secure information sharing - the external user dilemma
TRANSCRIPT
www.
watc
hful
softw
are.
comSecure Information Sharing: The External User Dilemma
Martin Kuppinger, KuppingerColeRui Melo Biscaia, Watchful Software
Webinar,Wednesday, 16th of December 2015
www.
watc
hful
softw
are.
com
05/03/2023 © Copyright www.watchfulsoftware.com. 2015 All Rights Reserved. 2
1) INTRODUCTION
2) INFORMATION CLASSIFICATION AND SECURE INFORMATION SHARING BECOMING THE STANDARD, NOT BEING THE EXCEPTION ANYMORE
3) POLICY DRIVEN INFORMATION SHARING WITH RIGHTSWATCH
4) Q&A
Agenda
www.
watc
hful
softw
are.
com
05/03/2023 © Copyright www.watchfulsoftware.com. 2015 All Rights Reserved. 3
Introductions
Martin KuppingerCEO, Founder & Principal [email protected]
Rui Melo BiscaiaDirector of product ManagementWatchful [email protected]
You are muted centrally. You don’t need to mute/unmute yourself
This webinar is being recorded. The recording will be available tomorrow at www.watchfulsoftware.com
The Q&A session will be at the end You are welcomed to enter questions
anytime, using the Chat feature in the GoToWebinar Control Panel
www.
watc
hful
softw
are.
com
05/03/2023 © Copyright www.watchfulsoftware.com. 2015 All Rights Reserved. 4
1) INTRODUCTION
2) INFORMATION CLASSIFICATION AND SECURE INFORMATION SHARING BECOMING THE STANDARD, NOT BEING THE EXCEPTION ANYMORE
3) POLICY DRIVEN INFORMATION SHARING WITH RIGHTSWATCH
4) Q&A
Agenda
Secure Information Sharing: The External User DilemmaInformation Classification and Secure Information Sharing becoming the standard, not being the exception anymore
www.kuppingercole.com
Martin KuppingerCEO, Founder & Principal [email protected]
Brand reputati
on
Customer data
Intellectual
propertiesPeople
An organization‘s crown jewels
6
Everything and everyone become connected
7
Corporate Network 10 years ago
8
Workstations and servers
Employees
Internet
Mobile worker Hacker
Gateway
Security perimeter
Corporate Network now
9
Cloud
Hackers
Data center
HQ
Office 1
Office 2
Mobile users Social networks
SupplierSurveillance &
espionage
Paradigm Shift in Information Security
10
From perimeter securityThere is no network perimeter anymore
Perimeter defense security tools leave too many gaps for APTs
These tools cannot protect from phishing, malicious insiders, etc.
Towards defense of internal resourcesAssume that the hack has already happened
Try to detect it as quickly as possible before more harm is done
Knowing as much as possible about our assets is the key
In use
In motio
n
At rest
The what, where and when of Information Protection
11
• Structured data• Unstructured data = documents
WHENWHAT
WHERE
• 100% secure key management• Cloud vs. on-premise• Classification schemes• Policy explosion• Details (Breadth of support,
implementation, administration)• Combination of infrastructure building
blocks – core product and add-ons• Alternative lightweight solutions
Rights Management challenges yesterday and today
12
• Application & Document format support
• Platform support (OS, Device)• External user support• (Automated) classification• Deployment• Vendor focus & choice
Yesterday Today
C-level is aware of need for Secure Information Sharing and Information Protection
Even many IT people are still not aware of the solutions, particularly not the maturity of Rights Management
The awareness challenge
13
•Multiple vendors, many partnersAvailable•Major problems are solvedMature•There is no other way to really protect your crown jewelsNo alternatives
Secure Information Sharing: Available. Mature. No alternatives.
14
www.
watc
hful
softw
are.
com
05/03/2023 © Copyright www.watchfulsoftware.com. 2015 All Rights Reserved. 15
1) INTRODUCTION
2) INFORMATION CLASSIFICATION AND SECURE INFORMATION SHARING BECOMING THE STANDARD, NOT BEING THE EXCEPTION ANYMORE
3) POLICY DRIVEN INFORMATION SHARING WITH RIGHTSWATCH
4) Q&A
Agenda
www.
watc
hful
softw
are.
com
05/03/2023 © Copyright www.watchfulsoftware.com. 2015 All Rights Reserved. 16
Secure Information Sharing - CISO’s questions:
Secure Information Sharing
1. Can I enforce corporate policies?2. Can I allow it via any media and not just e-mail?3. Can I have a zero extra click environment to achieve it?4. Can I not need to onboard “externals” into my systems?
5. Can I not require “externals” to own a license nor software?
6. Can I then know who, did what, when and how?
www.
watc
hful
softw
are.
com
05/03/2023 © Copyright www.watchfulsoftware.com. 2015 All Rights Reserved. 17
Secure Information Sharing is …
GOVERNANCE
PROTECTION
LOSSPREVENTION
CLASSIFICATION
www.
watc
hful
softw
are.
com
05/03/2023 © Copyright www.watchfulsoftware.com. 2015 All Rights Reserved. 18
Secure Information Sharing is RightsWATCH
GOVERNANCE
PROTECTION
LOSSPREVENTION
CLASSIFICATION
to enhance compliance
to uphold policies
to decrease liability
to apply policies
www.
watc
hful
softw
are.
com
05/03/2023 © Copyright www.watchfulsoftware.com. 2015 All Rights Reserved. 19
RightsWATCH is Secure Information Sharing because:
1. It can enforce corporate policies and not rely on users to know, understand, reason with or be willing to apply policies to data
2. It allows data to be shared via any media and still uphold corporate policies
3. It does not impact on users workflows, as it does not demand users to click on any extra buttons, pop-ups, or combo boxes
4. It does not require enterprises to onboard, nor manage “external users” identities
5. It does not require “external users” to have to buy or install any RightsWATCH proprietary software
6. It delivers a comprehensive audit trail that enables leveraging SIEM tools to do data analytics
www.
watc
hful
softw
are.
com
05/03/2023 © Copyright www.watchfulsoftware.com. 2015 All Rights Reserved. 20
1) INTRODUCTION
2) INFORMATION CLASSIFICATION AND SECURE INFORMATION SHARING BECOMING THE STANDARD, NOT BEING THE EXCEPTION ANYMORE
3) POLICY DRIVEN INFORMATION SHARING WITH RIGHTSWATCH
4) Q&A
Agenda
Secure Information Sharing: The External User DilemmaMartin Kuppinger, KuppingerColeRui Melo Biscaia, Watchful Software
Webinar,Wednesday, 16th of December 2015