee: Proven Leader, Trusted Solutions

Leader Gartner Magic Quadrant for Mobile Data Protection 2011

Gartner Magic Quadrant for Content-Aware Data Loss Protection 2010

Abi

lity

to E

xecu

te

Completeness of Vision

Challengers Leaders

Niche Players Visionaries

SymantecWebsense RSA (EMC)

TrustwaveCA

Code Green NetworksFidelis Security

SystemsVerdasys

Palisade SystemsTrend Micro

GTB Technologies

McAfee

Magic Quadrant for Content-Aware Data Loss Prevention

Agenda

3

Data Protection Challenge

1 Ponemon2 Ponemon, 2009 Cost of a Data Breach3 HIPAA DHHS Guidance 20094 http://www.realtime-itcompliance.com/laws_regulations/2008/09/pii_encryption_required_by_new.htm

• Laptops lost or stolen in airports, taxis and hotels cost companies an average of $49,2461

• 36% of data breaches were due to lost or stolen laptop computers– Average cost is $6.75 million per breach2

• Staying out of the news• Best practices:

- “Ensure that portable data-bearing devices… are encrypted”2 - “Protected health information (PHI) is rendered unusable, unreadable,

or indecipherable to unauthorized individuals if encrypted or destroyed”3

- “Encryption in past laws have been directed to be considered based upon risk, but now they are more explicitly required in some laws.” Nevada’s SB347 and Massachusetts 201 CMR 17.00 are specifically discussed.4

How best to protect confidential corporate data especially on mobile devices from loss, theft, or exposure to unauthorized parties?

McAfee Endpoint Encryption for PCs,McAfee Endpoint Encryption for Mac

Full disk encryption for Windows PCs or Mac• Protects all data on desktop PCs1 and laptops transparently• No need to be concerned about workers deciding which files to encrypt or the

myriad of “hidden” temp files that applications create which contain your data

Easy to use• Encryption happens in the background & on the fly• High performance

Easy to manage• Via integrated McAfee ePolicy Orchestrator• Centralized deployment, management, policy administration, auditing,

reporting, and recovery via a single console• Demonstrate compliance & proof of consistent/persistent security

1 Only EEPC supports desktops

Endpoint Encryption for Files and Folders

Encryption where it’s needed– Local file and folder encryption– File and folder encryption on file servers– Removable media: file and folder encryption on USB

drives– User initiated encryption of e-mail attachments

Data protection made easy– Designed for sharing of encrypted data– Persistent encryption– On-the-fly, transparent data encryption and decryption

when writing to/reading from disk– Automatic policy enforcement beyond user control– Managed via McAfee ePolicy Orchestrator platform

McAfee Enterprise Mobility Management

April 28, 202320

Database

Files

Directory

Applications

Certificate Services

Messaging

Enterprise Environment

WindowsMobile

Symbian

Android

webOS

iPhone

iPad

EMM + ePO

• Makes it secure– Configures, enforces and manages

native device security settings– Enforces compliance to enterprise

policies– Securely connect to enterprise

services: VPN, Wi-Fi, messaging and LOB apps

• Makes it easy– Self-service provisioning– Personalizes devices to

optimize end-user productivity

• Makes it scalable– Integrates into the enterprise’s

existing environment and scales to 10s of 1000s of devices

21

EE for Files and Folders

Modular, Comprehensive Data Protection Solutions

EE for PCs

Endpoint Encryption

Host DLP

Device Control (feature of Host DLP)

DLP

+

McAfee ePOMcAfee ePolicy

Orchestrator

+

EE for Removable Media (feature of EEFF)

ToPS for Data Suite Individual Solutions

Encrypted USB (devices)

Enterprise Mobility Mgmt.

Network DLP

EE for PCs

EE for Files and Folders

EE for Removable Media (feature of EEFF)

Device Control(feature of Host DLP)

Host DLP

McAfee ePO

Agenda

4

McAfee ePO Foundation of Optimized Security

23

“ePO has historically been the standard for centralized administration consoles.”

Endpoint Protection Platform Magic Quadrant

World’s most scalable security and compliance mgmt platform

— Manages 60M+ endpoints — 35,000+ enterprises — Largest deployment

@ > 5M endpoints

Deploy, manage and report on— Endpoint security— Data Loss Prevention— Endpoint Encryption— Encrypted USB devices— Enterprise Mobility Manager— Web and messaging security— Network access control— Vulnerability management— Integration with network IPS — Threat alerts from Avert Labs

Security Management Challenges

April 28, 202324

INEFFECTIVE RISK

MANAGEMENT

LIMITED VISIBILITY

COMPLEX, GLOBAL

OPERATIONS

• Fragmented technologies

• No support for on-premise and SaaS

• No real time security monitoring

• Reactive programs and processes

• No integration with business systems

• Limited analytic capabilities

• Dynamic regulatory requirements

• Manual assessment and enforcement

• Increased stakeholder pressures

Loss of Revenue

Increased Risk Exposure

Increased operational costsX X X

An Upgrade to ”Enterprise”

April 28, 202325

SECURE THEDEVICE

SECURE THE INFORMATION

SECURE THE INFRASTRUCTURE

ENFORCEASSESS

ePolicy Orchestrator

MONITORRESPOND

McAfee ePO Benefits

April 28, 202326

Automate key security and compliance processes and controls

Complete visibility and transparency cross all systems and processes

Prioritize and proactively respond to critical risks before a loss occurs

COMPLETE VISIBILITY

PROACTIVE RISK ANALYTICS

REDUCED COSTS

€$

27

Single console endpoint deployment and management

1

Single consolidated source for incident response and reporting

2

Comprehensive incident views, case management and workflow

3

Integration of Endpoint Encryption and ePO Automation of monitoring, reporting, and auditing Reduces Costs!

McAfee Endpoint Encryption

McAfee Encrypted USB

McAfee DLP

28

Why McAfee Endpoint Encryption

1 Marketing leading, enterprise-class encryption

2 Comprehensive, customizable, extensible product offering includes full disk, file and folder, removable media, encrypted USB storage devices

3 Superior integration and robust management with McAfee ePO

4 Full featured compliance and audit reporting using McAfee ePO

5 Quick deployment and lowest operational cost

Summary