1 / 26

The future of Data Protection

The future of Data Protection. David Chow. What to learn ?. Overtaking is decided much more by the better line and later brake point than the acceleration and top speed of a car Excellent Brakes – or more abstract: excellent security – makes a Formula 1 car better than its peers.

aminia
Télécharger la présentation

The future of Data Protection

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. The future of Data Protection • David Chow

  2. What to learn ? • Overtaking is decided much more by • the better line and • later brake point than the acceleration and top speed of a car • Excellent Brakes – or more abstract: excellent security – makes a Formula 1 car better than its peers

  3. Translated to the business • Businesses are today under huge pressure to drive fasterincreasing their risk at the same time • In our data driven industries - > the risk for the business is the risk of the data • Best-in-class security is needed • Good data protection makes a business drive faster and overtake their competition

  4. Mobile Devices Case 1: Technology changes increase the risk Virtualization Software as a Service platforms

  5. Case 2: Employee behaviour has changed

  6. Where do data leakages occur? 8% 20% 12% Source: IDG, Study Results from Data Leakage Business Survey, February 2008

  7. Who wants Free WiFi ? Details of online activity are easily captured and can be replicated to get into the account. e.g. FreeWiFi$0Hl($I0{ EOEBEEEJEBCACACACACACACACACACACA($I`HTTP/1.1 200 OKServer: Apache-Coyote/1.1Server: Betex HTTP ServerSet-Cookie: JSESSIONID=C49D0B7439D67452D3D2FFBC3223AB5D; Path=/Set-Cookie: betexPtk=betexLocale%3Den%7EbetexRegion%3DGBR%7EbetexCurrency%3DGBP%7EbetexTi meZone%3DEurope%2FLondon; Domain=.betfair.com; Expires=Sat, 21-Jan-2012 00:44:13 GMT; Path=/Set-Cookie: betexPtkSess=betexRegionSessionCookie%3DGBR%7EbetexLocaleSessionCookie%3Den%7Eb etexSkin%3Dstandard%7EbetexTimeZoneSessionCookie%3DEurope%2FLondon%7EbetexCurre ncySessionCookie%3DGBP%7EbetexBrand%3Dbetfair; Domain=.betfair.com;

  8. Case 3: Sloppiness + underestimated data value 25 million data records lost on 2 unprotected CDs Per data record: Names, addresses, bank details, familiy status, insurance status, tax details Estimated value per record for criminals: 60 GBP p.r. Estimated value of the package: 1.5bn GBP Estimated productivity loss at banks: 2-3bn GBP Estimated cost for prevention: 8.000 GBP Official result of the investigation: „loss of data was entirely avoidable“, „serious flaws in security management, processes, poor communication and low morale“ – a „muddle-through culture“

  9. Recession times are risky Tech staff admit they'd steal secrets if laid off Most IT staff would steal sensitive company information, including CEO's passwords and customer details, if they were laid off, according to a new survey from Cyber-Ark. A staggering 88 percent of IT administrators admitted they would take corporate secrets, if they were made redundant.

  10. Case 4: Professional industry espionage

  11. Lets structure the different cases „Risk increasing“ technologies for data sharing High marketability and monetization of PII data Employee underestimates data value „Risk denying“ behaviour of employees handling data

  12. A model for Data Security RiskexposurE Data valuE

  13. Data Security is always optimization RiskexposurE Data valuE

  14. What do we provide ? • Better end user acceptance: • Transparency for the enduser • Easy Data sharing • Single sign-on • Easy recovery processes • Simplicity = Consistency = Better security • - One management console for • Synchronisation with AD • Fast and easy initial encryption • Transparent keyrings • Quick reports • Expert support: • Local 1st Level support • Best in class partners and services RiskexposurE Data valuE

  15. Raising the optimization curve • Better end user acceptance: • Transparency for the enduser • Easy Data sharing • Single sign-on • Easy recovery processes • Simplicity = Consistency = Better security • - One management console for • Synchronisation with AD • Fast and easy initial encryption • Transparent keyrings • Quick reports • Expert support: • Local 1st Level support • Best in class partners and services RiskexposurE Data valuE

  16. The Sophos advantage • True Value Generation for our customer • Better end user acceptance • Simplicity = Better security • Expert support • => We allow our customersto drive their business faster RiskexposurE Data valuE

  17. Rule No. 1 – protect data everywhere SafeGuard DLP/CMF SafeGuard Data Exchange SafeGuard File & Folder Encryption SafeGuard Device Encryption SafeGuard Port & Config. Protection SafeGuard Management Center SafeGuard Data Exchange SafeGuard Port & Config. Protection SafeGuard Partner Connect Microsoft, Intel, Seagate Deploy on all devices Don´t forget removable media Think about servers and SaaS All users and all computers sync‘ed from the directory One Management console One Reporting and Auditing

  18. Rule No. 2 – Simplicity is better Security Simplicity delivers Least investment Best security • Makes security manageable, ensures consistency • Comprehensive capabilities, without conflicting agents • Ensures compliance across the enterprise • Reduces operational complexities of security • Minimizes training requirements, eliminates need for deep internal security expertise • Ensures high quality and responsive support/service $ 22

  19. Rule No. 3 – Security solutions acting in concert Sophostechnologies Content Behavior Enforcement Authorization Digital nomads combining work and fun

  20. Rule No. 4 – Analyze for weak links Example: Encryption is only secure if your key is secure

  21. Sophos Data Protection pushes your racing line RiskexposurE Data valuE

  22. Any questions ?

More Related