By The Wanderers

1
Securing Cisions Confidential Data with Data
Loss Prevention Systems

• By The Wanderers

2
Outline of contents

• Business Problem and Requirements Scott
• Data Loss Prevention (DLP) Solutions Angel
• Proposed Solution Koonal
• Vendor Comparisons and Architecture Wander
• Company implementation Conclusion Scott

3
Business Problem

• Problem
• Cision needs the capability to exchange
  confidential information securely and easily.
• Cision
• 1200 Employees, 30 offices, 8 countries
• Confidential Data
• Credit Card / Client Information
• Customer privileged data
• Employee personal data
• Business Confidential data
• Secure data from
• Employee Error, Employee Theft

4
Business Solution Requirements

• Required
• Meet the Payment Card Industry (PCI) requirements
  for credit card handling
• Prevent client, business or employee data from
  being incorrectly disclosed internally and
  externally
• Global capabilities with central configuration
  and enforcement
• Out of Scope
• Anti Virus, Firewall, Intrusion Detection
  Systems, Email Spam Filtering
• Limited Other legal requirements No HIPPA or SOX
  requirements

5
Source http//www-uxsup.csx.cam.ac.uk/fanf2/herm
es/doc/talks/2008-04-techlinks/data-protection.jpg

6
DLP Background

• Definition of Data Loss Prevention
• Products that, based on central policies,
  identify, monitor, and protect data at rest, in
  motion, and in use, through deep content
  analysis.
• -Rich Mogull of Securosis
• Other TLAs
• Data Loss Protection
• Data Leak Prevention/Protection
• Information Loss Prevention/Protection
• Information Leak Prevention/Protection
• Extrusion Prevention System
• Content Monitoring and Filtering
• Content Monitoring and Protection

7
DLP Background

• Identify where holes or exit points where leaks
  may occur
• Instant messaging (Yahoo Instant Messaging,
  Windows Live)
• P2P file sharing (e.g. LimeWire case as reported
  by LA Times)
• Media streaming
• Web mail (Yahoo mail, Gmail, Hotmail)
• USB storage devices (ZDNet story from UK)
• Removable drives
• Devices connected through external ports
  (Firewire, serial, parallel)
• FTP server
• Printouts

8
DLP Background
Source Securosis.com http//securosis.com/images/
uploads/Pragmatic_Data_Security-_Data_Protection_D
ecisiionsV2.006_.png
9
DLP Background

• How data are flagged and identified
• Initial predefined policies 
• Social security numbers
• Prescribed in HIPAA, SOX, GLBA, etc. (Bank
  account numbers, Credit card numbers)
• Customized categories based on client needs
• Data Discovery
• Looks into the content and not just the file type
• Examine context considerations (factor in parent
  directories, user group matching)
• Structured data matching (SSN, credit card
  numbers, etc)
• Unstructured data matching (diagrams, source
  codes, media files)
• Fingerprint the data by using one way hash and
  saved in the database         
• Information can then be used to identify
  confidential data elsewhere

10
DLP Background

• Three different levels of DLP solution
• Data in Motion
• Data which uses HTTP, FTP, IM, P2P and SMTP
  protocols are mirrored in the DLP server for
  inspection where visibility is enhanced
• Data at Rest
• Data in file servers, databases, hosts computers
  set for file sharing, etc.
• Data at End Points
• Data which sits on end user hosts (workstations
  and notebooks)

11
DLP Background

• Technical Feature Considerations
• Deep content analysis, monitoring and prevention
• Identification and blocking capability
• Centralized Management
• ?Central policy setting, dashboard features
• Broad content management across platforms and
  ease of Integration
• Review of information infrastructure including
  software for requirement and compatibility issues
• Automated remediation
• Transfer confidential files, LDAP lookup, secure
  purging of sensitive data
• Business Environment Considerations
• Matching with Business Need
• Matches defined business need over feature allure
• Market Presence
• Major presence in the market, financial industry
  experience
• Staffing Needs
• ?Staffing considerations to handle additional
  responsibilities

12
 
Solution Selection

• The Selection
• Given that the business problem of to be able to
  exchange confidential information securely and
  easily,
• We believe that a DLP solution have the ability
  to address such need by identifying and securing
  confidential data in a comprehensive and
  efficient manner as described in the guidelines
  above,
• We select Websense as a representative of such
  DLP solution which has met all criteria mentioned
  above.
• Websense
• Global leader in integrated Web security, data
  security, and email security solutions.
• Protects approximately 40 million employees at
  more than 40,000 organizations worldwide
• Core strength in Web filtering, discovery and
  classification of content
• Source http//www.websense.com/content/aboutus.as
  px

13
DLP Solution

• Websense Data Security Suite
• Data Discovery
• Data Protect
• Data Monitor
• Data Endpoint

14
DLP Solution

• Data Discovery
• Software-based solution that remotely scans
  specified network file shares, databases, email
  servers, data repositories, and desktops to
  discover and classify confidential data on these
  systems
• Automated remediation of unsecured confidential
  data on data repositories, such as encryption,
  file removal, etc
• 370 different types of file definitions

15
DLP Solution

• Data Protection
• Protects data with policy-based controls that map
  to business processes
• Automated, policy-based enforcement options
  including block, quarantine, file removal,
  encrypt, audit and log, user notification in real
  time.

16
(No Transcript)
17
DLP Solution

• Data Monitor
• Monitors and identifies what customer data is at
  risk who is using the data in real time and
  where this data is going
• Precise ID technology

18
DLP Solution

• Data Endpoint
• Provides endpoint security and control over what
  confidential data is and should be stored
  (through local discovery)
• Who is using it
• How it is being used (with what applications)
• Where it is being transferred (USB storage,
  printer)

19
(No Transcript)
20
DLP Solution
Websense Data Security Suite in Action (Case
Miss Bea Haven)
21
Alternative Vendors (Considerations)

22
Alternative Vendors (Comparison)
23
DLP Solution

• Deployment Architecture
• Windows Enterprise Network
• 500 2,500 Users

24
DLP Solution

• Deployment Architecture
• Windows Enterprise Network
• 500 2,500 Users

25
Company Implementation

• Project Implementation Cost Estimates

26
(No Transcript)
27
Company Feasibility
Requirements Support
Other Considerations
28
Conclusion

• Cision needs to add DLP capabilities to their
  current security solutions to meet the business
  needs.
• Websense meets the requirements
• Websense is well positioned to grow with Cisions
  future needs.
• Your mileage may vary

29
Questions? Preguntas? Pangutana?
Tanong? Perguntas? ???????????
30
DONT BE A MISS BEA HAVIN!
31
The Wanderers